36 matches found
Security Bypass Vulnerability in Multiple Mozilla Products (CNVD-2024-10439)
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the U.S.A. Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is email client software that supports the IMAP and POP mail protocols as well as the HTML mail format. A...
Dell BIOS Input Validation Error Vulnerability (CNVD-2023-14506)
Dell BIOS is embedded software on a small memory chip on a computer motherboard from Dell, U.S.A. An input validation error vulnerability exists in Dell BIOS, which stems from incorrect input validation. An attacker could use the SMI Serial Interface to execute arbitrary code in SMRAM...
Dell BIOS Input Validation Error Vulnerability (CNVD-2023-08762)
Dell BIOS is embedded software on a small memory chip on a computer motherboard from Dell, U.S.A. An input validation error vulnerability exists in Dell BIOS, which could be exploited by a locally authenticated attacker to obtain arbitrary code execution in SMRAM using SMI...
Dell BIOS Input Validation Error Vulnerability (CNVD-2023-08765)
Dell BIOS is embedded software on a small memory chip on a computer motherboard from Dell, U.S.A. An input validation error vulnerability exists in Dell BIOS, which can be exploited by a locally authenticated attacker to obtain arbitrary code execution in SMRAM by using SMI...
Adobe InCopy Buffer Overflow Vulnerability (CNVD-2022-55642)
Adobe InCopy is a text editing software for creative writing from Adobe, USA. Adobe InCopy suffers from a buffer overflow vulnerability that originates from a boundary error when handling untrusted input. A remote attacker could exploit this vulnerability to execute arbitrary code on the system...
Dell BIOS Input Validation Error Vulnerability (CNVD-2022-85078)
Dell BIOS is embedded software on a small memory chip on a computer motherboard from Dell, U.S.A. An input validation error vulnerability exists in Dell BIOS, which can be exploited by a locally authenticated attacker to bypass security controls in SMM by sending malicious input to SMI...
Adobe InCopy Out-of-Bounds Write Vulnerability (CNVD-2022-50232)
Adobe InCopy is a text editing software for creative writing from Adobe, USA. Adobe InCopy suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to execute arbitrary code in the context of the current user...
Adobe InCopy Out-of-Bounds Write Vulnerability (CNVD-2022-50231)
Adobe InCopy is a text editing software for creative writing from Adobe, USA. Adobe InCopy suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to execute arbitrary code in the context of the current user...
Adobe InCopy Resource Management Error Vulnerability (CNVD-2022-48783)
Adobe InCopy is a text editing software for authoring from Adobe U.S.A. A resource management error vulnerability exists in Adobe InCopy. An attacker can exploit this vulnerability to execute arbitrary code in the context of the current user...
Adobe InCopy out-of-bounds write vulnerability (CNVD-2022-48784)
Adobe InCopy is a text editing software for authoring from Adobe U.S.A. An out-of-bounds write vulnerability exists in Adobe InCopy. An attacker could use this vulnerability to execute arbitrary code in the context of the current user...
InHand Networks InRouter302跨站脚本漏洞
InHand Networks InRouter Series is a series of routers from InHand Networks, U.S.A. A cross-site scripting vulnerability exists in InHand Networks InRouter302 V3.5.4, which can be exploited by attackers to cause arbitrary Javascript code...
Adobe InCopy Memory Misreference Vulnerability
Adobe InCopy is a text editing software for authoring from Adobe U.S.A. A memory mis-reference vulnerability exists in Adobe InCopy, which stems from a mix-up in the program's instructions for freeing memory. An attacker could exploit this vulnerability to execute arbitrary code on the system...
Elcomplus SmartPPT Licensing Issue Vulnerability
Elcomplus SmartPPT is an integrated voice and data scheduling software from Elcomplus, U.S.A. An authorization issue vulnerability exists in Elcomplus SmartPPT, which can be exploited by a low-authentication attacker to access higher-level administrative authorizations by sending a request direct...
InHand Networks InRouter 900 Industrial 4G Router命令注入漏洞(CNVD-2022-31529)
The InHand Networks InRouter 900 is a series of industrial routers from InHand Networks, U.S.A. A security vulnerability exists in the InHand Networks InRouter 900 Industrial 4G Router, and no details of the vulnerability are currently available...
IBM ISS BlackICE PC Protectionk Cross-Site Scripting Vulnerability
The IBM ISS BlackICE PC is a personal firewall/IDS for Windows desktops from IBM USA. A security vulnerability exists in IBM ISS BlackICE PC Protection that originates from an operation using unknown input that results in cross-site scripting. An attacker could exploit the vulnerability to conduc...
ARRIS TR3300 Command Injection Vulnerability (CNVD-2022-68525)
ARRIS TR3300 is an 802.11ac Wi-Fi router from ARRIS U.S.A. A command injection vulnerability exists in ARRIS TR3300, which stems from the upnpttl parameter in the upnp function failing to properly filter the construct command special characters, commands, etc. An attacker could exploit this...
ARRIS TR3300 Command Injection Vulnerability (CNVD-2022-68526)
ARRIS TR3300 is an 802.11ac Wi-Fi router from ARRIS U.S.A. A command injection vulnerability exists in ARRIS TR3300, which stems from the failure of the htimezone parameter in the time zone function to properly filter the construct command special characters, commands, etc. The vulnerability can ...
ARRIS TR3300 Command Injection Vulnerability (CNVD-2022-68524)
ARRIS TR3300 is an 802.11ac Wi-Fi router from ARRIS U.S.A. A command injection vulnerability exists in ARRIS TR3300 v1.0.13, which stems from the failure of the wpsenroleepin parameter in the wps function to properly filter the construct command special characters, commands, etc. An attacker coul...
Bentley Systems MicroStation Buffer Overflow Vulnerability (CNVD-2022-16160)
Bentley Systems MicroStation is a Cad software platform for 2D and 3D design and drafting from Bentley Systems, USA. A buffer overflow vulnerability exists in Bentley Systems MicroStation that can be exploited by an attacker to execute code in the context of the current process...
Bentley Systems MicroStation Buffer Overflow Vulnerability (CNVD-2022-15818)
Bentley Systems MicroStation is a Cad software platform for 2D and 3D design and drafting from Bentley Systems, USA. A buffer overflow vulnerability exists in Bentley Systems MicroStation, which can be exploited by an attacker to execute code in the context of the current process...