71 matches found
CVE-2018-9526
In device configuration data, there is an improperly configured setting. This could lead to remote disclosure of device location. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-112159033...
The vulnerability of the Microsoft Office software package arises from improper handling of objects in memory, allowing an attacker to execute arbitrary code.
The vulnerability of the Microsoft Office suite is related to improper handling of objects in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted file from a remote location...
CVE-2017-8803
Notepad++ 7.3.3 32-bit with Hex Editor Plugin v0.9.5 might allow user-assisted attackers to execute code via a crafted file, because of a "Data from Faulting Address controls Code Flow" issue. One threat model is a victim who obtains an untrusted crafted file from a remote location and issues...
CVE-2017-8387
STDU Viewer version 1.6.375 might allow user-assisted attackers to execute code via a crafted file. One threat model is a victim who obtains an untrusted crafted file from a remote location and issues several user-defined commands including Ctrl-+ commands...
CVE-2017-8387
STDU Viewer version 1.6.375 might allow user-assisted attackers to execute code via a crafted file. One threat model is a victim who obtains an untrusted crafted file from a remote location and issues several user-defined commands including Ctrl-+ commands...
Design/Logic Flaw
Notepad++ 7.3.3 32-bit with Hex Editor Plugin v0.9.5 might allow user-assisted attackers to execute code via a crafted file, because of a "Data from Faulting Address controls Code Flow" issue. One threat model is a victim who obtains an untrusted crafted file from a remote location and issues...
Design/Logic Flaw
STDU Viewer version 1.6.375 might allow user-assisted attackers to execute code via a crafted file. One threat model is a victim who obtains an untrusted crafted file from a remote location and issues several user-defined commands including Ctrl-+ commands...
CVE-2017-8387
STDU Viewer version 1.6.375 might allow user-assisted attackers to execute code via a crafted file. One threat model is a victim who obtains an untrusted crafted file from a remote location and issues several user-defined commands including Ctrl-+ commands...
CVE-2017-7894
WinDjView 2.1 might allow user-assisted attackers to execute code via a crafted .djvu file, because of a "User Mode Write AV near NULL" in WinDjView.exe. One threat model is a victim who obtains an untrusted .djvu file from a remote location and issues several user-defined commands...
Internet Explorer HTML Help Remote Code Execution (MS05-001) - Ver2 (CVE-2004-1043)
Microsoft Internet Explorer executes with the concept of security zones, which enables the browser to apply different security policies based on the origin of the file that is being rendered. For instance, separate restrictions may be set for remote content and for local content. As a rule,...
[SECURITY] Fedora 20 Update: rdiff-backup-1.2.8-14.fc20
rdiff-backup is a script, written in Python, that backs up one directory to another and is intended to be run periodically nightly from cron for instance. The target directory ends up a copy of the source directory, but extra reverse diffs are stored in the target directory, so you can still...
[SECURITY] Fedora 22 Update: rdiff-backup-1.2.8-14.fc22
rdiff-backup is a script, written in Python, that backs up one directory to another and is intended to be run periodically nightly from cron for instance. The target directory ends up a copy of the source directory, but extra reverse diffs are stored in the target directory, so you can still...
Claroline <= 1.7.6 (includePath) Remote Code Execution Exploit
No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo Claroline = 1.7.6 \includePath\ remote cmmnds xctn\r\n; echo by rgod [email protected]\r\n; echo site: http://retrogod.altervista.org\r\n\r\n; echo dork: \Powered by Claroline\ -demo\r\n\r\n; / works with...
IBM Notes Accepts JavaScript Tags Inside HTML Emails
The IBM Notes application installed on the remote Windows host accepts Java applet tags and JavaScript tags inside HTML emails, making it possible to load Java applets and scripts from a remote location. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid66637;...
Joomla! Component JInventory 1.23.02 - Local File Inclusion
Joomla! Component JInventory 1.23.02 - Local File Inclusion --------------------------------------------------------------------------------- Joomla Component JInventory Local File Inclusion --------------------------------------------------------------------------------- Author : Chip D3 Bi0s...
Joomla! Component JInventory 1.23.02 - Local File Inclusion
--------------------------------------------------------------------------------- Joomla Component JInventory Local File Inclusion --------------------------------------------------------------------------------- Author : Chip D3 Bi0s Group : LatinHackTeam Email & msn : [email protected] Date ...
P2GChinchilla HTTP Server 1.1.1 - Denial of Service
!/usr/bin/perl File Name :P2GChinchillaTM HTTP Server Vuln : Remote Denial Of Service Exploit Auther : Zer0 Thunder Msn : [email protected] ==------ Exploit Title: P2GChinchillaTM HTTP Server 1.1.1 Remote Denial Of Service Exploit Date: 22/01/2010 Author: Zer0 Thunder Version: v 1.1....
P2GChinchilla HTTP Server 1.1.1 - Denial of Service
P2GChinchilla HTTP Server 1.1.1 - Denial of Service !/usr/bin/perl File Name :P2GChinchillaTM HTTP Server Vuln : Remote Denial Of Service Exploit Auther : Zer0 Thunder Msn : [email protected] ==------ Exploit Title: P2GChinchillaTM HTTP Server 1.1.1 Remote Denial Of Service Exploit...
openSUSE 10 Security Update : flash-player (flash-player-3889)
The Adobe Flash Player was updated to version 7.0.70.0 on SUSE Linux 10.0 and to version 9.0.48.0 on SUSE Linux 10.1 and openSUSE 10.2 to fix several security problems : CVE-2007-3456: An input validation error has been identified in Flash Player 9.0.45.0 and earlier versions that could lead to t...
SUSE-SA:2006:053: flash-player
The remote host is missing the patch for the advisory SUSE-SA:2006:053 flash-player. Multiple input validation errors have been identified in the Macromedia Flash Player that could lead to the potential execution of arbitrary code. These vulnerabilities could be accessed through content delivered...