Product Key Explorer is a software program that allows users to recover product keys for software installed on their local and network computers. A denial of service vulnerability exists in Product Key Explorer 4.2.0.0, where a specially crafted file can cause a denial of service when the file is pasted into the 'Key' field. This can be exploited by an attacker to cause a denial of service condition.
Product Key Explorer is a software program that allows users to recover product keys for software installed on their local and network computers. A denial of service vulnerability exists in Product Key Explorer 4.2.0.0, where a specially crafted file can cause a denial of service when the file is pasted into the 'Name' field. An attacker can exploit this vulnerability to cause a denial of service condition.
SmartLiving anti-intrusion control panel and security system provides important features rarely found in residential, commercial or industrial application systems of its kind. This optimized-performance control panel provides first-rate features such as: graphic display, text-to-speech, voice notifier, flexible hardware, end-to-end voice transmission (voice-on-bus), IP connectivity. The system-on-chip platform used in the SmartLAN/SI accessory board provides point-to-point networking capability and fast connectivity to the Internet. Therefore, it is possible to set up a remote connection and program or control the system via the SmartLeague software application. In effect, the SmartLAN/SI board grants the same level of access to the system as a local RS232 connection. The SmartLAN/G board operates in the same way as the SmartLAN/SI but in addition provides advanced remote-access and communication functions. The SmartLAN/G board is capable of sending event-related e-mails automatically. Each e-mail can be associated with a subject.
A Server-Side Request Forgery (SSRF) vulnerability exists in the SmartLiving SmartLAN/G/SI <=6.x devices. An unauthenticated attacker can send a specially crafted request to the vulnerable device, which can be used to access internal resources or to perform malicious activities.
When opening a malformed PDF file, an access violation exception is triggered in the latest version of Adobe Acrobat Reader DC for Windows. This is due to a buffer overflow vulnerability in the CoolType!CTInit+0x3913e function, which is caused by an invalid memory access when writing to the address 0x707703a4. This can be exploited to execute arbitrary code in the context of the application.
Inim Electronics SmartLiving SmartLAN/G/SI <=6.x is vulnerable to hard-coded credentials. The SmartLAN/G/SI board contains hard-coded credentials that can be used to gain access to the system. The credentials are stored in plain text in the board's memory and can be accessed by anyone with physical access to the board.
Oracle Siebel Sales 8.1 is vulnerable to persistent cross-site scripting. An attacker can inject malicious JavaScript code into the application by sending a specially crafted POST request to the vulnerable application. This malicious code will be executed in the browser of the victim when the application is accessed.
It's possible to perform direct Operating System commands as an unauthenticated user via the "/pages/systemcall.php?command={COMMAND}" page and parameter, where {COMMAND} will be executed and returning the results to the client.
A buffer overflow vulnerability exists in Omron PLC 1.0.0, which could allow an attacker to cause a denial of service condition. An attacker can send a specially crafted packet to the target port 9600, resulting in a denial of service condition.
Snipe-IT v4.7.5 has persistent cross-site scripting vulnerability via uploading svg file in accessories section. A malicious authorized user could potentially upload an SVG with a javascript payload.
Services By CQR