EUVD-2004-1215

Malware in sbrugna...

Stack overflow

Delta Electronics DIAScreen versions 1.2.1.23 and prior are vulnerable to a stack-based buffer overflow, which could allow an attacker to remotely execute arbitrary code...

Synology DiskStation Manager (DSM) 6.2.x < 6.2.3-25426-3 Multiple Vulnerabilities (Synology-SA-20:26) - Remote Known Vulnerable Versions Check

Synology DiskStation Manager DSM is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Democritus Project d8s-yaml Code Execution Vulnerability

Democritus Project is a collection of simple, effective, modular, well-tested and well-documented features from Democritus. A code execution vulnerability exists in Democritus Project d8s-yaml version 0.1.0, which stems from the presence of a potential code execution package democritus-file-syste...

Democritus Project d8s-asns democritus-csv code execution vulnerability

Democritus Project is a collection of simple, effective, modular, well-tested and well-documented features from Democritus. A backdoor vulnerability exists in Democritus Project d8s-asns version 0.1.0, which stems from the presence of a potential code execution package democritus-csv inserted by ...

Democritus Project d8s-networking Code Execution Vulnerability

Democritus Project is a collection of simple, effective, modular, well-tested and well-documented features from Democritus. A backdoor vulnerability exists in Democritus Project d8s-networking version 0.1.0, which stems from the presence of a potential code execution package democritus-hashes...

CVE-2022-30190 (Follina) vulnerability in MSDT: description and counteraction

At the end of May, researchers from the naosec team reported a new zero-day vulnerability in Microsoft Support Diagnostic Tool MSDT that can be exploited using Microsoft Office documents. It allowed attackers to remotely execute code on Windows systems, while the victim could not even open the...

Ponton X/P Messenger path traversal vulnerability

PONTON X/P Messenger is a highly configurable ebXML, AS/1, AS/2, AS/3 and AS/4 compliant messaging software from the German company PONTON. ponton X/P Messenger is vulnerable to a path traversal vulnerability that could be exploited by an attacker to upload executable scripts while obtaining...

F-Secure SAFE Browser for Android跨站脚本漏洞

F-Secure F-Secure SAFE is a suite of antivirus software from the Finnish company F-Secure F-secure.F-Secure SAFE Browser for Android is vulnerable to cross-site scripting, which can be exploited by attackers to remotely execute JavaScript and trigger generic cross-site scripting through the brows...

Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability

The Simple Network Management Protocol SNMP subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code...

Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability

The Simple Network Management Protocol SNMP subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code...

Out-of-bounds

The FANUC R-30iA and R-30iB series controllers are vulnerable to an out-of-bounds write, which may allow an attacker to remotely execute arbitrary code. INIT START/restore from backup required...

Command injection

Mesa Labs AmegaView version 3.0 is vulnerable to a command injection, which may allow an attacker to remotely execute arbitrary code...

IBM Cognos Analytics Remote Code Execution Vulnerability

A remote code execution vulnerability exists in IBM Cognos Analytics version 11.1.7, 11.2.0, a suite of business intelligence software from IBM Corporation that provides valuable information, secure data governance, and reporting. The vulnerability stems from incorrect neutralization of...

Libmobi Out-of-Bounds Write Vulnerability

Libmobi is a C library . Used to handle Mobipocket/Kindle MOBI e-book format documents. An out-of-bounds write vulnerability exists in Libmobi, which can be exploited by an attacker to remotely execute code...

ForgeRock AM code issue vulnerability

ForgeRock AM is an open source access management, privilege control platform with widespread use in universities and social organizations.ForgeRock AM is vulnerable to a code issue that could be exploited by an unauthenticated attacker to remotely execute arbitrary code by constructing a special...

Magic Home Pro 1.5.1 Authentication Bypass

Exploit Title: Magic Home Pro 1.5.1 - Authentication Bypass Google Dork: NA Date: 22 October 2020 Exploit Author: Victor Hanna Trustwave SpiderLabs Author Github Page: https://9lyph.github.io/CVE-2020-27199/ Vendor Homepage: http://www.zengge.com/appkzd Software Link:...

Magic Home Pro 1.5.1 - Authentication Bypass

Exploit Title: Magic Home Pro 1.5.1 - Authentication Bypass Google Dork: NA Date: 22 October 2020 Exploit Author: Victor Hanna Trustwave SpiderLabs Author Github Page: https://9lyph.github.io/CVE-2020-27199/ Vendor Homepage: http://www.zengge.com/appkzd Software Link:...

[SECURITY] [DSA 4404-1] chromium security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4404-1 [email protected] https://www.debian.org/security/ Michael Gilbert March 09, 2019 https://www.debian.org/security/faq -...

CVE-2017-18047

Buffer Overflow in the FTP client in LabF nfsAxe 3.7 allows remote FTP servers to execute arbitrary code via a long reply...