207 matches found
GNU Bash Local Command Execution Vulnerability
GNU Bash is a shell command language interpreter written by American software developer Brian J. Fox for the GNU Project, which runs on Unix-like operating systems the default shell for Linux systems and is capable of reading from, and executing commands from, a standard input device or file, as...
Dropbear SSH Format String Vulnerability
Dropbear is a relatively small SSH server and client. Dropbear SSH suffers from a format string vulnerability that allows an attacker to execute arbitrary code within the context of the application...
TYPO3 Frontend User Registration Remote Command Execution Vulnerability
TYPO3 is a free and open source content management system. A remote command execution vulnerability exists in TYPO3 Frontend User Registration. A remote attacker could exploit the vulnerability to execute arbitrary code within the context of the application. A successful attack would corrupt the...
Foxit Reader and PhantomPDF Remote Command Execution Vulnerability
Foxit Reader is China's Foxit Foxit Software Corporation produced a small PDF document viewing and printing program, PhantomPDF is a commercial version. A remote command execution vulnerability exists in Foxit Reader and PhantomPDF that could be exploited to allow an attacker to execute arbitrary...
ownCloud Desktop Client Local Command Injection Vulnerability
The ownCloud Desktop Client is a desktop client for connecting to OwnCloud servers. The ownCloud Desktop Client local command injection vulnerability allows an attacker to exploit the vulnerability to execute arbitrary script code in the context of an affected application...
ownCloud Arbitrary File Read Vulnerability
OwnCloud is a free and open source personal cloud storage solution from German company OwnCloud. The solution offers file management, music storage, calendars and more. A security vulnerability exists in ownCloud. A remote attacker can exploit the vulnerability to read arbitrary files in the...
Kaspersky Internet Security for Mac Memory Corruption Vulnerability
Kaspersky Internet Security is a suite of security software that combines antivirus and firewall features. Kaspersky Internet Security for Mac suffers from a memory corruption vulnerability that could be exploited by an attacker to execute arbitrary code in the context of an application...
Apple QuickTime Memory Corruption Vulnerability (CNVD-2015-04260)
Apple QuickTime is a popular multimedia player. A vulnerability in Apple QuickTime's handling of special movie files allows remote attackers to construct malicious files that can be tricked into being parsed by an application, which can execute arbitrary code in the application context...
SQL Buddy 'page' Parameter Directory Traversal Vulnerability
SQL Buddy is a nice lightweight ajax database management tool. A directory traversal vulnerability exists in SQL Buddy. A remote attacker can exploit this vulnerability by sending a specially crafted request with the directory traversal character '...' A remote attacker can exploit this...
Telerik Analytics Monitor Library Search Path Vulnerability
Telerik Analytics Monitor Library is a library for third-party application analytics services to collect information about applications. A search path vulnerability in Telerik Analytics Monitor Library allows local attackers to exploit the vulnerability to execute in the context of an application...
SYNCK GRAPHICA Download Log CGI Directory Traversal Vulnerability
A directory traversal vulnerability in the SYNCK GRAPHICA Download Log CGI allows remote attackers to overwrite arbitrary files in an application context using a directory traversal sequence with a specially crafted request '... /' to overwrite arbitrary files in the context of an application...
Adobe Flash Player Double Release Remote Code Execution Vulnerability
Adobe Flash Player is a widely used, proprietary multimedia program player. A security vulnerability exists in Adobe Flash Player that could be exploited by remote attackers to execute arbitrary code within the context of an affected application or to launch a denial-of-service attack...
IBM Tivoli Monitoring Remote Command Execution Vulnerability
IBM Tivoli Monitoring is used to provide monitoring features of basic system resources to detect system bottlenecks and potential problems. A remote command execution vulnerability exists in IBM Tivoli Monitoring, which can be exploited by an attacker to execute arbitrary commands in the context ...
Condor Arbitrary Code Execution Vulnerability
The Condor Project is a program that develops, implements, deploys, and evaluates mechanisms and strategies to support High Throughput Computer Technology HTC. An arbitrary code execution vulnerability exists in Condor that can be exploited by an attacker to execute arbitrary code in the context ...
AdaptCMS Arbitrary File Upload Vulnerability
AdaptCMS is a content management system. An arbitrary file upload vulnerability exists in AdaptCMS that could be exploited by an attacker to upload arbitrary files to an affected computer, which could result in the execution of arbitrary code within the context of the application...
paul smith computer services vcap calendar server 1.9 - Directory Traversal vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/19958/info vCAP Calendar Server is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from the...
Firebug 1.03 Rep.JS Script Code Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/23349/info Firebug is prone to a script-code-injection vulnerability because it fails to adequately escape user-supplied data. An attacker can exploit this issue to execute arbitrary script code in the context of the...
TeraCopy 2.3 (default.mo) Language File Integer Overflow Vulnerability
No description provided by source. ?!J:\Perl\bin\perl.exe TeraCopy 2.3 default.mo Language File Integer Overflow Vulnerability Vendor: Code Sector Product web page: http://www.codesector.com Affected version: 2.27 and 2.3 beta 2 Summary: TeraCopy is designed to copy and move files at the maximum...
White_Dune 0.29beta791 Multiple Local Code Execution Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/27102/info WhiteDune is affected by a format-string vulnerability and a buffer-overflow vulnerability. Exploiting these issues can allow local attackers to execute arbitrary code in the context of the application. Version...
Ziggurrat Farsi CMS 'bck' Parameter Directory Traversal Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/39534/info Ziggurat Farsi CMS is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue will allow an attacker to view arbitrary files within the...