7634 matches found
UBUNTU-CVE-2018-10875
A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code...
Microsoft Edge CWUCLayer Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the routines that...
Microsoft .NET Framework Remote Code Execution Vulnerability (CNVD-2018-15849)
Microsoft .NET Framework is a comprehensive and consistent programming model developed by Microsoft Corporation USA and a development platform for building Windows, Windows Store, Windows Phone, Windows Server and Microsoft Azure Windows Store, Windows Phone, Windows Server, and Microsoft Azure...
Eaton 9000XDrive TLF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Eaton 9000XDrive. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing ...
flash-plugin: Arbitrary Code Execution vulnerability (APSB18-24)
Adobe Flash Player 30.0.0.113 and earlier versions have a Type Confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user...
[slackware-security] mozilla-thunderbird
New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix bugs and security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/mozilla-thunderbird-52.9.1-i586-1slack14.2.txz: Upgraded. This release contains security fixes and improvements...
Microsoft Internet Explorer and Edge Scripting Engine Memory Corruption Vulnerability (CNVD-2018-15435)
Microsoft Edge is the web browser built into the Windows 10 version.Internet Explorer is a web browser from Microsoft Corporation. A memory corruption vulnerability exists in the Microsoft Internet Explorer and Edge scripting engine. The vulnerability stems from a problem in the way the scripting...
Microsoft Internet Explorer and Edge Scripting Engine Memory Corruption Vulnerability (CNVD-2018-15436)
Microsoft Edge is the web browser built into the Windows 10 version.Internet Explorer is a web browser from Microsoft Corporation. A memory corruption vulnerability exists in the Microsoft Internet Explorer and Edge scripting engine. The vulnerability stems from a problem in the way the scripting...
Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CNVD-2018-15439)
Internet Explorer is a web browser from Microsoft. Formerly known as Microsoft Internet Explorer prior to version 6 and Windows Internet Explorer versions 7, 8, 9, 10, 11, or IE for short. A memory corruption vulnerability exists in the Microsoft Internet Explorer scripting engine. The...
Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CNVD-2018-15438)
Internet Explorer is a web browser from Microsoft. Formerly known as Microsoft Internet Explorer prior to version 6 and Windows Internet Explorer versions 7, 8, 9, 10, 11, or IE for short. A memory corruption vulnerability exists in the Microsoft Internet Explorer scripting engine. The...
Microsoft Edge Memory Corruption Vulnerability (CNVD-2018-12888)
Edge is Microsoft's browser for Windows 10. A memory corruption vulnerability exists in Microsoft Edge. The vulnerability stems from Microsoft Edge failing to properly access objects in memory. An attacker can exploit the vulnerability to execute arbitrary code in the context of the current user,...
Microsoft Edge Memory Corruption Vulnerability (CNVD-2018-12887)
Edge is Microsoft's browser for Windows 10. A memory corruption vulnerability exists in Microsoft Edge. The vulnerability stems from Microsoft Edge failing to properly access objects in memory. An attacker can exploit the vulnerability to execute arbitrary code in the context of the current user,...
Microsoft Edge Memory Corruption Vulnerability (CNVD-2018-12886)
Edge is Microsoft's browser for Windows 10. A memory corruption vulnerability exists in Microsoft Edge. The vulnerability stems from Microsoft Edge failing to properly access objects in memory. An attacker can exploit the vulnerability to execute arbitrary code in the context of the current user,...
Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CNVD-2018-12892 )
Edge is Microsoft's browser for Windows 10. A memory corruption vulnerability exists in Microsoft Edge. The vulnerability stems from a problem with the way the Chakra scripting engine in Microsoft Edge handles objects in memory. An attacker could exploit the vulnerability to execute arbitrary cod...
Microsoft Edge Memory Corruption Vulnerability (CNVD-2018-12884)
Edge is Microsoft's browser for Windows 10. A memory corruption vulnerability exists in Microsoft Edge. The vulnerability stems from Microsoft Edge failing to properly access objects in memory. An attacker can exploit the vulnerability to execute arbitrary code in the context of the current user,...
Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CNVD-2018-12891)
Edge is Microsoft's browser for Windows 10. A memory corruption vulnerability exists in Microsoft Edge. The vulnerability stems from a problem with the way the Chakra scripting engine in Microsoft Edge handles objects in memory. An attacker could exploit the vulnerability to execute arbitrary cod...
Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CNVD-2018-12890)
Edge is Microsoft's browser for Windows 10. A memory corruption vulnerability exists in Microsoft Edge. The vulnerability stems from a problem with the way the Chakra scripting engine in Microsoft Edge handles objects in memory. An attacker could exploit the vulnerability to execute arbitrary cod...
Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CNVD-2018-12889)
Edge is Microsoft's browser for Windows 10. A memory corruption vulnerability exists in Microsoft Edge. The vulnerability stems from a problem with the way the Chakra scripting engine in Microsoft Edge handles objects in memory. An attacker could exploit the vulnerability to execute arbitrary cod...
Microsoft Edge Memory Corruption Vulnerability (CNVD-2018-12883)
Edge is Microsoft's browser for Windows 10. A memory corruption vulnerability exists in Microsoft Edge. The vulnerability stems from Microsoft Edge failing to properly access objects in memory. An attacker can exploit the vulnerability to execute arbitrary code in the context of the current user,...
ansible: Inventory variables are loaded from current working directory when running ad-hoc command that can lead to code execution
In ansible it was found that inventory variables are loaded from current working directory when running ad-hoc command which are under attacker's control, allowing to run arbitrary code as a result...