The vulnerability of the anti-virus software programs Quick Heal Internet Security, Quick Heal Total Security, and Quick Heal AntiVirus Pro allows a hacker to cause memory corruption.

The vulnerability of the anti-virus software programs Quick Heal Internet Security, Quick Heal Total Security, and Quick Heal AntiVirus Pro arises from an operation that goes beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause memor...

Exploit for CVE-2017-8570

PoC exploit for CVE-2017-8570. The exploit toolkit, CVE-2017-8570, is a Python script designed to generate malicious PPSX files that can deliver payloads to users. It can be used in two scenarios: delivering local payloads or remote payloads. To deliver local payloads, the script generates a...

The vulnerability of the WordPad text editor on the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the WordPad text editor on the Windows operating system is related to lack of access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code via a specially created file...

SWFTools 'readBlock()' heap buffer read vulnerability

SWFTools is a suite of open source software tools for creating and manipulating SWF files. A heap buffer read vulnerability exists in the 'readBlock' function of the lib/ttf.c file in SWFTools version 0.9.2. The vulnerability can be exploited to cause a heap buffer out-of-bounds read with the hel...

CVE-2017-9880

IrfanView version 4.44 32bit with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to "Data from Faulting Address controls Code Flow starting at FPX+0x0000000000007236."...

CVE-2017-9872

The IIIdequantizesample function in layer3.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly have unspecified other impact via a crafted audio file...

CVE-2017-8464

Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows local users or remote attackers to execute arbitrary code via a crafted .LNK fil...

ImageMagick Denial of Service Vulnerability (CNVD-2017-09695)

ImageMagick is a set of open-source image processing software from the U.S. company ImageMagick Studio. The software can read, convert and write pictures in a variety of formats. A denial of service vulnerability exists in the 'LockSemaphoreInfo' function in ImageMagick version 7.0.5-7 Q16. An...

The vulnerability of the console-based graphic editor ImageMagick, which allows a hacker to trigger a service failure

The vulnerability of the ReadJNGImage function in the ImageMagick console graphics editor’s png.c file arises from the execution of an operation outside the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause a service failure loss ...

The vulnerability of the console-based graphic editor ImageMagick, which allows a hacker to trigger a service failure

The vulnerability of the ReadEXRImage function in the exr.c file of the ImageMagick console graphics editor is caused by the execution of an operation outside the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to cause a service failure loss of access to...

The vulnerability of the Android operating system allows a perpetrator to cause the device to freeze and restart.

The vulnerability of the Mediaserver application’s libavc service in the Android operating system is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to cause the device to freeze and restart by using a specially created file...

The vulnerability of the Android operating system allows a perpetrator to cause the device to freeze and restart.

The vulnerability of the Mediaserver application’s libavc service in the Android operating system is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to cause the device to freeze and restart by using a specially created file...

CVE-2017-5047

An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer...

The vulnerability of the iOS operating system and the Mac OS X operating system allows attackers to trigger a service failure or execute arbitrary code.

The vulnerability of the FontParser component in the iOS operating system and the Mac OS X operating system arises from the execution of an operation beyond the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure memory...

Vulnerabilities of iOS and Mac OS X operating systems, which allow attackers to trigger service failures or obtain confidential information

The vulnerability of the CoreText component in iOS and Mac OS X operating systems arises from the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to obtain confidential information or cause service failures such as reading...

The vulnerability of the Android operating system, which allows a hacker to gain access to data beyond their authorized levels of permission

The vulnerability of the AOSP Messaging component in the Android operating system is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to gain access to data beyond their authorized levels of permission, using a specially crafted file...

The vulnerability of the Android operating system, which allows a hacker to trigger memory corruption

The vulnerability of the Mediaserver application in the Android operating system arises from the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to cause memory corruption during the processing of media files and data using a specially...

UBUNTU-CVE-2017-5854

base/PdfOutputStream.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service NULL pointer dereference and crash via a crafted file...

CVE-2015-8750

libdwarf 20151114 and earlier allows remote attackers to cause a denial of service NULL pointer dereference and crash via a debugabbrev section marked NOBITS in an ELF file...

MGASA-2017-0046 Updated audacious-plugins packages fix security vulnerability

Chris Evans discovered that incorrect emulation of the SPC700 audio co-processor of the Super Nintendo Entertainment System allows the execution of arbitrary code if a malformed SPC music file is opened CVE-2016-9957, CVE-2016-9958, CVE-2016-9959, CVE-2016-9960, CVE-2016-9961. These issues were...