oXygen XML Editor 21.1.1 - XML External Entity Injection

oXygen XML Editor 21.1.1 - XML External Entity Injection Exploit Title: oXygen XML Editor 21.1.1 - XML External Entity Injection Author: Pablo Santiago Date: 2019-11-13 Vendor Homepage: https://www.oxygenxml.com/ Source:https://www.oxygenxml.com/xmleditor/downloadoxygenxmleditor.html Version:...

CVE-2019-5048

A specifically crafted PDF file can lead to a heap corruption when opened in NitroPDF 12.12.1.522. With careful memory manipulation, this can lead to arbitrary code execution. In order to trigger this vulnerability, the victim would need to open the malicious file...

CVE-2019-1010308

Aquaverde GmbH Aquarius CMS prior to version 4.1.1 is affected by: Incorrect Access Control. The impact is: The access to the log file is not restricted. It contains sensitive information like passwords etc. The component is: log file. The attack vector is: open the file...

CVE-2019-1010308

Aquaverde GmbH Aquarius CMS prior to version 4.1.1 is affected by: Incorrect Access Control. The impact is: The access to the log file is not restricted. It contains sensitive information like passwords etc. The component is: log file. The attack vector is: open the file...

CVE-2018-19451

A command injection can occur for specially crafted PDF files in Foxit Reader SDK ActiveX Professional 5.4.0.1031 when using the Open File action on a Field. An attacker can leverage this to gain remote code execution...

PT-2019-18297 · Bitdefender · Bitdefender Safepay

Name of the Vulnerable Software and Affected Versions: Bitdefender SafePay version 23.0.10.34 Description: This issue allows remote attackers to execute arbitrary code on vulnerable installations. User interaction is required, where the target must visit a malicious page or open a malicious file...

glibc security, bug fix, and enhancement update

2.17-260.0.9 - Regenerate plural.c - OraBug 28806294. - Reviewed-by: Jose E. Marchesi 2.17-260.0.7 - intl: Port to Bison 3.0 - Backport of upstream gettext commit 19f23e290a5e4a82b9edf9f5a4f8ab6192871be9 - OraBug 28806294. - Reviewed-by: Patrick McGehearty 2.17-260.0.5 - Fix dbl-64/wordsize-64...

CVE-2018-11616

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Tencent Foxmail 7.2.9.115. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Yandex Browser Address Bar Spoofing Vulnerability

Yandex Browser is a browser from the Russian company Yandex. A security vulnerability exists in Yandex Browser versions prior to 16.9.0. The vulnerability can be exploited by remote attackers to spoof the contents of the address bar with the help of the window.open file...

Linux Kernel - The Huge Dirty Cow Overwriting The Huge Zero Page (2)

Linux Kernel - The Huge Dirty Cow Overwriting The Huge Zero Page 2 / The code is modified from https://www.exploit-db.com/exploits/43199/ / define GNUSOURCE include include include include include include include include include include include include define TRIESPERPAGE 20000000 define PAGESIZE...

CVE-2015-8966

arch/arm/kernel/sysoabi-compat.c in the Linux kernel before 4.4 allows local users to gain privileges via a crafted 1 FOFDGETLK, 2 FOFDSETLK, or 3 FOFDSETLKW command in an fcntl64 system call...

Linux kernel UNIX Sockets In-Flight FD Limit Security Bypass Vulnerability

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a program's failure to properly count file descriptors passed over UNIX domain sockets. A local attacker...

PT-2015-6840 · Red Hat +1 · Libreport +2

Name of the Vulnerable Software and Affected Versions: libreport versions 2.0.7 through 2.6.3 Description: The issue allows remote attackers to obtain sensitive information via unspecified vectors related to the backtrace, cmdline, environ, open fds, maps, smaps, hostname, remote, ks.cfg, or...

XCloner Wordpress/Joomla! backup Plugin v3.1.1 (Wordpress) v3.5.1 (Joomla!) Vulnerabilities

Title: XCloner Wordpress/Joomla! backup Plugin v3.1.1 Wordpress v3.5.1 Joomla! Vulnerabilities Author: Larry W. Cashdollar, @larry0 Date: 10/17/2014 Download: https://wordpress.org/plugins/xcloner-backup-and-restore/ Download:...

UBUNTU-CVE-2012-6110

bcron-exec in bcron before 0.10 does not close file descriptors associated with temporary files when running a cron job, which allows local users to modify job files and send spam messages by accessing an open file descriptor...

CVE-2012-6110

bcron-exec in bcron before 0.10 does not close file descriptors associated with temporary files when running a cron job, which allows local users to modify job files and send spam messages by accessing an open file descriptor...

WMMon 1.0 b2 Memory Character File Open File Descriptor Read Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5718/info It has been reported that wmmon is vulnerable to a leakage of open file descriptors that may result in unauthorized disclosure of kernel memory. It is allegedly possible for attackers to inherit the open file...

FreeBSD Security Advisory FreeBSD-SA-14:11.sendmail

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-14:11.sendmail Security Advisory The FreeBSD Project Topic: sendmail improper close-on-exec flag handling Category: contrib Module: sendmail Announced: 2014-06-...

FreeBSD -- sendmail improper close-on-exec flag handling

Problem Description: There is a programming error in sendmail8 that prevented open file descriptors have close-on-exec properly set. Consequently a subprocess will be able to access all open files that the parent process have open. Impact: A local user who can execute their own program for mail...

SeaMonkey < 2.24 Multiple Vulnerabilities

Binary data 8099.prm...