webViewAction in Yii (aka Yii2) 2.x before 2.0.5 allows attackers to execute any local .php file via a relative path in the view parameeter.
Yearly Archives: 2023
ZDI-23-1450: Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-23-1451: Ashlar-Vellum Cobalt AR File Parsing Type Confusion Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-23-1452: Ashlar-Vellum Cobalt AR File Parsing Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-23-1453: Ashlar-Vellum Cobalt AR File Parsing Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-23-1454: Ashlar-Vellum Cobalt AR File Parsing Type Confusion Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-23-1449: (0Day) Intel Driver & Support Assistant Link Following Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Intel Driver & Support Assistant. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
traceroute-2.1.3-1.fc37
FEDORA-2023-734aa51998
Packages in this update:
traceroute-2.1.3-1.fc37
Update description:
Update to 2.1.3
traceroute-2.1.3-1.fc38
FEDORA-2023-7133ff034c
Packages in this update:
traceroute-2.1.3-1.fc38
Update description:
Update to 2.1.3
traceroute-2.1.3-1.fc39
FEDORA-2023-b870a4de82
Packages in this update:
traceroute-2.1.3-1.fc39
Update description:
Update to 2.1.3