64 matches found
Remote Code Execution (RCE)
post-loader is vulnerable to remote code execution. The vulnerability exists due to a lack of sanitization in an unsecure parser which allows an attacker to execute maliciously crafted script in the system...
PT-2022-13408 · Unknown · Post-Loader
Name of the Vulnerable Software and Affected Versions: post-loader versions 0.0.0 and later Description: The issue concerns the post-loader package, which is a webpack loader for blog posts written in Markdown. It is vulnerable to Arbitrary Code Execution due to the use of a markdown parser in an...
CVE-2021-38005
Use after free in loader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
Google Chrome 资源管理错误漏洞
Chrome is a simple and efficiently designed web browsing tool developed by Google. A post-release reuse vulnerability exists in the loader in versions of Google Chrome prior to 96.0.4664.45. An attacker could use this vulnerability to potentially exploit heap corruption via a crafted HTML page...
UBUNTU-CVE-2020-24742
An issue has been fixed in Qt versions 5.14.0 where QPluginLoader attempts to load plugins relative to the working directory, allowing attackers to execute arbitrary code via crafted files...
PT-2021-20430 · Siemens · Jt2Go +1
Name of the Vulnerable Software and Affected Versions: JT2Go versions prior to V13.2 Teamcenter Visualization versions prior to V13.2 Description: A vulnerability has been identified in the Tiff loader.dll library, which lacks proper validation of user-supplied data when parsing TIFF files. This...
Nvidia NVIDIA MB2 缓冲区错误漏洞
Nvidia NVIDIA MB2 is a component of Nvidia Corporation, USA. NVIDIA MB2 suffers from a buffer error vulnerability that stems from the boot loader containing a vulnerability in NVIDIA MB2, where a potential heap overflow could result in heap metadata corruption. An attacker could exploit the...
Google Chrome post-release reuse vulnerability (CNVD-2021-43405)
Chrome is a simple and efficiently designed web browsing tool developed by Google that is characterized by its simplicity and speed. A post-release reuse vulnerability exists in Loader in versions prior to Google Chrome 91.0.4472.101. No detailed vulnerability details are provided at this time...
The vulnerability of the implementation of the dynamic memory distribution function in the Grub2 operating system’s loader allows a attacker to influence the integrity, confidentiality, and accessibility of information.
The vulnerability of the implementation of the dynamic memory distribution function in the Grub2 operating system’s loader is related to integer overflow. Exploiting this vulnerability could allow an attacker to influence the integrity, confidentiality, and accessibility of information...
The vulnerability in the implementation of the read_section_as_string() function of the Grub2 operating system allows a attacker to influence data integrity or cause service failures.
The vulnerability of the readsectionasstring function in the Grub2 operating system’s loader is related to the issue of data operations going beyond the buffer boundaries. This is because the maximum length of a UINT32MAX is 1 byte. Exploiting this vulnerability could allow an attacker to influen...
Das U-Boot Buffer Overflow Vulnerability (CNVD-2019-34819)
Das U-Boot is a boot loader program mainly for embedded systems. The program supports many different computer system architectures such as PPC, ARM, AVR32, MIPS, x86, 68k, Nios and MicroBlaze. A buffer overflow vulnerability exists in Das U-Boot. An attacker could exploit this vulnerability to...
Unspecified Vulnerability in Oracle Hospitality Simphony (CNVD-2018-09086)
Oracle Hospitality Simphony provides a modern user experience that delivers relevant information to guests through smooth, real-time tiled presentations. An unspecified vulnerability exists in the Client Application Loader component in Oracle Hospitality Simphony. An attacker could exploit this...
The vulnerability of the initial loader of devices running the HTC Android operating system allows a hacker to increase their privileges.
The vulnerability of the initial loader on HTC Android devices is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...
The vulnerability of the Android operating system’s loader from the CAF repository allows a hacker to execute arbitrary code within the kernel context.
The vulnerability of the Android operating system’s loader from the CAF repository is caused by a numerical overflow. Exploiting this vulnerability allows a remote attacker to execute arbitrary code within the kernel context...
Vulnerability in the Android operating system’s loader, allowing a hacker to gain access to resources
The vulnerability in the Android operating system’s loader is related to incorrect initialization of resources. Exploiting this vulnerability can allow a remote attacker to gain access to these resources...
UBUNTU-CVE-2017-8400
In SWFTools 0.9.2, an out-of-bounds write of heap data can occur in the function pngload in lib/png.c:755. This issue can be triggered by a malformed PNG file that is mishandled by png2swf. Attackers could exploit this issue for DoS; it might cause arbitrary code execution...
The vulnerability of the Android operating system, allowing a hacker to execute arbitrary code
The vulnerability of the Qualcomm Android operating system’s loader is related to the lack of protection for service data. Exploiting this vulnerability allows a remote attacker to execute arbitrary malicious code within the loader context. This issue is considered “high” because it represents a...
The vulnerability of the Android operating system, allowing a hacker to execute arbitrary commands
The vulnerability of the initial loader of the Android operating system is related to deficiencies in access control. Exploiting this vulnerability allows a local attacker to execute arbitrary commands on the device’s modem. This issue is considered “high” because it causes continuous service...
USN-3186-1 iucode-tool vulnerability
It was discovered that iucode-tool incorrectly handled certain microcodes when using the -tr loader. If a user were tricked into processing a specially crafted microcode, a remote attacker could use this issue to cause iucode-tool to crash, resulting in a denial of service, or possibly execute...
MS07-040: Vulnerabilities in .NET Framework Could Allow Remote Code Execution (931212) (uncredentialed check)
The remote web server is running a version of the ASP.NET framework that contains multiple vulnerabilities : - A PE Loader vulnerability could allow an attacker to execute arbitrary code with the privilege of the logged-on user. - A ASP.NET NULL byte termination vulnerability could allow an...