ZDI-23-908: Dassault Systèmes SolidWorks DXF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

July 12, 2023

Read Time:12 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes SolidWorks. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

Advisories

ZDI-23-909: Dassault Systèmes SolidWorks SLDPRT File Parsing Use-After-Free Remote Code Execution Vulnerability

July 12, 2023

Read Time:12 Second

Advisories

ZDI-23-910: Dassault Systèmes SolidWorks DWG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

July 12, 2023

Read Time:12 Second

Advisories

ZDI-23-911: Dassault Systèmes SolidWorks DWG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

July 12, 2023

Read Time:12 Second

Advisories

ZDI-23-912: Dassault Systèmes SolidWorks DWG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

July 12, 2023

Read Time:12 Second

Advisories

ZDI-23-913: Microsoft Windows Installer Service Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability

July 12, 2023

Read Time:11 Second

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability.

Advisories

CVE-2020-36750

July 12, 2023

Read Time:22 Second

The EWWW Image Optimizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.8.1. This is due to missing or incorrect nonce validation on the ewww_ngg_bulk_init() function. This makes it possible for unauthenticated attackers to perform bulk image optimization via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

Advisories

rizin-0.5.2-2.el8

July 12, 2023

Read Time:9 Second

FEDORA-EPEL-2023-eaa3950901

Packages in this update:

rizin-0.5.2-2.el8

Update description:

bump to 0.5.2 fixes CVE-2023-27590 rizin: stack-based buffer overflow

Cyber Security News

Daily Archives: July 12, 2023

ZDI-23-908: Dassault Systèmes SolidWorks DXF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

ZDI-23-909: Dassault Systèmes SolidWorks SLDPRT File Parsing Use-After-Free Remote Code Execution Vulnerability

ZDI-23-910: Dassault Systèmes SolidWorks DWG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

ZDI-23-911: Dassault Systèmes SolidWorks DWG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

ZDI-23-912: Dassault Systèmes SolidWorks DWG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

ZDI-23-913: Microsoft Windows Installer Service Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability

CVE-2020-36750

rizin-0.5.2-2.el8

FEDORA-EPEL-2023-eaa3950901

Packages in this update:

Update description:

News, Advisories and much more