3357 matches found
CVE-2023-52267
ehttp 1.0.6 before 17405b9 has a simplelog.cpp log out-of-bounds-read during error logging for long strings...
CVE-2023-52267
ehttp 1.0.6 before 17405b9 has a simplelog.cpp log out-of-bounds-read during error logging for long strings...
PT-2023-31950 · Ehttp · Ehttp
Name of the Vulnerable Software and Affected Versions: ehttp version 1.0.6 before 17405b9 Description: The issue is related to an out-of-bounds read in the simple log.cpp file during error logging for long strings. Recommendations: For ehttp version 1.0.6 before 17405b9, consider updating to a...
p5-Spreadsheet-ParseExcel -- Remote Code Execution Vulnerability
Spreadsheet-ParseExcel reports: Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution ACE vulnerability due to passing unvalidated input from a file into a string-type eval "eval". Specifically, the...
Advisory ROSA-SA-2023-2317
Software: libinput 1.16.3 OS: ROSA Virtualization 2.1 packageevrstring: libinput-1.16.3-3.rv3.src.rpm CVE-ID: CVE-2022-1215 BDU-ID: 2022-02695 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the evdevlogmsg function of the libinput library's libinput implementation of the X.Org and Wayland display...
VulnCheck KEV: CVE-2023-7101
Spreadsheet::ParseExcel contains a remote code execution vulnerability due to passing unvalidated input from a file into a string-type “eval”. Specifically, the issue stems from the evaluation of Number format strings within the Excel parsing logic...
DEBIAN-CVE-2023-7101
Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution ACE vulnerability due to passing unvalidated input from a file into a string-type “eval”. Specifically, the issue stems from the evaluation of...
CVE-2023-7101
Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution ACE vulnerability due to passing unvalidated input from a file into a string-type “eval”. Specifically, the issue stems from the evaluation of...
Format string
Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution ACE vulnerability due to passing unvalidated input from a file into a string-type “eval”. Specifically, the issue stems from the evaluation of...
UBUNTU-CVE-2023-7101
Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution ACE vulnerability due to passing unvalidated input from a file into a string-type “eval”. Specifically, the issue stems from the evaluation of...
CVE-2023-7101 Arbitrary Code Execution (ACE) Vulnerability
Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution ACE vulnerability due to passing unvalidated input from a file into a string-type “eval”. Specifically, the issue stems from the evaluation of...
CVE-2023-7101 Arbitrary Code Execution (ACE) Vulnerability
Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution ACE vulnerability due to passing unvalidated input from a file into a string-type “eval”. Specifically, the issue stems from the evaluation of...
CVE-2023-7101
Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution ACE vulnerability due to passing unvalidated input from a file into a string-type “eval”. Specifically, the issue stems from the evaluation of...
CVE-2023-7101
Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution ACE vulnerability due to passing unvalidated input from a file into a string-type “eval”. Specifically, the issue stems from the evaluation of...
CVE-2023-25650
There is an arbitrary file download vulnerability in ZXCLOUD iRAI. Since the backend does not escape special strings or restrict paths, an attacker with user permission could access the download interface by modifying the request parameter, causing arbitrary file downloads...
The vulnerability of the cm_processChangedConfigMsg function in ASUS’ Wi-Fi router microprogramming systems, such as the RT-AX56U V2 and RT-AC86U models, allows a hacker to execute arbitrary code or cause malfunctions in the device.
The vulnerability of the cmprocessChangedConfigMsg function in ASUS’ Wi-Fi router microprogramming systems, such as the RT-AX56U V2 and RT-AC86U models, is related to the use of uncontrolled format strings. Exploiting this vulnerability could allow an attacker to execute arbitrary code or cause...
CVE-2023-5637
Unrestricted Upload of File with Dangerous Type vulnerability in ArslanSoft Education Portal allows Read Sensitive Strings Within an Executable.This issue affects Education Portal: before v1.1...
CVE-2023-5637
Unrestricted Upload of File with Dangerous Type vulnerability in ArslanSoft Education Portal allows Read Sensitive Strings Within an Executable. This issue affects Education Portal: before v1.1...
CVE-2023-5637
ArslanSoft Education Portal (before v1.1) is affected by CVE-2023-5637 due to an Unrestricted Upload of File with Dangerous Type vulnerability, which allows reading sensitive strings within an executable. The issue is described as a code issue in the Education Portal prior to v1.1. Exploitation d...
CVE-2023-5637 Plaintext Storage of a Password in ArslanSoft's Education Portal
Unrestricted Upload of File with Dangerous Type vulnerability in ArslanSoft Education Portal allows Read Sensitive Strings Within an Executable. This issue affects Education Portal: before v1.1...