5836 matches found
Adobe Flash NetworkConfiguration addCustomHeader Out-Of-Bounds Read Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...
BitDefender Internet Security Remote Code Execution Vulnerability
BitDefender Internet Security is security software that offers a wide range of protection features. A remote code execution vulnerability exists in the cevakrnl.xmd file in Bitdefender Internet Security due to the program failing to adequately validate user-supplied data. A remote attacker could...
Netgain Enterprise Manager Remote Code Execution Vulnerability
Netgain Enterprise Manager is a suite of IT asset monitoring and management software from NetGain Systems, Singapore. A remote code execution vulnerability exists in the RMI registry in Netgain Enterprise Manager, which is caused by the program failing to adequately validate user-submitted data. ...
Out-of-bounds
PCAUSA Rawether framework does not properly validate BPF data, allowing a crafted malicious BPF program to perform operations on memory outside of its typical bounds on the driver's receipt of network packets. Local attackers can exploit this issue to execute arbitrary code with SYSTEM privileges...
CVE-2017-3196
CVE-2017-3196 concerns PCAUSA’s Rawether framework (Windows) failing to validate BPF data, enabling a crafted BPF program to read/write memory outside normal bounds when the NDIS receipt of packets occurs. This allows a local attacker to execute arbitrary code with SYSTEM privileges via a crafted...
Linksys WVBR0 Wireless Bridge Remote Command Execution Vulnerability
The Linksys WVBR0 is a wireless network repeater device. A remote command execution vulnerability exists in the Linksys WVBR0 wireless bridge. The vulnerability stems from a failure to properly detect user data before executing a system call. A remote attacker can exploit the vulnerability to...
NetGain Systems Enterprise Manager db.save_005fimage_jsp id Unrestricted File Upload Remote Code Execution Vulnerability
This vulnerability allows remote attackers to create arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...
Foxit Reader JPEG2000 Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPEG2000...
Foxit Reader Image Filter Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...
The vulnerability of Huawei FusionServer’s software allows a hacker to bypass access restrictions and execute arbitrary commands.
The vulnerabilities of the FusionServer RH2288V3, FusionServer RH2288HV3, FusionServer XH628V3, FusionServer RH1288V3, FusionServer RH2288A2, FusionServer RH1288A2, FusionServer RH8100V3, FusionServer CH222V3, FusionServer CH220V3, and FusionServer CH121V3 software programs are related to the lac...
Adobe Reader DC JPEG2000 Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...
SWFTools Denial of Service Vulnerability (CNVD-2017-36499)
SWFTools is a utility toolset for working with Adobe Flash files SWF files. A security vulnerability exists in the 'wavconvert2mono' function in the lib/wav.c file in SWFTools version 0.9.2, which stems from the program failing to properly validate WAV data. A remote attacker can exploit this...
CVE-2017-16793
The wavconvert2mono function in lib/wav.c in SWFTools 0.9.2 does not properly validate WAV data, which allows remote attackers to cause a denial of service incorrect malloc and heap-based buffer overflow or possibly have unspecified other impact via a crafted file...
CVE-2017-16793
The wavconvert2mono function in lib/wav.c in SWFTools 0.9.2 does not properly validate WAV data, which allows remote attackers to cause a denial of service incorrect malloc and heap-based buffer overflow or possibly have unspecified other impact via a crafted file...
CVE-2017-16793
The wavconvert2mono function in lib/wav.c in SWFTools 0.9.2 does not properly validate WAV data, which allows remote attackers to cause a denial of service incorrect malloc and heap-based buffer overflow or possibly have unspecified other impact via a crafted file...
CVE-2017-16793
Removed by vendor...
Design/Logic Flaw
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 8.3.0.14878. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...
CVE-2017-5123
Insufficient data validation in waitid allowed an user to escape sandboxes on Linux...
UBUNTU-CVE-2017-5123
Insufficient data validation in waitid allowed an user to escape sandboxes on Linux...
International Islamic University Chittagong: Stored Xss on IIUC
NOTE! Thanks for submitting a report! Please replace all the square sections below with the pertinent details. Remember, the more detail you provide, the easier it is for us to verify and then deploy fix, so be sure to take your time filling out the report! Summary: add summary of the vulnerabili...