PT-2024-9096

Name of the Vulnerable Software and Affected Versions: Apache Arrow R package versions 4.0.0 through 16.1.0 Description: The issue is related to the deserialization of untrusted data in IPC and Parquet readers, which allows arbitrary code execution. An application is vulnerable if it reads Arrow...

CGA-X2M6-9947-W8WR

Bulletin has no description...

GO-2024-2763 Heketi Arbitrary Code Execution in github.com/heketi/heketi

Heketi Arbitrary Code Execution in github.com/heketi/heketi...

BIT-DOTNET-2024-21409 .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability...

Adobe Framemaker heap buffer overflow vulnerability (CNVD-2024-27545)

Adobe Framemaker is the United States of America Odooby Adobe company's set of page layout software for writing and editing large or complex documents including structured documents. A security vulnerability exists in Adobe Framemaker, which is caused by incorrect boundary checking. An attacker...

CVE-2024-36078

In Zammad before 6.3.1, a Ruby gem bundled by Zammad is installed with world-writable file permissions. This allowed a local attacker on the server to modify the gem's files, injecting arbitrary code into Zammad processes which run with the environment and permissions of the Zammad user...

Siemens Parasolid X_T File Out-of-Bounds Write Vulnerability

Siemens Parasolid is a 3D geometric modeling tool that supports a variety of techniques including solid modeling, direct editing and free-form surface/drawing modeling. An out-of-bounds write vulnerability exists in Siemens Parasolid XT files, which can be exploited by an attacker to execute code...

CVE-2024-30009

Windows Routing and Remote Access Service RRAS Remote Code Execution Vulnerability...

GitHub: CVE-2024-32004 Remote Code Execution while cloning special-crafted local repositories

...

CVE-2024-32163

CMSeasy 7.7.7.9 is vulnerable to code execution...

WBSAirback Code Execution Vulnerability (CNVD-2024-27125)

WBSAirback is a next generation storage and backup system from WBSAirback. A code execution vulnerability exists in WBSAirback version 21.02.04, which can be exploited by an attacker to execute arbitrary code...

CVE-2024-2226

creationtimestamp| type| source ---|---|--- 2024-04-11 06:56:18+00:00| seen| https://t.me/arpsyndicate/4461 2025-01-31 03:22:05+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/3560 2025-01-31 04:13:10+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/3576...

Bento4 Ap4StsdAtom.cpp file code execution vulnerability

Bento4 is an open source C++ library for reading and writing MP4 files. A code execution vulnerability exists in the Bento4 Ap4StsdAtom.cpp file, which stems from the failure of the AP4StsdAtom::AP4StsdAtom method of the Ap4StsdAtom.cpp file to correctly filter the special elements of the...

CVE-2024-24581

in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution through out-of-bounds write...

MGASA-2024-0106 Updated unixODBC packages fix security vulnerability

It was discovered that unixODBC incorrectly handled certain bytes. An attacker could use this issue to execute arbitrary code or cause a crash...

D-Link DIR-845L Code Execution Vulnerability

The D-Link DIR-845 is a wireless router from China-based AUO D-Link. A code execution vulnerability exists in D-Link DIR-845L v1.01KRb03 and earlier versions, which stems from the soapcgimain function failing to correctly filter the special elements of the constructor snippet in the cgibin binary...

PT-2024-22452 · Netcome · Netcome Ns-Asg Application Security Gateway

Name of the Vulnerable Software and Affected Versions: Netcome NS-ASG Application Security Gateway version 6.3.1 Description: The issue allows a local attacker to execute arbitrary code and obtain sensitive information via a crafted script to the loginid parameter of the "/singlelogin.php"...

RaspAP Vulnerable to Code Injection via an Unknown Process in File `includes/provider.php`

A vulnerability was found in RaspAP raspap-webgui 3.0.9 and classified as critical. This issue affects some unknown processing of the file includes/provider.php of the component HTTP POST Request Handler. The manipulation of the argument country leads to code injection. The attack may be initiate...

CVE-2024-2497 RaspAP raspap-webgui HTTP POST Request provider.php code injection

A vulnerability was found in RaspAP raspap-webgui 3.0.9 and classified as critical. This issue affects some unknown processing of the file includes/provider.php of the component HTTP POST Request Handler. The manipulation of the argument country leads to code injection. The attack may be initiate...

GHSA-242P-4V39-2V8G

creationtimestamp| type| source ---|---|--- 2024-03-12 16:46:09+00:00| seen| https://t.me/ctinow/205835...