(Pwn2Own) QNAP TS-464 authLogin SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of QNAP TS-464 NAS devices. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the authLogin...

Path Traversal

@hono/node-server is vulnerable to Path Traversal. The vulnerability is due to improper url string validation in src/request.ts, allowing an attacker to use .. in the request URL to access arbitrary files on the static server...

c-ares: buffer overflow in config_sortlist() due to missing string length check

A flaw was found in the c-ares package. The aressetsortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity...

CVE-2022-43644

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-825 1.0.9/EE routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Dreambox plugin for the xupnpd service, which listens on T...

CVE-2022-42433

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR841N TL-WR841NUSV14220121 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

SUSE CVE-2017-13766

In Wireshark 2.4.0 and 2.2.0 to 2.2.8, the Profinet I/O dissector could crash with an out-of-bounds write. This was addressed in plugins/profinet/packet-dcerpc-pn-io.c by adding string validation...

USN-5816-1 firefox vulnerabilities

Niklas Baumstark discovered that a compromised web child process of Firefox could disable web security opening restrictions, leading to a new child process being spawned within the file:// context. An attacker could potentially exploits this to obtain sensitive information. CVE-2023-23597 Tom...

CVE-2022-32200

libdwarf 0.4.0 has a heap-based buffer over-read in dwarfcheckstringvalid in dwarfutil.c...

UBUNTU-CVE-2022-32200

libdwarf 0.4.0 has a heap-based buffer over-read in dwarfcheckstringvalid in dwarfutil.c...

CVE-2021-46339

There is an Assertion 'litisvalidcesu8string stringp, stringsize' failed at /base/ecma-helpers-string.cecmanewecmastringfromutf8 in JerryScript 3.0.0...

CVE-2021-34994

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the DataProvider...

PT-2021-4467 · Cisco · Cisco Ios Xe +1

Name of the Vulnerable Software and Affected Versions: Cisco IOS Software and Cisco IOS XE Software affected versions not specified Description: A vulnerability in the Voice Telephony Service Provider VTSP service could allow an unauthenticated, remote attacker to bypass configured destination...

openSUSE: Security Advisory for gimp (openSUSE-SU-2021:0027-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE Security Update : gimp (openSUSE-2021-27)

This update for gimp fixes the following issues : - CVE-2017-17784: Fixed an insufficient string validation for input names bsc1073624. - CVE-2017-17785: Fixed an heap-based buffer overflow in FLI import bsc1073625. - CVE-2017-17786: Fixed an out-of-bounds read in TGA bsc1073626. This update was...

OPENSUSE-SU-2021:0027-1 Security update for gimp

This update for gimp fixes the following issues: - CVE-2017-17784: Fixed an insufficient string validation for input names bsc1073624. - CVE-2017-17785: Fixed an heap-based buffer overflow in FLI import bsc1073625. - CVE-2017-17786: Fixed an out-of-bounds read in TGA bsc1073626. This update was...

Security update for gimp (moderate)

openSUSE Security Update: Security update for gimp Announcement ID: openSUSE-SU-2021:0027-1 Rating: moderate References: 1073624 1073625 1073626 Cross-References: CVE-2017-17784 CVE-2017-17785 CVE-2017-17786 Affected Products: openSUSE Leap 15.1 An update that fixes three vulnerabilities is now...

SUSE-SU-2021:0015-1 Security update for gimp

This update for gimp fixes the following issues: - CVE-2017-17784: Fixed an insufficient string validation for input names bsc1073624. - CVE-2017-17785: Fixed an heap-based buffer overflow in FLI import bsc1073625. - CVE-2017-17786: Fixed an out-of-bounds read in TGA bsc1073626...

SUSE-SU-2021:0014-1 Security update for gimp

This update for gimp fixes the following issues: - CVE-2017-17784: Fixed an insufficient string validation for input names bsc1073624. - CVE-2017-17785: Fixed an heap-based buffer overflow in FLI import bsc1073625. - CVE-2017-17786: Fixed an out-of-bounds read in TGA bsc1073626...

(0Day) CentOS Web Panel ajax_ftp_manager Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxftpmanager.php. The issue results from the lack of proper validation of a...

MadsKristensen.AspNetCore.Miniblog subject to Improper Input Validation

madskristensen Miniblog.Core through 2019-01-16 allows remote attackers to execute arbitrary ASPX code via an IMG element with a data: URL, because SaveFilesToDisk in Controllers/BlogController.cs writes a decoded base64 string to a file without validating the extension...