CVE-2017-4915

VMware Workstation Pro/Player contains an insecure library loading vulnerability via ALSA sound driver configuration files. Successful exploitation of this issue may allow unprivileged host users to escalate their privileges to root in a Linux host machine...

Design/Logic Flaw

VMware Workstation Pro/Player contains an insecure library loading vulnerability via ALSA sound driver configuration files. Successful exploitation of this issue may allow unprivileged host users to escalate their privileges to root in a Linux host machine...

The installer of Empirical Project Monitor - eXtended may insecurely load Dynamic Link Libraries

Overview The installer of Empirical Project Monitor - eXtended provided by INFORMATION-TECHNOLOGY PROMOTION AGENCY, JAPAN IPA contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Eili Masami of Tachibana Lab. reported this vulnerability to IPA...

VMSA-2017-0009:VMware Workstation update addresses multiple security issues

VMSA-2017-0009 VMware Workstation update addresses multiple security issues VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2017-0009 VMware Security Advisory Severity: Important VMware Security Advisory Synopsis: VMware Workstation update addresses multiple security issues...

OpenJDK: untrusted extension directories search path in Launcher (JCE, 8163528)

An untrusted library search path flaw was found in the JCE component of OpenJDK. A local attacker could possibly use this flaw to cause a Java application using JCE to load an attacker-controlled library and hence escalate their privileges...

Microsoft Windows .NET Framework Remote Code Execution Vulnerability

NET Framework is a software framework developed by Microsoft. A remote code execution vulnerability exists when Microsoft .NET Framework does not properly validate input before loading libraries. An attacker could take control of an affected system by exploiting this vulnerability...

Microsoft .NET Framework Remote Code Execution Vulnerability (KB4014983)

This host is missing a critical security update according to Microsoft Security Updates KB4014983 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...

CVE-2017-3012

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an insecure library loading DLL hijacking vulnerability in the OCR plugin...

Design/Logic Flaw

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an insecure library loading DLL hijacking vulnerability in a DLL related to remote logging...

Design/Logic Flaw

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an insecure library loading DLL hijacking vulnerability in the OCR plugin...

CVE-2017-3012

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an insecure library loading DLL hijacking vulnerability in the OCR plugin...

Microsoft Skype Insecure Library Loading Vulnerability

Microsoft Skype is prone to insecure library loading vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:skype:skype";...

CVE-2016-8274

Huawei PC client software HiSuite 4.0.5.300OVE has a dynamic link library DLL hijack vulnerability; an attacker can make the system load malicious DLL files to execute arbitrary code...

Adobe Shockwave Player Privilege Escalation Vulnerability

Adobe Shockwave Player is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2017-2983

Adobe Shockwave versions 12.2.7.197 and earlier have an insecure library loading DLL hijacking vulnerability. Successful exploitation could lead to escalation of privilege...

CVE-2017-2983

Adobe Shockwave versions 12.2.7.197 and earlier have an insecure library loading DLL hijacking vulnerability. Successful exploitation could lead to escalation of privilege...

CVE-2017-5235

Rapid7 Metasploit Pro installers prior to version 4.13.0-2017022101 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer...

Adobe AIR < 22.0.0.153 RCE (APSB16-23)

Binary data 9974.prm...

Apple iCloud Code Execution And Information Disclosure Vulnerabilities - Windows

Apple iCloud is prone to multiple code execution and information disclosure vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CP...

Adobe Digital Editions Multiple Vulnerabilities (Jun 2017) - Mac OS X

Adobe Digital Edition is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:digitaleditions...