162 matches found
CVE-2026-3437
An Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Portwell Engineering Toolkits version 4.8.2 could allow a local authenticated attacker to read and write to arbitrary memory via the Portwell Engineering Toolkits driver. Successful exploitation of this...
CVE-2026-3437
An improper restriction of operations within the bounds of a memory buffer vulnerability in Portwell Engineering Toolkits version 4.8.2 could allow a local authenticated attacker to read and write to arbitrary memory via the Portwell Engineering Toolkits driver. Successful exploitation of this...
CVE-2026-3437 Improper Restriction of Operations within the Bounds of a Memory Buffer in Portwell Engineering Toolkits
An improper restriction of operations within the bounds of a memory buffer vulnerability in Portwell Engineering Toolkits version 4.8.2 could allow a local authenticated attacker to read and write to arbitrary memory via the Portwell Engineering Toolkits driver. Successful exploitation of this...
CVE-2026-3437 Improper Restriction of Operations within the Bounds of a Memory Buffer in Portwell Engineering Toolkits
An improper restriction of operations within the bounds of a memory buffer vulnerability in Portwell Engineering Toolkits version 4.8.2 could allow a local authenticated attacker to read and write to arbitrary memory via the Portwell Engineering Toolkits driver. Successful exploitation of this...
CVE-2026-3437
An improper restriction of operations within the bounds of a memory buffer vulnerability in Portwell Engineering Toolkits version 4.8.2 could allow a local authenticated attacker to read and write to arbitrary memory via the Portwell Engineering Toolkits driver. Successful exploitation of this...
CVE-2026-3437
CVE-2026-3437 affects Portwell Engineering Toolkits (version 4.8.2). The issue is an improper restriction of operations within the bounds of a memory buffer in the Portwell Toolkits driver, enabling a local authenticated attacker to read and write arbitrary memory. Exploitation could lead to priv...
EUVD-2026-9310
An Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Portwell Engineering Toolkits version 4.8.2 could allow a local authenticated attacker to read and write to arbitrary memory via the Portwell Engineering Toolkits driver. Successful exploitation of this...
Portwell Engineering Toolkits ē¼å²åŗé误ę¼ę“
Portwell Engineering Toolkits is a software development and management toolkit developed by Portwell Company in Singapore. Version 4.8.2 of Portwell Engineering Toolkits contains a buffer error vulnerability. This vulnerability stems from improper restrictions on memory buffer operations, which m...
PT-2026-22767
Name of the Vulnerable Software and Affected Versions Portwell Engineering Toolkits version 4.8.2 Description An improper restriction of operations within the bounds of a memory buffer in the Portwell Engineering Toolkits driver allows a local authenticated attacker to read and write to arbitrary...
š Xerte Online Toolkits 3.14 Shell Upload
A vulnerability in Xerte Online Toolkits versions 3.14 and earlier allows unauthenticated users to upload arbitrary files via the template import functionality. The issue exists in /websitecode/php/import/import.php. Due to missing authentication checks on the import endpoint, an attacker can...
Xerte Online Toolkits Arbitrary File Upload - Unauthenticated Template Import
This module exploits an authentication bypass allowing arbitrary file upload in versions 3.14 and earlier to upload and execute a shell. Specifically, this targets /websitecode/php/import/import.php OPSEC This module results in directories being created and database entries which can not easily b...
Xerte Online Toolkits Arbitrary File Upload - Import Language
This module exploits an authentication bypass allowing arbitrary file upload in versions 3.14 and earlier to upload and execute a shell. Module Options msf use exploit/multi/http/xerteunauthenticatedimportlanguage msf exploitxerteunauthenticatedimportlanguage show targets ...targets... msf...
š Xerte Online Toolkits 3.14 Import Language Shell Upload
This Metasploit module exploits an authentication bypass allowing arbitrary file upload in Xerte Online Toolkits versions 3.14 of and earlier to upload and execute a shell. This module requires Metasploit: https://metasploit.com/download Current source:...
š Xerte Online Toolkits 3.14 Template Import Shell Upload
This Metasploit module exploits an authentication bypass allowing arbitrary file upload in Xerte Online Toolkits versions 3.14 and earlier to upload and execute a shell. Specifically, this targets /websitecode/php/import/import.php. Note: this Metasploit module results in directories being create...
š Xerte Online Toolkits 3.14 Upload Image Shell Upload
This Metasploit module exploits the user template file import functions unrestricted file upload in Xerte Online Toolkits versions 3.14 and earlier to upload and execute a shell. This targets editor/uploadImage.php. This has only been tested in implementations where the authentication type is Db...
CVE-2025-20106
Uncontrolled search path in some software installer for some VTuneTM Profiler software and IntelR oneAPI Base Toolkits before version 2025.0. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity...
CVE-2025-20106
Uncontrolled search path in some software installer for some VTuneTM Profiler software and IntelR oneAPI Base Toolkits before version 2025.0. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity...
Intel VTune ProfileråIntel oneAPI Toolkits 代ē é®é¢ę¼ę“
Intel VTune Profiler and Intel oneAPI Toolkits are products of Intel Corporation, a US company. Intel VTune Profiler is a performance testing tool designed to optimize software. This software can be used for performance testing in IoT embedded applications, media software, Java applications, and...
VTune⢠Profiler Software Advisory
Summary: A potential security vulnerability in some VTune⢠Profiler software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2025-20106 Description: Uncontrolled search path in some software install...
CVE-2023-29242
Improper access control for IntelR oneAPI Toolkits before version 2021.1 Beta 10 may allow an authenticated user to potentially enable escalation of privilege via local access...