Authentication bypass and upload of file with dangerous type in Boonex Dolphin = 7.3.2 allows to remote unauthenticated attackers to affect integrity and availability via PHP remote file inclusion.
Sync Breeze Enterprise is prone to a buffer overflow when handling an overly long HTTP GET request packet.
A specially crafted web server request may allow the upload of arbitrary files to the CODESYS Web Server without authorization which may allow remote code execution.
A malicious user could overflow a buffer by providing overly long strings to functions that handle the XML. Because the function does not verify string size before copying to memory, the attacker may then be able to crash the application or run arbitrary code.
A malicious user could overflow a buffer by providing overly long strings to functions that handle the XML. Because the function does not verify string size before copying to memory, the attacker may then be able to crash the application or run arbitrary code.
A buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If:
This update adds support for "Connect to" agent connection method and more supported platforms.
This update adds support for "Connect to" agent connection method and more supported platforms.
A buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If:
Micro Focus Rumba is prone to buffer overflow when PlayMacro() within WdMacCtl.ocx is used with an overly long MacroName argument.
A vulnerability exists in the MgrReport.php (/controllers/MgrReport.php) component responsible for blocking and unblocking IP addresses from accessing the device.
By abusing the blockip variable, an attacker can achieve remote code execution.
By abusing the blockip variable, an attacker can achieve remote code execution.
The CG6Service Service in CyberGhost has the SetPeLauncherState method which allows a user to launch a debugger automatically for a determined process.
This can be abused by an attacker to gain SYSTEM privileges by attaching to a SYSTEM process.
This can be abused by an attacker to gain SYSTEM privileges by attaching to a SYSTEM process.
This vulnerability revolves around an unchecked integer underflow of the size of a record of type 0x3c, producing a heap overflow, within a Workbook stream in an XLS file handled by Ichitaro.
Remote Code Execution when performing file upload based on Jakarta Multipart parser.
This update adds support to Linux x86_64 distributions
This update adds support to Linux x86_64 distributions