983 matches found
(Pwn2Own) Microsoft Windows NtGdiGetEmbUFI Information Disclosure Vulnerability
This vulnerability allows local attackers to leak sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...
Hewlett Packard Enterprise Data Protector EXEC_BAR Domain Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Data Protector. Authentication is not required to exploit this vulnerability. The specific flaw exists within OmniInet.exe which listens by default on TCP port 5555. When...
Foxit Reader Local Privilege Escalation Vulnerability
Foxit Reader is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Foxit PhantomPDF Local Privilege Escalation Vulnerability
Foxit PhantomPDF is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Advantech WebAccess multiple services Buffer Overflow (CVE-2016-0856)
A buffer overflow vulnerability has been reported in the webvrpcs and datacore service of Advantech WebAccess. The vulnerability is due to an insecure call to some functions. A remote, unauthenticated attacker could exploit this vulnerability by sending a maliciously crafted request to the target...
IBM Informix nsrd Service Privilege Escalation Vulnerability
This vulnerability allows local users to execute arbitrary code on vulnerable installations of IBM Informix. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within configuration of the nsr...
IBM Tivoli Storage Manager FastBack Server Opcode 4115 Buffer Overflow (CVE-2015-4931)
A buffer overflow vulnerability exists in IBM Tivoli Storage Manager FastBack Server. The vulnerability is due to insufficient boundary checking on parameters in opcode 4115 requests. A remote unauthenticated attacker could exploit this vulnerability by sending crafted requests to port 11460/TCP...
Advantech WebAccess Dashboard Viewer ImageUploadHandler Unrestricted File Upload Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WebAccess Dashboard Viewer. Insufficient validation within the uploadImageComm...
Oracle Application Testing Suite UploadFileAction Servlet Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Application Testing Suite. Authentication is required but can be bypassed. The specific vulnerability is in the UploadFileAction servlet. By providing a fileType parameter of "", an attacker...
Oracle GoldenGate Veridata File Upload Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle GoldenGate. Authentication is not required to exploit this vulnerability. The specific flaw exists within the GoldenGate mgr process, which listens on TCP port 7809. By default, the process...
McAfee Application Control Kernel Driver Memory Corruption Privilege Escalation Vulnerability
This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of McAfee Application Control. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...
Foxit FoxitCloudUpdateService Local Elevation of Privilege Vulnerability
Foxit Reader is a small PDF document viewer and printing program. A security vulnerability exists in the FoxitCloudUpdateService of Foxit Reader. A remote attacker writing certain data in a shared memory area can trigger a memory corruption, leading to the execution of arbitrary code in the syste...
IBM Tivoli Storage Manager FastBack Server Format String (CVE-2015-1953; CVE-2015-1986)
A format string vulnerability exists in IBM Tivoli Storage Manager FastBack Server. The vulnerability is due to insufficient sanitization on parameters of Opcode 1301 requests.A remote unauthenticated attacker could exploit this vulnerability by sending crafted requests to port 11460/TCP.Successf...
Foxit FoxitCloudUpdateService Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to elevate privileges on vulnerable installations of Foxit Reader. Authentication is not required to exploit this vulnerability. The specific flaw exists within the FoxitCloudUpdateService service. An attacker can trigger a memory corruption condition by...
Tibbo AggreGate SCADA/HMI Server Service uploadDirectory Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Tibbo AggreGate SCADA/HMI. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Windows service "AggreGate Server Service" agserverservice.exe. Through...
IBM Tivoli Storage Manager FastBack Server Opcode 1330 Command Injection (CVE-2015-1949)
A command injection vulnerability exists in IBM Tivoli Storage Manager FastBack Server. The vulnerability is due to insufficient input validation of parameters in opcode 1330 requests. A remote unauthenticated attacker could exploit this vulnerability by sending crafted requests to port 11460/TCP...
IBM Tivoli Storage Manager FastBack Server FXCLI_OraBR_Exec_Command Buffer Overflow (CVE-2015-1929)
A buffer overflow vulnerability exists in IBM Tivoli Storage Manager FastBack Server. The vulnerability is due to insufficient boundary checking while processing remote requests within the FXCLIOraBRExecCommand function. A remote unauthenticated attacker could exploit this vulnerability by sendin...
(0Day) Agilent Technologies 2100 Expert CSDispatcher.exe Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Agilent Technologies 2100 Expert. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CSDispatcher.exe process, which listens on port 3434. By sending ...
Apple OS X IOHIDFamily Memory Corruption Vulnerability
Apple OS X is an operating system developed by Apple Inc. A memory corruption vulnerability exists in Apple OS X IOHIDFamily, which can be exploited by a local attacker to execute arbitrary code in the system context...
ManageEngine Multiple Products It360SPUtil resIds SQL Injection
An SQL injection vulnerability has been reported in ManageEngine Applications Manager and ManageEngine IT360 MSP Edition. This vulnerability is due to the insufficient validation of user-supplied input when processing requests sent to the It360SPUtil class. A remote, unauthenticated attacker can...