EUVD-2016-7864

Malware in sbrugna...

Microsoft Office Code Execution Vulnerability (CNVD-2025-13271)

Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, etc.. A code execution vulnerability exists in Microsoft Office due to the use of incompatible types of access to...

Microsoft Excel Code Execution Vulnerability (CNVD-2025-13266)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code...

CVE-2024-20485

A vulnerability in the VPN web server of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to execute arbitrary code with root-level privileges. Administrator-level privileges are required to exploit this...

CVE-2022-28630

A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 iLO 5 firmware versions: Prior to 2.71. An unprivileged user could locally exploit this vulnerability to execute arbitrary code resulting in a complete loss of confidentiality and integrity, and a partial...

Microsoft Excel Code Execution Vulnerability (CNVD-2025-10454)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on the system...

Microsoft Word Code Execution Vulnerability (CNVD-2025-09957)

Microsoft Word is a word processing software in the Office suite of the American Microsoft Microsoft. A code execution vulnerability exists in Microsoft Word, which can be exploited by an attacker to execute arbitrary code on a system...

Mozilla -- Memory safety bugs

[email protected] reports: Memory safety bugs present in Firefox 133, Thunderbird 133, Firefox ESR 115.18, Firefox ESR 128.5, Thunderbird 115.18, and Thunderbird 128.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been...

GTKWave code execution vulnerability (CNVD-2024-36927)

GTKWave is a full-featured, GTK+-based waveform viewer from GTKWave. A code execution vulnerability exists in GTKWave version 3.3.115, which can be exploited by an attacker to potentially cause arbitrary code execution via a specially crafted fst file...

NETGEAR R6400v2 Code Execution Vulnerability

The NETGEAR R6400v2 is a router from NETGEAR. A hardware device that connects two or more networks and acts as a gateway between networks. The NETGEAR R6400v2 suffers from a code execution vulnerability that stems from the program's failure to properly filter special elements that construct code...

CVE-2022-45315

Mikrotik RouterOs before stable v7.6 was discovered to contain an out-of-bounds read in the snmp process. This vulnerability allows attackers to execute arbitrary code via a crafted packet...

Trend Micro HouseCall for Home Networks elevation of privilege vulnerability (CNVD-2021-37058)

Trend Micro HouseCall for Home Networks is a suite of home network security scanning software from Trend Micro. The software supports scanning a wide range of home network devices and identifying network risks. An elevation of privilege vulnerability exists in Trend Micro HouseCall for Home...

CVE-2017-10940

CVE-2017-10940 affects Joyent Smart Data Center before [email protected]. The Docker API flaw does not properly validate user-supplied data, enabling an attacker who can run low-privileged code to upload arbitrary files and escalate to root execution. Exp...

libwmf -- embedded GD library Use-After-Free vulnerability

Secunia reports: A vulnerability has been reported in libwmf, which can be exploited by malicious people to cause a DoS Denial of Service or compromise an application using the library. The vulnerability is caused due to a use-after-free error within the embedded GD library, which can be exploite...

ImageMagick: Filename handling vulnerability

Background ImageMagick is a collection of tools and libraries for manipulating a wide variety of image formats. Description Tavis Ormandy of the Gentoo Linux Security Audit Team has identified a flaw in the handling of filenames by the ImageMagick utilities. Impact Successful exploitation may...

MS04-009: Vulnerability in Outlook could allow code execution (828040)

The remote host is running a version of outlook that could allow Internet Explorer to execute script code in the Local Machine zone and therefore let an attacker execute arbitrary programs on this host. To exploit this bug, an attacker would need to send an special HTML message to a user of this...