Lucene search
K

49 matches found

OSV
OSV
added 2021/03/24 9:15 p.m.3 views

CVE-2020-7853

An outbound read/write vulnerability exists in XPLATFORM that does not check offset input ranges, allowing out-of-range data to be read. An attacker can exploit arbitrary code execution...

9.8CVSS7.5AI score0.0083EPSS
Exploits0References1
Exploit DB
Exploit DB
added 2020/04/20 12:0 a.m.387 views

Atomic Alarm Clock x86 6.3 - 'AtomicAlarmClock' Unquoted Service Path

Exploit Title: Atomic Alarm Clock x86 6.3 - 'AtomicAlarmClock' Unquoted Service Path Exploit Author: boku Date: 2020-04-17 Vendor Homepage: http://www.drive-software.com Software Link: http://www.drive-software.com/download/ataclock.exe Version: 6.3 Tested On: Windows 10 Pro 1909 32-bit...

7.4AI score
Exploits0
NVD
NVD
added 2019/04/25 6:29 p.m.17 views

CVE-2019-9139

DaviewIndy 8.98.7 and earlier versions have a Integer overflow vulnerability, triggered when the user opens a malformed PDF file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution...

7.8CVSS8AI score0.01313EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/04/25 5:22 p.m.17 views

CVE-2019-9139

DaviewIndy 8.98.7 and earlier versions have a Integer overflow vulnerability, triggered when the user opens a malformed PDF file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution...

7.8CVSS8AI score0.01313EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/04/25 5:11 p.m.25 views

CVE-2019-9137

DaviewIndy 8.98.7 and earlier versions have a Integer overflow vulnerability, triggered when the user opens a malformed Image file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution...

7.8CVSS8AI score0.0131EPSS
Exploits0References1
CVE
CVE
added 2019/01/18 5:0 p.m.60 views

CVE-2018-15990

CVE-2018-15990 affects Adobe Acrobat and Reader; use-after-free vulnerability in various versions (2019.008.20081/20080, 2017.011.30106/30105, 2015.006.30457/30456, and earlier). Successful exploitation could lead to arbitrary code execution. The connected documents list the affected product vers...

9.3CVSS6.8AI score0.03599EPSS
Exploits0References2Affected Software2
Ubuntu
Ubuntu
added 2018/10/03 11:33 a.m.246 views

USN-3781-1: WebKitGTK+ vulnerabilities

A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

8.8CVSS7.3AI score0.10593EPSS
Exploits18
CVE
CVE
added 2017/11/02 3:0 p.m.43 views

CVE-2017-10870

CVE-2017-10870 is a memory corruption vulnerability in JustSystems products Rakuraku Hagaki (and Rakuraku Hagaki Select for Ichitaro across multiple versions) that allows arbitrary code execution when a user opens a specially crafted file. Exploitation would run with the application’s privileges....

7.8CVSS8AI score0.01312EPSS
Exploits0References2Affected Software14
NVD
NVD
added 2017/10/22 8:29 p.m.21 views

CVE-2017-15739

IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls subsequent Write Address starting at CADIMAGE+0x00000000000042d5."...

7.8CVSS7.9AI score0.02232EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/07/05 7:0 p.m.22 views

CVE-2017-10924

IrfanView 4.44 32bit with FPX Plugin 4.47 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at FPX!FPXGetScanDevicePropertyGroup+0x000000000000a529."...

8.2AI score0.02479EPSS
Exploits0References2
Exploit DB
Exploit DB
added 2017/04/25 12:0 a.m.122 views

OpenText Documentum Content Server - dm_bp_transition.ebs docbase Method Arbitrary Code Execution

''' CVE Identifier: CVE-2017-7221 Vendor: OpenText Affected products: OpenText Documentum Content Server all versions Researcher: Andrey B. Panfilov Severity Rating: CVSS v3 Base Score: 8.8 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Fix: not available PoC:...

8.8CVSS8.7AI score0.04198EPSS
Exploits5
OSV
OSV
added 2016/11/24 12:0 a.m.32 views

DSA-3724-1 gst-plugins-good0.10 - security update

Bulletin has no description...

9.8CVSS9.7AI score0.09192EPSS
Exploits3
Packet Storm
Packet Storm
added 2016/08/16 12:0 a.m.33 views

Junkware Removal Tool DLL Hijacking

Hi @ll, JRT.exe see 1. is vulnerable to DLL hijacking: see and for these WELL-KNOWN and WELL-DOCUMENTED beginner's errors; 2. creates an unsafe directory "%TEMP%\jrt": see and for these WELL-KNOWN and WELL-DOCUMENTED beginner's errors! An attacker can exploit these vulnerabilities to gain arbitra...

0.3AI score
Exploits0
OpenVAS
OpenVAS
added 2015/09/08 12:0 a.m.39 views

Amazon Linux: Security Advisory (ALAS-2013-168)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.8AI score0.85882EPSS
Exploits10References2
exploitpack
exploitpack
added 2014/12/29 12:0 a.m.14 views

Bash-CMD-Injection

GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment. Modified by JSacco - [email protected] Exploit Pack 2014 How to run: checkCVE20146271.py...

1.1AI score
Exploits0
Exploit DB
Exploit DB
added 2014/09/27 12:0 a.m.46 views

dbPowerAmp < 2.0/10.0 - Local Buffer Overflow

dbPowerAmp Buffer Overflow Vendor: Illustrate Product: dbPowerAmp Version: = 2.0/10.0 Website: http://www.dbpoweramp.com BID: 11266 CVE: CVE-2004-1569 OSVDB: 10380 11126 11127 SECUNIA: 12684 PACKETSTORM: 34531 Description: Often called the Swiss Army knife of audio, dMC can digitally rip sound fr...

4CVSS6.5AI score0.04736EPSS
Exploits3
OpenVAS
OpenVAS
added 2014/09/09 12:0 a.m.24 views

Multiple ManageEngine Products 7.0 - 9.0.054 Arbitrary File Upload Vulnerability

Multiple ManageEngine Products are prone to an arbitrary-file-upload vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.5CVSS7.3AI score0.77848EPSS
Exploits13References2
OpenVAS
OpenVAS
added 2013/07/05 12:0 a.m.52 views

RedHat Update for java-1.6.0-openjdk RHSA-2013:1014-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.2AI score0.98704EPSS
Exploits23References4
exploitpack
exploitpack
added 2012/09/04 12:0 a.m.19 views

ThinPrint - tpfc.dll Insecure Library Loading Arbitrary Code Execution

ThinPrint - tpfc.dll Insecure Library Loading Arbitrary Code Execution // source: https://www.securityfocus.com/bid/55421/info ThinPrint is prone to a vulnerability that lets attackers execute arbitrary code. Exploiting this issue allows local attackers to execute arbitrary code with the privileg...

1.2AI score
Exploits0
0day.today
0day.today
added 2012/08/15 12:0 a.m.24 views

globalSCAPE CuteZIP Stack Buffer Overflow

Exploit for windows platform in category local exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core'...

6.8AI score
Exploits0
Rows per page
Query Builder