4290 matches found
Parallels Desktop xHCI Component Input Validation Error Vulnerability
Corel Parallels Desktop is a suite of virtual machine software for the macOS platform from Corel Canada. An input validation error vulnerability exists in the xHCI component of Corel Parallels Desktop version 15.1.2-47123, which stems from the program not properly validating user-submitted data. ...
SUSE-SU-2020:14290-1 Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Firefox was updated to version 68.5.0 ESR bsc1163368. Security issues fixed: - CVE-2020-6796: Fixed a missing bounds check on shared memory in the parent process bsc1163368. - CVE-2020-6798: Fixed a JavaScript code injection issue caused ...
IBM DB2 Buffer Overflow Vulnerability (CNVD-2020-10506)
IBM DB2 is a set of relational database management system from IBM in the United States. The main execution environments for this system are UNIX, Linux, IBMi, z/OS, and Windows server versions. A buffer overflow vulnerability exists in IBM DB2 including DB2 Connect Server that originates from th...
OPENSUSE-SU-2020:0209-1 Security update for libqt5-qtbase
This update for libqt5-qtbase fixes the following issues: Security issue fixed: - CVE-2020-0569: Fixed a potential local code execution by loading plugins from CWD bsc1161167. Other issue fixed: - Fixed comboboxes not showing in correct location bsc1158667. This update was imported from the...
SUSE-SU-2020:0349-1 Security update for libqt5-qtbase
This update for libqt5-qtbase fixes the following issues: - CVE-2020-0569: Fixed a potential local code execution by loading plugins from CWD bsc1161167...
SUSE-SU-2020:0346-1 Security update for libqt5-qtbase
This update for libqt5-qtbase fixes the following issues: Security issue fixed: - CVE-2020-0569: Fixed a potential local code execution by loading plugins from CWD bsc1161167. Other issue fixed: - Fixed comboboxes not showing in correct location bsc1158667...
SUSE SLED12 / SLES12 Security Update : libqt5-qtbase (SUSE-SU-2020:0317-1)
This update for libqt5-qtbase fixes the following issues : Security issues fixed : CVE-2020-0569: Fixed a potential local code execution by loading plugins from CWD bsc1161167. CVE-2018-19870: Fixed an improper check in QImage allocation which could allow Denial of Service when opening crafted gi...
SUSE-SU-2020:0319-1 Security update for libqt5-qtbase
This update for libqt5-qtbase fixes the following issue: Security issues fixed: - CVE-2020-0569: Fixed a potential local code execution by loading plugins from CWD bsc1161167. - CVE-2018-19870: Fixed an improper check in QImage allocation which could allow Denial of Service when opening crafted g...
SUSE-SU-2020:0318-1 Security update for libqt5-qtbase
This update for libqt5-qtbase fixes the following issue: Security issue fixed: - CVE-2020-0569: Fixed a potential local code execution by loading plugins from CWD bsc1161167. - CVE-2018-19870: Fixed an improper check in QImage allocation which could allow Denial of Service when opening crafted gi...
SUSE-SU-2020:0317-1 Security update for libqt5-qtbase
This update for libqt5-qtbase fixes the following issues: Security issues fixed: - CVE-2020-0569: Fixed a potential local code execution by loading plugins from CWD bsc1161167. - CVE-2018-19870: Fixed an improper check in QImage allocation which could allow Denial of Service when opening crafted...
DEBIAN-CVE-2014-8321
Stack-based buffer overflow in the gpstracker function in airodump-ng.c in Aircrack-ng before 1.2 RC 1 allows local users to execute arbitrary code or gain privileges via unspecified vectors...
Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2019-2294)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2019-17634
Eclipse Memory Analyzer version 1.9.1 and earlier is subject to a cross site scripting XSS vulnerability when generating an HTML report from a malicious heap dump. The user must chose todownload, open the malicious heap dump and generate an HTML report for the problem to occur. The heap dump coul...
CVE-2019-18996
Path settings in HMIStudio component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier accept DLLs outside of the program directory, potentially allowing an attacker with access to the local file system the execution of code in the application’s context...
CVE-2019-4606
IBM DB2 High Performance Unload load for LUW 6.1 and 6.5 could allow a local attacker to execute arbitrary code on the system, caused by an untrusted search path vulnerability. By using a executable file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM...
PT-2019-17139 · Ibm · Ibm Db2 High Performance Unload
Name of the Vulnerable Software and Affected Versions: IBM DB2 High Performance Unload load for LUW versions 6.1 through 6.5 Description: The issue is caused by an untrusted search path vulnerability, allowing a local attacker to execute arbitrary code on the system. An attacker could exploit thi...
CVE-2019-3667
DLL Search Order Hijacking vulnerability in the Microsoft Windows client in McAfee Tech Check 3.0.0.17 and earlier allows local users to execute arbitrary code via the local folder placed there by an attacker...
McAfee Tech Check DLL Search Order Hijacking Vulnerability
McAfee Tech Check is a computer software and hardware scanning and diagnostic application from the U.S. company McAfee McAfee. McAfee Tech Check 3.0.0.17 and earlier versions contain a DLL search order hijacking vulnerability that can be exploited by a local attacker to execute arbitrary code via...
CVE-2012-1592
A local code execution issue exists in Apache Struts2 when processing malformed XSLT files, which could let a malicious user upload and execute arbitrary files...
CVE-2012-1592
A local code execution issue exists in Apache Struts2 when processing malformed XSLT files, which could let a malicious user upload and execute arbitrary files...