The vulnerability of the isUCPCameraNameChanged function in the /sbin/ucp file of the D-Link DCS-932L microprogrammed IP camera allows a intruder to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the isUCPCameraNameChanged function in the /sbin/ucp file of the D-Link DCS-932L microprogrammed camera software is related to buffer overflow in the stack. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility o...

CVE-2022-23732

A path traversal vulnerability was identified in GitHub Enterprise Server management console that allowed the bypass of CSRF protections. This could potentially lead to privilege escalation. To exploit this vulnerability, an attacker would need to target a user that was actively logged into the...

CVE-2022-22723

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could lead to a buffer overflow causing program crashes and arbitrary code execution when specially crafted packets are sent to the device over the network. Protection functions and tripping function via GOOSE can be...

CVE-2022-46256

A path traversal vulnerability was identified in GitHub Enterprise Server that allowed remote code execution when building a GitHub Pages site. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the instance. This vulnerability was fixed in...

CVE-2022-23733

A stored XSS vulnerability was identified in GitHub Enterprise Server that allowed the injection of arbitrary attributes. This injection was blocked by Github's Content Security Policy CSP. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.6 and was fixed in versions...

CVE-2022-20235

The PowerVR GPU kernel driver maintains an "Information Page" used by its cache subsystem. This page can only be written by the GPU driver itself, but prior to DDK 1.18 however, a user-space program could write arbitrary data to the page, leading to memory corruption issues.Product:...

CVE-2021-45385

A Null Pointer Dereference vulnerability exits in ffjpeg d5cfd49 2021-12-06 in bmpload. When the size information in metadata of the bmp is out of range, it returns without assign memory buffer to pb-pdata and did not exit the program. So the program crashes when it tries to access the pb-data, i...

CVE-2021-20586

Resource management errors vulnerability in a robot controller of MELFA FR Seriescontroller "CR800-VD" of RV-FR-D- all versions, controller "CR800-HD" of RH-FRH-D- all versions, controller "CR800-HRD" of RH-FRHR-D- all versions, controller "CR800-VR with R16RTCPU" of RV-FR-R- all versions,...

CVE-2021-37401

An attacker may obtain the user credentials from file servers, backup repositories, or ZLD files saved in SD cards. As a result, the PLC user program may be uploaded, altered, and/or downloaded...

CVE-2021-22743

Improper Check for Unusual or Exceptional Conditions vulnerability exists in Triconex TCM 4351B installed on Tricon V11.3.x systems that could cause module reset when TCM receives malformed TriStation packets while the write-protect keyswitch is in the program position...

CVE-2021-36410

A stack-buffer-overflow exists in libde265 v1.0.8 via fallback-motion.cc in function putepelhvfallback when running program dec265...

CVE-2021-35448

Emote Interactive Remote Mouse 3.008 on Windows allows attackers to execute arbitrary programs as Administrator by using the Image Transfer Folder feature to navigate to cmd.exe. It binds to local ports to listen for incoming connections...

CVE-2021-29517

TensorFlow is an end-to-end open source platform for machine learning. A malicious user could trigger a division by 0 in Conv3D implementation. The implementationhttps://github.com/tensorflow/tensorflow/blob/42033603003965bffac51ae171b51801565e002d/tensorflow/core/kernels/convops3d.ccL143-L145 do...

CVE-2021-21267

Schema-Inspector is an open-source tool to sanitize and validate JS objects npm package schema-inspector. In before version 2.0.0, email address validation is vulnerable to a denial-of-service attack where some input for example...

CVE-2021-20790

Improper control of program execution vulnerability in RevoWorks Browser 2.1.230 and earlier allows an attacker to execute an arbitrary command or code via unspecified vectors...

CVE-2021-20608

Improper Handling of Length Parameter Inconsistency vulnerability in Mitsubishi Electric GX Works2 versions 1.606G and prior allows a remote unauthenticated attacker to cause a DoS condition in GX Works2 by getting GX Works2 to read a tampered program file from a Mitsubishi Electric PLC by sendin...

CVE-2021-0074

Improper permissions in the installer for the IntelR Computing Improvement Program software before version 2.4.5982 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2021-22747

Improper Check for Unusual or Exceptional Conditions vulnerability exists in Triconex Model 3009 MP installed on Tricon V11.3.x systems that could cause module reset when TCM receives malformed TriStation packets while the write-protect keyswitch is in the program position. This CVE ID is unique...

CVE-2021-3013

ripgrep before 13 on Windows allows attackers to trigger execution of arbitrary programs from the current working directory via the -z/--search-zip or --pre flag...

CVE-2021-29563

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by exploiting a CHECK-failure coming from the implementation of tf.rawops.RFFT. Eigen code operating on an empty matrix can trigger on an assertion and will cause program termination...