EulerOS 2.0 SP3 : zsh (EulerOS-SA-2018-1396)

According to the versions of the zsh package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - zsh: buffer overflow for very long fds in i1/4zi1/4+ fd syntax CVE-2014-10071 - zsh: buffer overflow when scanning very long directory paths for...

Scientific Linux Security Update : zsh on SL7.x x86_64 (20181030)

Security Fixes : - zsh: Stack-based buffer overflow in genmatchesfiles at compctl.c CVE-2018-1083 - zsh: buffer overflow for very long fds in & fd syntax CVE-2014-10071 - zsh: buffer overflow when scanning very long directory paths for symbolic links CVE-2014-10072 - zsh: NULL dereference in cd i...

7-Technologies IGSS Vulnerabilities

Overview This advisory is a follow-up to ICS-ALERT-11-080-03 7-Technologies IGSS Vulnerabilities, published on the ICS-CERT Web site on March 20, 2011. An independent researcher has identified eight vulnerabilities in 7-Technologies 7T IGSS SCADA human-machine interface HMI application. Each of t...

Scientific Linux Security Update : zsh on SL6.x i386/x86_64 (20180619)

Security Fixes : - zsh: Stack-based buffer overflow in genmatchesfiles at compctl.c CVE-2018-1083 - zsh: buffer overflow when scanning very long directory paths for symbolic links CVE-2014-10072 - zsh: buffer overrun in symlinks CVE-2017-18206 - zsh: buffer overflow in utils.c:checkmailpath can...

SUSE SLES11 Security Update : zsh (SUSE-SU-2018:1037-1)

This update for zsh fixes the following issues : - CVE-2018-1100: Fixed a buffer overflow in utils.c:checkmailpath that could lead to local arbitrary code execution bsc1089030 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory...

CVE-2017-0544

An elevation of privilege vulnerability in CameraBase could enable a local malicious application to execute arbitrary code. This issue is rated as High because it is a local arbitrary code execution in a privileged process. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1...

Hancom Office 2014 VP Local Arbitrary Code Execution Vulnerability (CNVD-2016-06354)

Hancom Office 2014 VP is a cloud storage service solution developed by Hancom Korea. Hancom Office 2014 VP suffers from a local arbitrary code execution vulnerability that could be exploited by a local attacker to execute arbitrary code in the context of the application or conduct a denial of...

Hancom Office 2014 VP Local Arbitrary Code Execution Vulnerability (CNVD-2016-06353)

Hancom Office 2014 VP is a cloud storage service solution developed by Hancom Korea. Hancom Office 2014 VP suffers from a local arbitrary code execution vulnerability that could be exploited by a local attacker to execute arbitrary code in the context of the application or conduct a denial of...

Hancom Office 2014 VP Local Arbitrary Code Execution Vulnerability (CNVD-2016-06356)

Hancom Office 2014 VP is a cloud storage service solution developed by Hancom Korea. Hancom Office 2014 VP suffers from a local arbitrary code execution vulnerability that could be exploited by a local attacker to execute arbitrary code in the context of the application or conduct a denial of...

Fedora 22 : php-ZendFramework2-2.4.8-1.fc22 (2015-16034)

Zend Framework 2.4.8 Security Update ZF2015-07: The filesystem storage adapter of Zend\Cache was creating directories with a liberal umask that could lead to local arbitrary code execution and/or local privilege escalation. This release contains a patch that ensures the directories are created...

Oracle Berkeley DB Local Arbitrary Code Execution Vulnerability (CNVD-2015-04777)

Oracle Berkeley DB is the industry-leading open source, embeddable storage engine that provides developers with a fast, reliable native database that requires no administration. A security vulnerability exists in the Oracle Berkeley DB Data Store component that can be exploited by a local attacke...

Oracle Berkeley DB Local Arbitrary Code Execution Vulnerability (CNVD-2015-04782)

Oracle Berkeley DB is the industry-leading open source, embeddable storage engine that provides developers with a fast, reliable native database that requires no administration. A security vulnerability exists in the Oracle Berkeley DB Data Store component that can be exploited by a local attacke...