Horner Automation Cscape CSP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Horner Automation Cscape. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Horner Automation Cscape CSP File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Horner Automation Cscape. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Horner Automation Cscape CSP File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Horner Automation Cscape. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

The vulnerability of the Internet Explorer browser arises from an operation that goes beyond the buffer in memory, allowing a malicious actor to execute arbitrary code in the context of the current user.

The vulnerability of the Internet Explorer browser arises from an operation that goes beyond the buffer limits in memory. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary code in the context of the current user, using a specially created web page...

The vulnerability of Microsoft Excel’s spreadsheet editor arises from an operation that goes beyond buffer boundaries in memory, allowing a malicious actor to execute arbitrary code in the context of the current user.

The vulnerability of Microsoft Excel spreadsheet editors arises from the execution of an operation outside the buffer in memory. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary code in the context of the current user, using a specially created file...

The vulnerability of the Internet Explorer browser arises from an operation that goes beyond the buffer in memory, allowing a malicious actor to execute arbitrary code in the context of the current user.

The vulnerability of the Internet Explorer browser arises from an operation that goes beyond the buffer limits in memory. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary code in the context of the current user, using a specially created web page...

The vulnerability in Internet Explorer, caused by an operation that goes beyond the buffer boundaries in memory, allows a malicious actor to execute arbitrary code with the privileges of the current user.

The vulnerability of the Internet Explorer browser arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary code with the privileges of the current user, through a specially created...

The vulnerability of the JavaScript script handler ChakraCore in the Microsoft Edge browser allows a hacker to execute arbitrary code in the context of the current user.

The vulnerability of the ChakraCore JavaScript script handler in the Microsoft Edge browser is caused by an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created web page...

The vulnerability of the ChakraCore JavaScript script handler, related to errors in memory object handling mechanisms, allows attackers to execute arbitrary code.

The vulnerability of the ChakraCore JavaScript script handler is related to errors in memory object handling mechanisms. Exploiting this vulnerability allows a remote attacker to execute arbitrary code with the privileges of the current user...

[slackware-security] netatalk

New netatalk packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/netatalk-3.1.12-i586-1slack14.2.txz: Upgraded. Netatalk before 3.1.12 is vulnerable to an out of bounds write in...

Amazon Linux 2 : git (ALAS-2018-1136)

Git before 2.19.2 on Linux and UNIX executes commands from the current working directory as if '.' were at the end of $PATH in certain cases involving the runcommand API and run-command.c, because there was a dangerous change from execvp to execv during 2017.CVE-2018-19486 C Tenable Network...

Microsoft Chakra Array Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Chakra. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

Adobe Acrobat Pro DC U3D TIFF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Microsoft Chakra Array Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Chakra. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

Microsoft Windows gdiplus bParseWin32Metafile Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2018-19771

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 build 51029. The page "EditCurrentPool.jsp" has reflected XSS via the PropName parameter...

CVE-2018-19765

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 build 51029. The page "EditCurrentPresentSpace.jsp" has reflected XSS via the ConnPoolName, GroupId, and ParentId parameters...

Adobe Reader DC JavaScript CBSharedReviewCompleteAutomation JavaScript API Restrictions Bypass Vulnerability

This vulnerability allows remote attackers to bypass JavaScript API restrictions on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Adobe Reader DC JavaScript AnnotsString Object Arbitrary Overwrite Restrictions Bypass Vulnerability

This vulnerability allows remote attackers to bypass API restrictions on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the AnnotsString...

Adobe Acrobat Pro DC HTML2PDF HTML Parsing Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...