Windsurf 安全漏洞

Windsurf is an AI programming software from Windsurf. Windsurf has a security vulnerability that stems from the presence of a path traversal vulnerability that could lead to reading and writing arbitrary local files...

Linux Distros Unpatched Vulnerability : CVE-2021-23166

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A sandboxing issue in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows authenticated administrators to read and write local files on...

SUSE CVE-2008-3109

Unspecified vulnerability in scripting language support in Sun Java Runtime Environment JRE in JDK and JRE 6 Update 6 and earlier allows context-dependent attackers to gain privileges via an untrusted 1 application or 2 applet, as demonstrated by an application or applet that grants itself...

SUSE CVE-2008-3107

Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.218 allows context-dependent attackers to gain privileges via an untrusted 1 application or 2 applet, as...

CVE-2021-25337

Improper access control in clipboard service in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows untrusted applications to read or write certain local files...

KLA11157 A regression in Adobe Flash Player

A regression in Adobe Flash Player can lead to the unintended reset of the global settings preference file when a user clears browser data. Technical details To update Adobe Flash Player ActiveX detected as Flash.ocx on Windows 8 and higher, install latest updates from Control Panel Original...

KLA11028 A read/write local files vulnerability in Oracle VM Virtual Box

An unspecified vulnerability was found in Oracle VM VirtualBox. By exploiting this vulnerability low priveleged malicious users with logon to the infrastructure, where OracleVM VirtualBox is executed, can write to some of Oracle VM VirtualBox accessible data and read a subset of Oracle VM...

KLA10671 Flash Player update for Google Chrome

Google Chrome was updated to address vulnerabilities in Flash Player. For details look at KLA10670. Original advisories Blog entry Exploitation Public exploits exist for this vulnerability. Related products Google-Chrome CVE list CVE-2015-5573 critical CVE-2015-5574 critical CVE-2015-5575 critica...

KLA10574 Multiple vulnerabilities in Adobe Flash Player

Multiple serious vulnerabilities have been found in Adobe products. Malicious users can exploit these vulnerabilities to write local files, bypass security restrictions, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Memory corruption, heap...

KLA10539 Multiple vulnerabilities in Open-source ARJ archiver

Buffer overflow, improper strings restriction and other unknown vulnerabilities were found in Open-source ARJ archiver. By exploiting these vulnerabilities malicious users can cause denial of service, execute arbitrary code or write to arbitrary local files. These vulnerabilities can be exploited...

KLA10520 Multiple vulnerabilities in HP Operations Orchestration

An unspecified vulnerabilities were found in HP Operations Orchestration. By exploiting these vulnerabilities malicious users can bypass authentication,obtain sensitive information or modify data. These vulnerabilities can be exploited remotely via an unknown vector. Original advisories HP securi...

KLA10509 Multiple vulnerabilities in McAfee DLPe

Multiple serious vulnerabilities have been found in McAfee DLPe. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, bypass security restrictions, inject arbitrary code or write local files. Below is a complete list of vulnerabilities 1. XSS...

KLA10482 Multiple vulnerabilities in Cisco AnyConnect SMC

Multiple serious vulnerabilities have been found in Cisco AnyConnect Secure Mobility Client. Malicious users can exploit these vulnerabilities to gain privileges or write arbitrary files. Below is a complete list of vulnerabilities 1. An unknown vulnerability can be exploited locally via a...

KLA10098 Vulnerability in CVSNT

An unspecified vulnerability was found in CVSNT. By exploiting this vulnerability malicious users can bypass permission checks, modify directories and execute arbitrary code. This vulnerability can be exploited remotely via specially designed branching. Original advisories March Hare bulletin...

KLA10058 WLF vulnerability in Altiris Notification Server

An unspecified vulnerability was found in the Symantec products. By exploiting this vulnerability malicious users can download and write local files. This vulnerability can be exploited from the network at a point related to eXpress NS SC Download. Original advisories Symantec security advisory...

KLA10172 Vulnerability in Garmin Communicator Plugin

An improper restriction was found in Garmin Communicator Plug-In. By exploiting this vulnerability malicious users can obtain sensitive information or reconfigure GPS device. This vulnerability can be exploited remotely via unspecified vectors. Original advisories - Related products...

KLA10286 WLF vulnerability in Orbit Downloader

An argument injection vulnerability was found in Orbit Downloader. By exploiting this vulnerability malicious users can overwrite arbitrary files. This vulnerability can be exploited remotely via a specially designed method call. Original advisories - Exploitation Public exploits exist for this...

Security Vulnerabilities in the Java Runtime Environment Scripting Language Support (6529568, 6529579)

Unspecified vulnerability in scripting language support in Sun Java Runtime Environment JRE in JDK and JRE 6 Update 6 and earlier allows context-dependent attackers to gain privileges via an untrusted 1 application or 2 applet, as demonstrated by an application or applet that grants itself...

KLA10097 WLF vulnerability in CDBurnerXP

An unspecified vulnerability was found in CDBurnerXP. By exploiting this vulnerability malicious users can overwrite arbitrary files. This vulnerability can be exploited from the network at a point related to NMS DVD Burning SDK. Original advisories vulnerability description Exploitation Public...

java-1.5.0 Privilege escalation via unstrusted applet and application

Multiple unspecified vulnerabilities in the Java Runtime Environment in Sun JDK and JRE 6 Update 1 and earlier, and 5.0 Update 13 and earlier, allow context-dependent attackers to gain privileges via an untrusted 1 application or 2 applet, as demonstrated by an application or applet that grants...