CVE-2018-1000667

NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains a memory corruption crashed of nasm when handling a crafted file due to function assemblefileinname, dependptr at asm/nasm.c:482. vulnerability in function assemblefileinname, dependptr at asm/nasm.c:482. that can result in...

libgig heap buffer overflow vulnerability (CNVD-2018-15174)

libgig is a C++ library for loading, modifying existing and creating new Gigasampler .gig files and DLS downloadable sound level 1/2 files, KORG sample-based instruments .KSF and .KMP files, SoundFont v2 .sf2 files and AKAI sampler data. A heap-based buffer overflow vulnerability exists in the...

Cisco WebEx Business Suite meeting sites and WebEx Meetings sites WebEx Recording Format Player information disclosure vulnerability

Cisco WebEx Business Suite meeting sites and WebEx Meetings sites are video conferencing solutions from Cisco.WebEx Recording Format WRF Player is one of the players, which is mainly used to play WRF WebEx Recording Format WRF Player is one of the players, which is mainly used to play the WRF...

CVE-2018-0288

A vulnerability in Cisco WebEx Recording Format WRF Player could allow an unauthenticated, remote attacker to access sensitive data about the application. An attacker could exploit this vulnerability to gain information to conduct additional reconnaissance attacks. The vulnerability is due to a...

Microsoft Excel Remote Code Execution Vulnerability (CNVD-2018-08761)

Microsoft Excel 2010 SP2, Excel 2013 RT SP1 and Excel 2013 SP1 are spreadsheet processing software in the Office suite of Microsoft Corporation USA. A remote code execution vulnerability exists in Microsoft Excel 2010 SP2, Excel 2013 RT SP1, and Excel 2013 SP1, which stems from the program failin...

PYSEC-2018-144

The Exiv2::Jp2Image::readMetadata function in jp2image.cpp in Exiv2 0.26 allows remote attackers to cause a denial of service excessive memory allocation via a crafted file...

The vulnerability of the WordPad text editor on the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the WordPad text editor on the Windows operating system is related to lack of access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code via a specially created file...

SWFTools 'readBlock()' heap buffer read vulnerability

SWFTools is a suite of open source software tools for creating and manipulating SWF files. A heap buffer read vulnerability exists in the 'readBlock' function of the lib/ttf.c file in SWFTools version 0.9.2. The vulnerability can be exploited to cause a heap buffer out-of-bounds read with the hel...

ImageMagick Denial of Service Vulnerability (CNVD-2017-09695)

ImageMagick is a set of open-source image processing software from the U.S. company ImageMagick Studio. The software can read, convert and write pictures in a variety of formats. A denial of service vulnerability exists in the 'LockSemaphoreInfo' function in ImageMagick version 7.0.5-7 Q16. An...

The vulnerability of the console-based graphic editor ImageMagick, which allows a hacker to trigger a service failure

The vulnerability of the ReadJNGImage function in the ImageMagick console graphics editor’s png.c file arises from the execution of an operation outside the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause a service failure loss ...

The vulnerability of the console-based graphic editor ImageMagick, which allows a hacker to trigger a service failure

The vulnerability of the ReadEXRImage function in the exr.c file of the ImageMagick console graphics editor is caused by the execution of an operation outside the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to cause a service failure loss of access to...

The vulnerability of the Android operating system allows a perpetrator to cause the device to freeze and restart.

The vulnerability of the Mediaserver application’s libavc service in the Android operating system is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to cause the device to freeze and restart by using a specially created file...

The vulnerability of the Android operating system, which allows a hacker to trigger memory corruption

The vulnerability of the Mediaserver application in the Android operating system arises from the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to cause memory corruption during the processing of media files and data using a specially...

The vulnerability of the Android operating system, which allows a hacker to gain access to data beyond their authorized levels of permission

The vulnerability of the AOSP Messaging component in the Android operating system is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to gain access to data beyond their authorized levels of permission, using a specially crafted file...

UBUNTU-CVE-2017-5854

base/PdfOutputStream.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service NULL pointer dereference and crash via a crafted file...

Microsoft Office Memory Corruption Vulnerability (CNVD-2016-12454)

Microsoft Office is an office software suite of products developed by the U.S. company Microsoft Microsoft. Commonly used components are Word, Excel, Access, Powerpoint, FrontPage and so on. Microsoft Office suffers from a memory corruption vulnerability due to the program's failure to properly...

Vulnerability of the Windows operating system, allowing a perpetrator to execute arbitrary code

The vulnerability of the Microsoft Video Control component of the Windows operating system is related to access control deficiencies. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted file...

The vulnerability of Microsoft Word text editors, which allows a hacker to execute arbitrary code.

The vulnerability of Microsoft Word stems from buffer overflow attacks. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted file...

DEBIAN-CVE-2015-1270

The ucnviogetConverterName function in common/ucnvio.cpp in International Components for Unicode ICU, as used in Google Chrome before 44.0.2403.89, mishandles converter names with initial x- substrings, which allows remote attackers to cause a denial of service read of uninitialized memory or...

CVE-2015-2222

ClamAV before 0.98.7 allows remote attackers to cause a denial of service crash via a crafted petite packed file...