CVE-2023-34308

Ashlar-Vellum Graphite VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Graphite. User interaction is required to exploit this vulnerability in that the target...

CVE-2023-32174

Unified Automation UaGateway NodeManagerOpcUa Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Unified Automation UaGateway. Authentication is required to exploit this vulnerability when the produ...

CVE-2023-51581 Voltronic Power ViewPower MacMonitorConsole Exposed Dangerous Method Remote Code Execution Vulnerability

Voltronic Power ViewPower MacMonitorConsole Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower. Authentication is not required to exploit this vulnerability. The...

CVE-2023-27346

TP-Link AX1800 Firmware Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link AX1800 routers. Authentication is not required to exploit this vulnerability. The...

CVE-2023-27335

Softing edgeAggregator Client Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing edgeAggregator. User interaction is required to exploit this vulnerability in that the target must visi...

CVE-2023-27332

TP-Link Archer AX21 tdpServer Logging Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Archer AX21 routers. Authentication is not required to exploit this...

CVE-2023-51560 Foxit PDF Reader Annotation Type Confusion Remote Code Execution Vulnerability

Foxit PDF Reader Annotation Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious...

CVE-2023-51557

CVE-2023-51557 affects Foxit PDF Reader/Editor (AcroForm Doc handling). The flaw is a Use-After-Free in Doc objects due to not validating the existence of an object before operations, allowing code execution in the current process. Exploitation requires user interaction (visiting a malicious page...

CVE-2023-50215 D-Link G416 nodered gz File Handling Command Injection Remote Code Execution Vulnerability

D-Link G416 nodered gz File Handling Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific...

CVE-2023-50213

CVE-2023-50213 affects D-Link G416 routers. The vulnerability is a command-injection flaw in the HTTP service on port 80, arising from inadequate validation of a user-supplied string before it is used to run a system call. This allows network-adjacent attackers to execute arbitrary code with root...

CVE-2023-50209 D-Link G416 cfgsave Stack-Based Buffer Overflow Remote Code Execution Vulnerability

D-Link G416 cfgsave Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 wireless routers. Authentication is not required to exploit this vulnerability. The specific...

CVE-2023-50208 D-Link G416 ovpncfg Stack-based Buffer Overflow Remote Code Execution Vulnerability

D-Link G416 ovpncfg Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw...

CVE-2023-50202

CVE-2023-50202 affects the D-Link G416 flupl pythonmodules component. The issue is a command injection in the HTTP service on port 80 caused by improper validation of a user-supplied string before executing a system call, allowing network-adjacent attackers to execute code with root privileges. T...

CVE-2023-50200 D-Link G416 cfgsave backusb Command Injection Remote Code Execution Vulnerability

D-Link G416 cfgsave backusb Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exist...

CVE-2023-50188 Trimble SketchUp Viewer SKP File Parsing Uninitialized Variable Remote Code Execution Vulnerability

Trimble SketchUp Viewer SKP File Parsing Uninitialized Variable Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the...

CVE-2023-44448

CVE-2023-44448 affects TP-Link Archer A54 routers via a stack-based buffer overflow in the libcmm.so module (dm_fillObjByStr). The flaw arises from insufficient validation of user-supplied data length before copying into a fixed-size stack buffer, allowing a network-adjacent attacker to execute a...

CVE-2023-44438 Ashlar-Vellum Argon Uncontrolled Search Path Element Remote Code Execution Vulnerability

Ashlar-Vellum Argon Uncontrolled Search Path Element Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Argon. User interaction is required to exploit this vulnerability in that the target must visit...

CVE-2023-44427 D-Link DIR-X3260 SetSysEmailSettings SMTPServerAddress Command Injection Remote Code Execution Vulnerability

D-Link DIR-X3260 SetSysEmailSettings SMTPServerAddress Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Although authentication is required to exploit this...

CVE-2023-44427

Summary of CVE-2023-44427 : Affects D-Link DIR-X3260 routers. The flaw resides in the prog.cgi handling of HNAP requests to the lighttpd webserver on ports 80/443, where a user-supplied string is not properly validated before being passed to a system call. This enables a network-adjacent attacker...

CVE-2023-44426 D-Link DIR-X3260 SetSysEmailSettings AccountPassword Command Injection Remote Code Execution Vulnerability

D-Link DIR-X3260 SetSysEmailSettings AccountPassword Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Although authentication is required to exploit this...