ripgrep 命令注入漏洞

Ripgrep is a line-oriented search tool for applications that recursively searches the current directory for regular expression patterns. Ripgrep suffers from a command injection vulnerability that stems from Ripgrep before 13 that allows an attacker to trigger the execution of an arbitrary progra...

CVE-2021-29533

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a CHECK failure by passing an empty image to tf.rawops.DrawBoundingBoxes. This is because the...

Unisys Desktop OS Personal Edition (1030) x86_64 has a logic flaw vulnerability

Unisys Desktop Operating System Personal Edition is Unisys software based on Linux5.3 kernel to create a domestic desktop operating system designed for individual users. Unisign Desktop OS Personal Edition 1030 x8664 has a logic flaw vulnerability, which can be exploited by an attacker to bypass...

Critical Cisco Jabber Bug Could Let Attackers Hack Remote Systems

Cisco on Wednesday released software updates to address multiple vulnerabilities affecting its Jabber messaging clients across Windows, macOS, Android, and iOS. Successful exploitation of the flaws could permit an "attacker to execute arbitrary programs on the underlying operating system with...

Design/Logic Flaw

Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic,...

Design/Logic Flaw

Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic,...

CVE-2021-1471 Cisco Jabber Desktop and Mobile Client Software Vulnerabilities

Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic,...

CVE-2021-1471

Cisco Jabber for Windows, macOS, and mobile platforms were affected by multiple vulnerabilities leading to possible remote code execution with the user’s privileges, access to sensitive data, interception of protected traffic, or DoS. Cisco notes these originate from Cisco Jabber components and h...

Design/Logic Flaw

Resource management errors vulnerability in a robot controller of MELFA FR Seriescontroller "CR800-VD" of RV-FR-D- all versions, controller "CR800-HD" of RH-FRH-D- all versions, controller "CR800-HRD" of RH-FRHR-D- all versions, controller "CR800-VR with R16RTCPU" of RV-FR-R- all versions,...

Selea CarPlateServer 4.0.1.6 Remote Program Execution

Selea CarPlateServer CPS v4.0.1.6 Remote Program Execution Vendor: Selea s.r.l. Product web page: https://www.selea.com Affected version: 4.0.1.6210120 4.013201105 3.100200225 3.005191206 3.005191112 Summary: Our CPS Car Plate Server software is an advanced solution that can be installed on...

Selea CarPlateServer (CPS) 4.0.1.6 - Remote Program Execution

Exploit Title: Selea CarPlateServer CPS 4.0.1.6 - Remote Program Execution Date: 08.11.2020 Exploit Author: LiquidWorm Vendor Homepage: https://www.selea.com Selea CarPlateServer CPS v4.0.1.6 Remote Program Execution Vendor: Selea s.r.l. Product web page: https://www.selea.com Affected version:...

CVE-2020-26085

Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system OS with elevated privileges or gain access to sensitive information. For more information about these...

Information disclosure

Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system OS with elevated privileges or gain access to sensitive information. For more information about these...

CVE-2020-26085

CVE-2020-26085 and related Cisco Jabber vulnerabilities affect Cisco Jabber Desktop and Mobile Client (Windows, macOS, and mobile). The connected sources describe multiple flaws that could allow an attacker to execute arbitrary code or access sensitive information on the underlying OS, with netwo...

Telerik Fiddler Code Injection Vulnerability

Telerik Fiddler is an HTTP protocol debugging proxy tool. A code injection vulnerability exists in Telerik Fiddler 5.0.20202.18177 and earlier versions, which allows an attacker to execute an arbitrary program via a hostname with a space character at the end, followed by the --utility-and-browser...

CVE-2020-27134

Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system OS with elevated privileges or gain access to sensitive information. For more information about these...

CVE-2020-27132

Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system OS with elevated privileges or gain access to sensitive information. For more information about these...

CVE-2020-27127

Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system OS with elevated privileges or gain access to sensitive information. For more information about these...

CVE-2020-27133

CVE-2020-27133 is a Cisco Jabber Desktop and Mobile Client vulnerability family affecting Cisco Jabber for Windows, MacOS, and mobile platforms. The CVE entries arise from multiple issues in message handling and input validation: CVE-2020-26085 (XMPP message handling leading to remote code execut...

KLA12059 Multiple vulnerabilities in Cisco Jabber

Multiple vulnerabilities were found in Cisco Jabber. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A command injection vulnerability in Cisco Jabber can be...