21 matches found
BIT-GOLANG-2020-28367 Arbitrary code execution via the go command with cgo in cmd/go
Code injection in the go command with cgo before Go 1.14.12 and Go 1.15.5 allows arbitrary code execution at build time via malicious gcc flags specified via a cgo directive...
GTKWave FST fstReaderIterBlocks2 chain_table allocation integer overflow vulnerabilities
Talos Vulnerability Report TALOS-2023-1798 GTKWave FST fstReaderIterBlocks2 chaintable allocation integer overflow vulnerabilities January 8, 2024 CVE Number CVE-2023-36915,CVE-2023-36916 SUMMARY Multiple integer overflow vulnerabilities exist in the FST fstReaderIterBlocks2 chaintable allocation...
CVE-2023-36109
Removed by vendor...
GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute code. This CVE correctly remediates the vulnerability in CVE-2014-6271...
CVE-2020-7777 Arbitrary Code Execution
This affects all versions of package jsen. If an attacker can control the schema file, it could run arbitrary JavaScript code on the victim machine. In the module description and README file there is no mention about the risks of untrusted schema files, so I assume that this is applicable. In...
CVE-2020-9656
CVE-2020-9656 affects Adobe Premiere Rush
Adobe Reader DC 2015 Security Updates (APSB18-30) - Mac OS X
Adobe Reader DC 2015 is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Out-of-bounds
An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service out-of-bounds read via a crafted app...
openSUSE: Security Advisory for mercurial (openSUSE-SU-2017:1572-1)
The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2017-0415
CVE-2017-0415 is an elevation of privilege in Android’s Mediaserver. A local attacker could exploit this to run arbitrary code with privileged process rights. Affected versions: Android 6.0, 6.0.1, 7.0, 7.1.1 (Mediaserver). The provided connected documents identify the issue but do not specify a ...
IBM i Access For Windows 7.1 Buffer Overflow
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/IBMI-CLIENT-ACCESS-BUFFER-OVERFLOW.txt Vendor: ============== www.ibm.com Product: ==================================================== IBM i Access for Windows Release 7.1 of...
IBM i Access 7.1 - Local Buffer Overflow / Code Execution
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/IBMI-CLIENT-ACCESS-BUFFER-OVERFLOW.txt Vendor: ============== www.ibm.com Product: ==================================================== IBM i Access for Windows Release 7.1 of...
IBM i Access 7.1 - Buffer Overflow Code Execution Vulnerability
IBM i Access for Windows is vulnerable to a buffer overflow. A local attacker could overflow a buffer and execute arbitrary code on the Windows PC. IBM i Access 7.1 - Buffer Overflow Code Execution Vulnerability Vendor: ============== www.ibm.com Product:...
IBM i Access 7.1 - Local Buffer Overflow Code Execution
IBM i Access 7.1 - Local Buffer Overflow Code Execution + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/IBMI-CLIENT-ACCESS-BUFFER-OVERFLOW.txt Vendor: ============== www.ibm.com Product:...
CVE-2014-0524
Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service memory corruption via unspecified vectors, a different vulnerability than CVE-2014-0522, CVE-2014-0523, and CVE-2014-0526...
RHEL 5 : flash-plugin (RHSA-2012:1203)
The remote Redhat Enterprise Linux 5 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2012:1203 advisory. The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes several...
Microsoft Office Excel Remote Code Execution Vulnerability (2640241)
This host is missing an important security update according to Microsoft Bulletin MS11-096. OpenVAS Vulnerability Test $Id: secpodms11-096.nasl 6538 2017-07-05 11:38:27Z cfischer $ Microsoft Office Excel Remote Code Execution Vulnerability 2640241 Authors: Antu Sanadi Copyright: Copyright c 2011...
EMC Autostart ftAgent Opcode 0x11 Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC AutoStart. Authentication is not required to exploit this vulnerability. The specific flaw exists in the Agent Service ftAgent.exe. The Agent Service listens on TCP port 8045 for communications...
CVE-2006-3461
CVE-2006-3461 is a heap-based buffer overflow in the PixarLog decoder of libtiff, tracked in CVE-2006-3461. Affected component: libtiff prior to 3.8.2. Impact described: context-dependent attackers could potentially execute arbitrary code. Public references in connected sources corroborate that t...
Remote file inclusion
PHP remote file inclusion vulnerability in includes/config.php in Jetbox CMS 2.1 allows remote attackers to execute arbitrary code via a URL in the relativescriptpath parameter...