ImageMagick exceeds the range of representable values of type 'unsigned long' Vulnerability

ImageMagick is a software for creating, editing, and composing images that can read, convert, and write images in many formats. A vulnerability exists in MagickCore/statistic.c in versions of ImageMagick prior to 7.0.8-69 that exceeds the range of representable values of type 'unsigned long'. An...

ImageMagick Studio ImageMagick 数字错误漏洞

ImageMagick is a software for creating, editing, and composing images that can read, convert, and write images in many formats. A numeric error vulnerability exists in MagickCore/gem-private.h in versions of ImageMagick prior to 7.0.9-0. An attacker can exploit this vulnerability by submitting a...

Vulnerability of the Microsoft Graphics component in the Windows operating system, allowing a hacker to execute arbitrary code

The vulnerability of the Microsoft Graphics component in the Windows operating system is related to errors in object handling in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially crafted file...

CVE-2020-1564

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to...

The vulnerability of the parse_report() function in the whoopsie error logging service allows a violator to trigger a service failure.

The vulnerability of the parsereport function in the whoopsie error reporting service is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a perpetrator to cause a service failure using a specially crafted file...

The vulnerability of the Windows Jet Database Engine database management system allows a hacker to execute arbitrary code.

The vulnerability of the Windows Jet Database Engine database management system in Windows operating systems is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created file...

The vulnerability of Microsoft Office, Microsoft Word, and Microsoft SharePoint packages lies in the improper handling of objects in memory, which allows an attacker to execute arbitrary code.

The vulnerability of Microsoft Office, Microsoft Word, and Microsoft SharePoint programs is related to incorrect handling of objects in memory. Exploiting this vulnerability can allow a malicious actor to execute arbitrary code using a specially created file...

Microsoft Outlook Remote Code Execution Vulnerability (CNVD-2020-45313)

Microsoft Outlook is a suite of e-mail applications from the American company Microsoft. A remote code execution vulnerability exists in Microsoft Outlook, which arises from the program's failure to properly handle objects in memory. An attacker can exploit the vulnerability by means of a special...

The vulnerability of the Windows Jet Database Engine component of the operating system allows a perpetrator to execute arbitrary code.

The vulnerability of the Windows Jet Database Engine component of the Windows operating system is related to errors in memory object handling. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially crafted file...

Microsoft Excel Buffer Overflow Vulnerability (CNVD-2020-41714)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A buffer overflow vulnerability exists in Microsoft Excel, which results from the program failing to properly handle memory objects. The vulnerability can be exploited to execute arbitrary code in the...

The vulnerability of the gtbl document editing tool from the groff package, related to errors in pointer arithmetic, allows a perpetrator to trigger a service failure.

The vulnerability of the gtbl document editing tool from the groff package is related to errors in pointer manipulation at address 0x0000000000409400. Exploiting this vulnerability could allow an attacker to cause a service failure by passing a specially crafted file as an argument to the command...

The vulnerability of the __strlen_sse2_pminub function in the infotocap utility from the ncurses-bin package allows a hacker to cause a service failure.

The vulnerability of the strlensse2pminub function located in the file sysdeps/x8664/multiarch/strlen-sse2-pminub.S:39 in the infotocap utility from the ncurses-bin package is related to errors in pointer arithmetic. Exploiting this vulnerability could allow an attacker to cause a system failure ...

libpng: use-after-free in png_image_free in png.c

A vulnerability was found in libpng where a use-after-free issue exists in the pngimagefree function within png.c. This vulnerability can be exploited by persuading a victim to open a specially crafted file, a remote attacker could exploit this vulnerability to cause a denial of service...

Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability

Microsoft Office is an office software suite product. A remote code execution vulnerability exists in Microsoft Office Access Connectivity Engine. An attacker can exploit the vulnerability to execute arbitrary code via a constructed file...

The vulnerability of the Jet Database Engine database management system in the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the Jet Database Engine database management system in the Windows operating system arises from an operation that goes beyond the buffer in memory. Exploiting this vulnerability allows a attacker to execute arbitrary code using a specially crafted file...

AdvanceCOMP Invalid Memory Access Vulnerability

AdvanceCOMP is a set of cross-platform command-line data compression tools. An invalid memory access vulnerability exists in the advpngunfilter8 function in png.c in AdvanceCOMP 2.1. An attacker can exploit this vulnerability to cause a denial of service segmentation error or possibly other impac...

The vulnerability of the Microsoft JET Database Engine database driver on the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the Microsoft JET Database Engine database driver for the Windows operating system exists due to errors in object handling in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created file...

Microsoft Word Remote Code Execution Vulnerability (CNVD-2019-14465)

Microsoft Word is a word processor application developed by Microsoft. A remote code execution vulnerability exists in Microsoft Word that stems from the software's failure to properly handle objects in memory and can be exploited by an attacker using a specially crafted file to perform an...

The vulnerability of Microsoft Excel’s spreadsheet editor, related to errors in memory object handling, allows a hacker to execute arbitrary code.

The vulnerability of Microsoft Excel editors is related to errors in memory object handling. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary code with user privileges using a specially crafted file...

CVE-2018-16770

In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service application crash or possibly have unspecified other impact because a certain newallocator allocate call fails...