86 matches found
Git Denial of Service Vulnerability
Git is a free, open source distributed version control system developed by American software developer Linus Torvalds Linus Torvalds. A security vulnerability exists in Git 2.14.2 and earlier versions, which stems from the program's failure to properly handle the tree object layer. A remote...
i-SENS SmartLog Diabetes Management Software Code Execution Vulnerability
SmartLog Diabetes Management Software is software used to track and monitor an individual's blood glucose levels by connecting a glucose meter to a computer via USB. A code execution vulnerability exists in i-SENS SmartLog Diabetes Management Software, which allows an attacker to execute arbitrar...
Security update for samba (important)
This update for samba fixes the following issue: - An unprivileged user with access to the samba server could cause smbd to load a specially crafted shared library, which then had the ability to execute arbitrary code on the server as 'root'. CVE-2017-7494, bso12780, bsc1038231 This update was...
The vulnerability of the Skype instant messaging program allows a hacker to execute arbitrary code.
The vulnerability of the Skype instant messaging program is related to the limitation on the download of external libraries. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted library named api-ms-win-core-winrt-string-l1-1-0.dll, which is...
Advantech WebAccess Buffer Overflow Vulnerability
Advantech WebAccess formerly known as BroadWin WebAccess is a set of HMI/SCADA software based on browser architecture from Advantech. The software supports dynamic graphical displays and real-time data control, and provides the ability to remotely control and manage automation equipment. A buffer...
CVE-2015-3715
The code-signing implementation in Apple OS X before 10.10.4 does not properly consider libraries that are external to an application bundle, which allows attackers to bypass intended launch restrictions via a crafted library...
CVE-2014-2591
Untrusted search path vulnerability in BMC Patrol for AIX 3.9.00 allows local users to gain privileges via a crafted library, related to an incorrect RPATH setting...
Design/Logic Flaw
Untrusted search path vulnerability in BMC Patrol for AIX 3.9.00 allows local users to gain privileges via a crafted library, related to an incorrect RPATH setting...
CVE-2014-2591
Untrusted search path vulnerability in BMC Patrol for AIX 3.9.00 allows local users to gain privileges via a crafted library, related to an incorrect RPATH setting. Recent assessments: timb-machine at March 05, 2021 12:48am UTC reported: Assessed Attacker Value: 5 Assessed Attacker Value: 5Assess...
CVE-2014-2591
Untrusted search path vulnerability in BMC Patrol for AIX 3.9.00 allows local users to gain privileges via a crafted library, related to an incorrect RPATH setting...
CVE-2014-2591
CVE-2014-2591 affects BMC Patrol for AIX 3.9.00 and is caused by an incorrect RPATH setting that enables untrusted search path exploitation. This allows local users to gain privileges by loading a crafted library. The vulnerability is a local privilege escalation risk due to insecure runtime libr...
CVE-2014-1882
Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that leverages IFRAME script execution and directly accesses bridge JavaScript objects, as demonstrated...
Code injection
Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that leverages IFRAME script execution and waits a certain amount of time for an OnJsPrompt handler...
Code injection
Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that leverages IFRAME script execution and directly accesses bridge JavaScript objects, as demonstrated...
CVE-2014-1882
Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that leverages IFRAME script execution and directly accesses bridge JavaScript objects, as demonstrated...
CVE-2014-1881
Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that leverages IFRAME script execution and waits a certain amount of time for an OnJsPrompt handler...
CVE-2014-1882
Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that leverages IFRAME script execution and directly accesses bridge JavaScript objects, as demonstrated...
CVE-2014-1882
Affected software: Apache Cordova 3.3.0 and earlier; Adobe PhoneGap 2.9.0 and earlier. Root cause: An event-based bridge can be bypassed via a crafted library clone that uses IFRAME script execution to directly access bridge JavaScript objects, demonstrated by cordova.require calls. Impact: Remot...
CVE-2014-1881
CVE-2014-1881 affects Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier. The vulnerability arises in an event-based bridge technique where a crafted library clone can trigger IFRAME script execution and waits for an OnJsPrompt handler return value to bypass intended device-res...
GLSA-201402-05 : Banshee: Arbitrary code execution
The remote host is affected by the vulnerability described in GLSA-201402-05 Banshee: Arbitrary code execution Banshee places a zero-length directory name in PATH, which allows libraries to be loaded from the working directory. Impact : A local attacker could put specially crafted library into...