2204 matches found
Blender Object CustomData_external_read Integer Overflow Code Execution Vulnerability
Summary An exploitable integer overflow exists in the CustomData Mesh loading functionality of the Blender open-source 3d creation suite. A .blend file with a specially crafted external data file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under...
Blender vcol_to_fcol Integer Overflow Code Execution Vulnerability
Summary An exploitable integer overflow exists in the upgrade of a legacy Mesh attribute of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the...
Blender Sequencer imb_load_dpx_cineon Integer Overflow Code Execution Vulnerability
Summary An exploitable integer overflow exists in the DPX loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted .cin file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the...
Blender BKE_vfont_to_curve_ex Integer Overflow Code Execution Vulnerability
Summary An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite v2.78c converts text rendered as a font into a curve. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the...
Blender Sequencer imb_loadiris Integer Overflow Code Execution Vulnerability
Summary An exploitable integer overflow exists in the IRIS loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted .iris file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the...
Blender Sequencer dpxOpen Buffer Overflow Code Execution Vulnerability
Summary An exploitable integer overflow exists in the DPX loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted .cin file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the...
Blender BKE_mesh_calc_normals_tessface Integer Overflow Code Execution Vulnerability
Summary An exploitable integer overflow exists in the BKEmeshcalcnormalstessface functionality of the Blender open-source 3d creation suite. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the...
Blender Sequencer imb_loadhdr Integer Overflow Code Execution Vulnerability
Summary An exploitable integer overflow exists in the RADIANCE loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted .hdr file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the...
Blender modifier_mdef_compact_influences Integer Overflow Code Execution Vulnerability
Summary An exploitable integer overflow exists in the modifiermdefcompactinfluences functionality of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context ...
delayed_job_web rails gem XSS vulnerability
Summary An exploitable XSS vulnerability exists in the filter functionality of the delayedjobweb rails gem version 1.4. A specially crafted URL can cause an XSS flaw resulting in an attacker being able to execute arbitrary javascript on the victim’s browser. An attacker can phish an authenticated...
rails_admin rails gem XSS vulnerability
Summary An exploitable XSS vulnerability exists in the add filter functionality of the railsadmin rails gem version 1.2.0. A specially crafted URL can cause an XSS flaw resulting in an attacker being able to execute arbitrary javascript on the victim’s browser. An attacker can phish an...
CPP-Ethereum libevm pow2N Code Execution Vulnerability
Summary An exploitable out-of-bounds read vulnerability exists in libevm Ethereum Virtual Machine of CPP-Ethereum. A specially crafted smart contract code can cause an out-of-bounds read which can subsequently trigger an out-of-bounds write resulting in remote code execution. An attacker can...
CPP-Ethereum JSON-RPC miner_stop improper authorization Vulnerability
Summary An exploitable improper authorization vulnerability exists in minerstop API of cpp-ethereum’s JSON-RPC commit 4e1015743b95821849d001618a7ce82c7c073768. A JSON request can cause an access to the restricted functionality resulting in authorization bypass. An attacker can send JSON to trigge...
CPP-Ethereum JSON-RPC admin_nodeInfo improper authorization Vulnerability
Summary An exploitable improper authorization vulnerability exists in adminnodeInfo API of cpp-ethereum’s JSON-RPC commit 4e1015743b95821849d001618a7ce82c7c073768. A JSON request can cause an access to the restricted functionality resulting in authorization bypass. An attacker can send JSON to...
CPP-Ethereum JSON-RPC miner_setGasPrice improper authorization Vulnerability
Summary An exploitable improper authorization vulnerability exists in minersetGasPrice API of cpp-ethereum’s JSON-RPC commit 4e1015743b95821849d001618a7ce82c7c073768. A JSON request can cause an access to the restricted functionality resulting in authorization bypass. An attacker can send JSON to...
CPP-Ethereum JSON-RPC Denial Of Service Vulnerabilities
Summary An exploitable unhandled exception vulnerability exists in multiple APIs of CPP-Ethereum’s JSON-RPC. Specially crafted JSON requests can cause a unhandled exception resulting in denial of service. An attacker can send malicious JSON to trigger this vulnerability. Tested Versions Ethereum...
CPP-Ethereum libevm create2 Information Leak Vulnerability
Summary An exploitable information leak / denial of service vulnerability exists in the libevm Ethereum Virtual Machine create2 opcode handler of CPP-Ethereum. A specially crafted smart contract code can cause an out-of-bounds read leading to memory disclosure or denial of service. An attacker ca...
CPP-Ethereum JSON-RPC admin_addPeer Authorization Bypass Vulnerability
Summary An exploitable improper authorization vulnerability exists in adminaddPeer API of cpp-ethereum’s JSON-RPC commit 4e1015743b95821849d001618a7ce82c7c073768. A JSON request can cause an access to the restricted functionality resulting in authorization bypass. An attacker can send JSON to...
Parity Ethereum Client Overly Permissive Cross-domain Whitelist JSON-RPC vulnerability
Summary An exploitable overly permissive cross-domain CORS whitelist vulnerability exists in JSON-RPC of Parity Ethereum client version 1.7.8. An automatically sent JSON object to JSON-RPC endpoint can trigger this vulnerability. A victim needs to visit malicious website to trigger this...
CPP-Ethereum JSON-RPC miner_start improper authorization Vulnerability
Summary An exploitable improper authorization vulnerability exists in minerstart API of cpp-ethereum’s JSON-RPC commit 4e1015743b95821849d001618a7ce82c7c073768. A JSON request can cause an access to the restricted functionality resulting in authorization bypass. An attacker can send JSON to trigg...
CPP-Ethereum JSON-RPC miner_setEtherbase improper authorization Vulnerability
Summary An exploitable improper authorization vulnerability exists in minersetEtherbase API of cpp-ethereum’s JSON-RPC commit 4e1015743b95821849d001618a7ce82c7c073768. A JSON request can cause an access to the restricted functionality resulting in authorization bypass. An attacker can send JSON t...
CPP-Ethereum JSON-RPC admin_peers improper authorization Vulnerability
Summary An exploitable improper authorization vulnerability exists in adminpeers API of cpp-ethereum’s JSON-RPC commit 4e1015743b95821849d001618a7ce82c7c073768. A JSON request can cause an access to the restricted functionality resulting in authorization bypass. An attacker can send JSON to trigg...
VMware VNC Dynamic Resolution Request Code Execution Vulnerability
Summary An exploitable code execution vulnerability exists in the remote management functionality of VMware . A specially crafted set of VNC packets can cause a heap overflow resulting in heap corruption. An attacker can create a VNC session to trigger this vulnerability. Tested Versions Vase,...
VMware VNC Pointer Decode Code Execution Vulnerability
Summary An exploitable code execution vulnerability exists in the remote management functionality of VMware . A specially crafted set of VNC packets can cause a type confusion resulting in stack overwrite, which could lead to code execution. An attacker can initiate a VNC session to trigger this...
ACDSee Ultimate 10 IDE_PSD PSD Parsing Code Execution Vulnerability
Summary A memory corruption vulnerability exists in the .PSD parsing functionality of ACDSee Ultimate 10.0.0.292. A specially crafted .PSD file can cause an out of bounds write vulnerability resulting in potential code execution. An attacker can send a specific .PSD file to trigger this...
Tinysvcmdns Multi-label DNS Heap Overflow Vulnerability
Summary An exploitable heap overflow vulnerability exists in the tinysvcmdns library version 2016-07-18. A specially crafted packet can make the library overwrite an arbitrary amount of data on the heap with attacker controlled values. An attacker needs send a dns packet to trigger this...
libxls xls_preparseWorkSheet MULRK Code Execution Vulnerability
Summary An exploitable integer overflow vulnerability exists in the xlspreparseWorkSheet function of libxls 1.4 when handling a MULRK record. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this...
libxls xls_getfcell Code Execution Vulnerability
Summary An exploitable stack based buffer overflow vulnerability exists in the xlsgetfcell function of libxls 1.3.4. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability. Tested Version...
libxls xls_appendSST Code Execution Vulnerability
Summary An exploitable integer overflow vulnerability exists in the xlsappendSST function of libxls 1.4. A specially crafted XLS file can cause memory corruption resulting in remote code execution. An attacker can send a malicious XLS file to trigger this vulnerability. Tested Versions libxls 1.4...
libxls xls_mergedCells Code Execution Vulnerability
Summary An exploitable out-of-bounds write vulnerability exists in the xlsmergedCells function of libxls 1.4. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious xls file to trigger this vulnerability. Tested Versions libxl...
libxls read_MSAT Code Execution Vulnerability
Summary An exploitable out-of-bounds write vulnerability exists in the readMSAT function of libxls 1.4. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability. Tested Versions libxls 1.4...
libxls xls_addCell Formula Code Execution Vulnerability
Summary An exploitable out-of-bounds vulnerability exists in the xlsaddCell function of libxls 1.4. A specially crafted XLS file with a formula record can cause memory corruption resulting in remote code execution. An attacker can send a malicious XLS file to trigger this vulnerability. Tested...
libxls xls_preparseWorkSheet MULBLANK Code Execution Vulnerability
Summary An exploitable integer overflow vulnerability exists in the xlspreparseWorkSheet function of libxls 1.4 when handling a MULBLANK record. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this...
Adobe Acrobat Reader DC PDF Structured Hierarchy ActualText Structure Element Remote Code Execution Vulnerability
Summary An exploitable type confusion vulnerability exists in code responsible for parsing PDF documents with marked structure elements of Adobe Acrobat Reader DC 2017.009.20044. A specially crafted PDF file can trigger an out of bounds access on the heap potentially leading to arbitrary code...
Foscam IP Video Camera webService dyndns.com DDNS Client Code Execution Vulnerability
Summary An exploitable buffer overflow vulnerability exists in the DDNS client used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. On devices with DDNS enabled, an attacker who is able to intercept HTTP connections will be able to fully compromise the device by creating...
Foscam IP Video Camera UPnP Discovery Code Execution Vulnerability
Summary An exploitable buffer overflow vulnerability exists in the UPnP implementation used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted UPnP discovery response can cause a buffer overflow resulting in overwriting arbitrary data. An attacker needs ...
Foscam IP Video Camera devMng Multi-Camera Port 10000 Command 0x0002 Password Field Code Execution Vulnerability
Summary An exploitable buffer overflow vulnerability exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted request on port 10000 can cause a buffer overflow resulting in overwriting arbitrary data. Tested Versions...
Foscam IP Video Camera CGIProxy.fcgi Firmware Upgrade Code Execution Vulnerability
Summary Insufficient security checks exist in the recovery procedure used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A HTTP request can allow for a user to perform a firmware upgrade using a crafted image. Before any firmware upgrades in this image are flashed to th...
Foscam IP Video Camera CGIProxy.fcgi SoftAP Configuration Command Injection Vulnerability
Summary An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during the SoftAP configuration...
Foscam IP Video Camera CGIProxy.fcgi logOut Code Execution Vulnerability
Summary An exploitable buffer overflow vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted HTTP request can cause a buffer overflow resulting in overwriting arbitrary data. An attacker can simply...
Foscam IP Video Camera devMng Multi-Camera Port 10000 Command 0x0002 Username Field Code Execution Vulnerability
Summary An exploitable buffer overflow vulnerability exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted request on port 10000 can cause a buffer overflow resulting in overwriting arbitrary data. Tested Versions...
Foscam IP Video Camera webService 3322.net DDNS Client Code Execution Vulnerability
Summary An exploitable buffer overflow vulnerability exists in the DDNS client used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. On devices with DDNS enabled, an attacker who is able to intercept HTTP connections will be able to fully compromise the device by creating...
Foscam IP Video Camera devMng Multi-Camera Port 10000 Command 0x0000 Information Disclosure Vulnerability
Summary An information disclosure vulnerability exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted request on port 10001 can allow for a user to retrieve sensitive information without authentication. Tested...
Foscam IP Video Camera devMng Multi-Camera Port 10001 Command 0x0064 Empty AuthResetKey Vulnerability
Summary A missing error check exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted request on port 10001 could allow an attacker to reset the user accounts to factory defaults, without authentication. Tested Versio...
Foscam IP Video Camera webService 9299.org DDNS Client Code Execution Vulnerability
Summary An exploitable buffer overflow vulnerability exists in the DDNS client used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. On devices with DDNS enabled, an attacker who is able to intercept HTTP connections will be able to fully compromise the device by creating...
Foscam IP Video Camera webService oray.com DDNS Client Code Execution Vulnerability
Summary An exploitable buffer overflow vulnerability exists in the DDNS client used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. On devices with DDNS enabled, an attacker who is able to intercept HTTP connections will be able to fully compromise the device by creating...
libxls xls_addCell MulBlank Code Execution Vulnerability
Summary An exploitable Out-of-bounds Write vulnerability exists in the xlsaddCell function of libxls 1.4. A specially crafted xls file can cause a memory corruption resulting in remote code execution. An attacker can send malicious xls file to trigger this vulnerability. Tested Versions libxls 1....
Circle with Disney Configuration Restore Photos File Overwrite Vulnerability
Summary An exploitable vulnerability exists in the /api/CONFIG/restore functionality of Circle with Disney running firmware 2.0.1. Specially crafted network packets can cause an arbitrary file to be overwritten. An attacker can send an HTTP request trigger this vulnerability. Tested Versions Circ...
Cesanta Mongoose Websocket Protocol Fragmented Packet Code Execution Vulnerability
Summary An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of Cesanta Mongoose 6.8. A specially crafted websocket packet can cause a buffer to be allocated while leaving stale pointers which leads to a use-after-free vulnerability which can be exploited...
Circle with Disney Token Routing Vulnerability
Summary An exploitable routing vulnerability exists in the Circle with Disney cloud infrastructure. A specially crafted packet can make the Circle cloud route a packet to any arbitrary Circle device. An attacker needs network connectivity to the Internet to trigger this vulnerability. Tested...