The vulnerability of the console-based graphic editor ImageMagick, related to improper memory management, allows a hacker to cause a system failure or execute arbitrary code.

The vulnerability of the console-based graphic editor ImageMagick is related to improper memory handling. Exploiting this vulnerability can allow a remote attacker to cause service failures or execute arbitrary code...

The vulnerability of the openslp-dfsg package, related to memory-related errors, allows a perpetrator to cause a service failure, gain access to confidential data, or compromise its integrity.

The vulnerability of the openslp-dfsg package is related to memory-related errors. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure...

postgresql: Uncontrolled search path element in pg_dump and other client applications

A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. An attacker with a user account could use this flaw to execute code with the permissions of superuser in the database...

Adobe Acrobat Pro DC search Javascript Restrictions Bypass Vulnerability

This vulnerability allows remote attackers to bypass Javascript API restrictions on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

Adobe Acrobat Pro DC ImageConversion XPS GSUB Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Adobe Acrobat Pro DC WebLink borderWidth Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...

Memory corruption vulnerability in Adobe Acrobat and Reader (CNVD-2018-26530)

Adobe Acrobat and Reader are the United States of America Audobee Adobe company's products. The former is a set of PDF file editing and conversion tools, the latter is a set of PDF document reading software. Adobe Acrobat and Reader memory corruption vulnerabilities, attackers can control the...

Buffer Overflow Vulnerability in Adobe Acrobat and Reader

Adobe Acrobat and Reader are the United States of America Audobee Adobe company's products. The former is a set of PDF file editing and conversion tools, the latter is a set of PDF document reading software. Adobe Acrobat and Reader have a heap buffer overflow vulnerability that can be exploited ...

CVE-2018-6983

VMware Workstation 15.x before 15.0.2 and 14.x before 14.1.5 and Fusion 11.x before 11.0.2 and 10.x before 10.1.5 contain an integer overflow vulnerability in the virtual network devices. This issue may allow a guest to execute code on the host...

CVE-2018-17913

A type confusion vulnerability exists when processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior, which may allow an attacker to execute code in the context of the application...

DEBIAN-CVE-2018-14651

It was found that the fix for CVE-2018-10927, CVE-2018-10928, CVE-2018-10929, CVE-2018-10930, and CVE-2018-10926 was incomplete. A remote, authenticated attacker could use one of these flaws to execute arbitrary code, create arbitrary files, or cause denial of service on glusterfs server nodes vi...

glusterfs: glusterfs server exploitable via symlinks to relative paths

It was found that the fix for CVE-2018-10927, CVE-2018-10928, CVE-2018-10929, CVE-2018-10930, and CVE-2018-10926 was incomplete. A remote, authenticated attacker could use one of these flaws to execute arbitrary code, create arbitrary files, or cause denial of service on glusterfs server nodes vi...

PT-2018-4930 · Unknown +2 · Cfme +3

Name of the Vulnerable Software and Affected Versions: No specific software or version information is provided. Description: A code injection flaw was found in the way capacity and utilization imported control files are processed. This could allow a remote, authenticated attacker with access to t...

Code injection

LAquis SCADA Versions 4.1.0.3870 and prior, when processing project files the application fails to sanitize user input prior to performing write operations on a stack object, which may allow an attacker to execute code under the current process...

CVE-2018-6974

VMware ESXi 6.7 before ESXi670-201810101-SG, 6.5 before ESXi650-201808401-BG, and 6.0 before ESXi600-201808401-BG, Workstation 14.x before 14.1.3 and Fusion 10.x before 10.1.3 contain an out-of-bounds read vulnerability in SVGA device. This issue may allow a guest to execute code on the host...

CVE-2018-6974

VMware ESXi 6.7 before ESXi670-201810101-SG, 6.5 before ESXi650-201808401-BG, and 6.0 before ESXi600-201808401-BG, Workstation 14.x before 14.1.3 and Fusion 10.x before 10.1.3 contain an out-of-bounds read vulnerability in SVGA device. This issue may allow a guest to execute code on the host...

Foxit Reader XFA TimeField resolveNode Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

openSUSE Security Update : ghostscript (openSUSE-2018-1122)

This update for ghostscript to version 9.25 fixes the following issues : These security issues were fixed : - CVE-2018-17183: Remote attackers were be able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code bsc1109105 - CVE-2018-15909: Prevent type...

CVE-2018-15430

A vulnerability in the administrative web interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker to execute code with user-level privileges on the underlying operating system. The vulnerability is due to insufficien...

Input validation

A vulnerability in the administrative web interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker to execute code with user-level privileges on the underlying operating system. The vulnerability is due to insufficien...