59 matches found
CVE-2015-5466
CVE-2015-5466 affects Silicon Integrated Systems’ XGI VGA Display Manager (XGI VGA Display Manager) version 6.14.10.1090 on Windows XP SP3. A vulnerability in the xrvkp module allows an attacker to perform an arbitrary write (write-what-where) via IOCTL 0x96002404, enabling privilege escalation b...
CVE-2015-5466
Silicon Integrated Systems XGI WindowsXP Display Manager aka XGI VGA Driver Manager and VGA Display Manager 6.14.10.1090 allows local users to gain privileges via a crafted 0x96002404 IOCTL call...
Legrand BTicino Driver Manager F454 1.0.51 - Cross-Site Request Forgery / Cross-Site Scripting
Exploit for php platform in category web applications input type="hidden" name="password2" value="newpass1...
Legrand BTicino Driver Manager F454 1.0.51 Authenticated Stored XSS Exploit
Summary Audio/video web server for the remote control of the system using web pages or the MY HOME portal. The device can operate as a gateway for the use of the MHVisual and Virtual Configurator software - 6 DIN modules. It replaces item F453 and F453AV. Description The application suffers from ...
Arbitrary Code Execution
Oracle Java SE is vulnerable to arbitrary code execution attacks. Remote unauthenticated attackers could execute arbitrary code via unspecified vectors involving reflection, Libraries, "improper toString calls," and the JDBC driver manager...
DEBIAN-CVE-2018-7409
In unixODBC before 2.3.5, there is a buffer overflow in the unicodetoansicopy function in DriverManager/info.c...
UBUNTU-CVE-2018-7409
In unixODBC before 2.3.5, there is a buffer overflow in the unicodetoansicopy function in DriverManager/info.c...
CVE-2015-5465
CVE-2015-5465 affects Silicon Integrated Systems Windows XP Display Manager (6.14.10.3930). The vulnerability is a privilege-escalation in the srvkp driver (srvkp.sys) triggered via crafted IOCTL calls 0x96002400 and 0x96002404, enabling memory corruption/write-what-where and potentially arbitrar...
OpenJDK: JDBC driver manager improper toString calls (CanSecWest 2013, Libraries, 8009814)
The Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to execute arbitrary code via unspecified vectors involving reflection, Libraries, "improper toString calls," and the JDBC driver manager, as demonstrated by James...
Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x, SL6.x i386/x86_64 (20130424)
Multiple flaws were discovered in the font layout engine in the 2D component. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption. CVE-2013-1569, CVE-2013-2383, CVE-2013-2384 Multiple improper permission check issues were...
OpenJDK: JDBC driver manager improper toString calls (CanSecWest 2013, Libraries, 8009814)
The Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to execute arbitrary code via unspecified vectors involving reflection, Libraries, "improper toString calls," and the JDBC driver manager, as demonstrated by James...
RHEL 6 : java-1.7.0-openjdk (RHSA-2013:0751)
Updated java-1.7.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...
CentOS 5 : java-1.7.0-openjdk (CESA-2013:0752)
Updated java-1.7.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...
OpenJDK: JDBC driver manager improper toString calls (CanSecWest 2013, Libraries, 8009814)
The Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to execute arbitrary code via unspecified vectors involving reflection, Libraries, "improper toString calls," and the JDBC driver manager, as demonstrated by James...
Critical: Red Hat Security Advisory: java-1.7.0-openjdk security update
Updated java-1.7.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...
OpenJDK: JDBC driver manager improper toString calls (CanSecWest 2013, Libraries, 8009814)
The Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to execute arbitrary code via unspecified vectors involving reflection, Libraries, "improper toString calls," and the JDBC driver manager, as demonstrated by James...
Design/Logic Flaw
The Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to execute arbitrary code via unspecified vectors involving reflection, Libraries, "improper toString calls," and the JDBC driver manager, as demonstrated by James...
CVE-2013-1488
The Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to execute arbitrary code via unspecified vectors involving reflection, Libraries, "improper toString calls," and the JDBC driver manager, as demonstrated by James...
CVE-2013-1488
The Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to execute arbitrary code via unspecified vectors involving reflection, Libraries, "improper toString calls," and the JDBC driver manager, as demonstrated by James...