CVE-2017-7010

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "libxml2" component. It allows remote...

Buffer Overflow Vulnerability in Multiple Flexense Products

Flexense SyncBreeze Enterprise Client, Disk Sorter Enterprise Clien, and DiskBoss Enterprise Client are all products of Flexense Corporation, USA.Sync Breeze Enterprise Client is Sync Breeze Enterprise Client is a file synchronization solution; Disk Sorter Enterprise Clien is a file classificatio...

Blue Coat ProxyClient Installed (Mac OS X)

Binary data macosxbluecoatproxyclientinstalled.nbin...

The vulnerability of the PHP interpreter, which allows a malicious attacker to trigger a service failure

The cdfreadpropertyinfo function in the cdf.c library of the Fileinfo component of the PHP interpreter has a vulnerability that allows a malicious actor to trigger a service denial using a specially created CDF file...

jq: heap-buffer-overflow in tokenadd() function

A heap-based buffer overflow flaw was found in jq's tokenadd function. By tricking a victim into processing a specially crafted JSON file, an attacker could use this flaw to crash jq or, potentially, execute arbitrary code on the victim's system...

jq: heap-buffer-overflow in tokenadd() function

A heap-based buffer overflow flaw was found in jq's tokenadd function. By tricking a victim into processing a specially crafted JSON file, an attacker could use this flaw to crash jq or, potentially, execute arbitrary code on the victim's system...

libxml2: out-of-bounds memory access when parsing an unclosed HTML comment

It was discovered that libxml2 could access out-of-bounds memory when parsing unclosed HTML comments. A remote attacker could provide a specially crafted XML file that, when processed by an application linked against libxml2, could cause the application to disclose heap memory contents...

Amazon Linux AMI : grep (ALAS-2015-598)

An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way grep parsed large lines of data. An attacker able to trick a user into running grep on a specially crafted data file could use this flaw to crash grep or, potentially, execute arbitrary code with the privilege...

grep: Integer overflow leading to heap-based buffer-overflow when reading large lines

An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way grep parsed large lines of data. An attacker able to trick a user into running grep on a specially crafted data file could use this flaw to crash grep or, potentially, execute arbitrary code with the privilege...

CVE-2014-8390

Multiple buffer overflows in Schneider Electric VAMPSET before 2.2.168 allow local users to gain privileges via malformed disturbance-recording data in a 1 CFG or 2 DAT file...

Multiple Cross-Site Scripting Vulnerabilities in amMap

amMap is a map component developed by amCharts. Version 2.6.3 of amMap contains multiple cross-site scripting vulnerabilities that allow remote attackers to inject arbitrary web script or HTML via the datafile or settingsfile parameter of ammapswf...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in amMap 2.6.3 allow remote attackers to inject arbitrary web script or HTML via the 1 datafile or 2 settingsfile parameter to ammap.swf, or 3 the datafile parameter to amtimeline.swf...

HP HP-UX <= 10.34 rlpdaemon Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/150/info A number of vulnerabilities exist in Hewlett Packard's rlpdaemon under HPUX 9.x and 10.x. These vulnerabilities may allow for a remote attacker to access the system under the lp user account, as well as execute...

X.Org xorg-x11-xfs <= 1.0.2-3.1 - Local Race Condition Exploit

No description provided by source. !/bin/sh Xorg-x11-xfs Race Condition Vuln local root exploit CVE-2007-3103 Another lame xploit by vl4dZ : works on redhat el5 and before $ id uid=1001kecos gid=1001user groups=1001user $ sh xfs-RaceCondition-root-exploit.sh Generate large data file in...

Oracle Identity Analytics Detection

Binary data oracleidentityanalyticsdetect.nbin...

UBUNTU-CVE-2014-1604

The parser cache functionality in parsergenerator.py in RPLY aka python-rply before 0.7.1 allows local users to spoof cache data by pre-creating a temporary rply-.json file with a predictable name...

PicketBox: Insecure storage of masked passwords

PicketBox, as used in Red Hat JBoss Enterprise Application Platform before 6.1.1, allows local users to obtain the admin encryption key by reading the Vault data file...

Shop7z online shopping system v1. 4 vulnerability-vulnerability warning-the black bar safety net

File dataname. asp pathback=LCaserequest. servervariables"QUERYSTRING" if instrpathback,"insert"0 or instrpathback,"update"0 or instrpathback,"delete"0 or instrpathback,""0 or instrpathback,"'"0 or instrpathback," or "0 or instrpathback,"replace"0 or instrpathback,"eval"0 then response. write...

PicketBox: Insecure storage of masked passwords

PicketBox, as used in Red Hat JBoss Enterprise Application Platform before 6.1.1, allows local users to obtain the admin encryption key by reading the Vault data file...

Input validation

PicketBox, as used in Red Hat JBoss Enterprise Application Platform before 6.1.1, allows local users to obtain the admin encryption key by reading the Vault data file...