CVE-2021-30837

A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 15 and iPadOS 15, watchOS 8, tvOS 15. An application may be able to execute arbitrary code with kernel privileges...

CVE-2021-29364

A buffer overflow vulnerability in Formats!ReadRASW+0x1001 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file...

Input validation

Multiple vulnerabilities in Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities are due to insufficient validation of certain elements of a Webex recording that is stored i...

Memory corruption

A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.6. An application may be able to execute arbitrary code with kernel privileges...

Memory corruption

A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. An application may be able to execute arbitrary code with kernel privileges...

Privilege escalation

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or...

CVE-2020-15673

Mozilla developers reported memory safety bugs present in Firefox 80 and Firefox ESR 78.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 81, Thunderbi...

CVE-2019-8798

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to execute arbitrary code with system privileges...

CVE-2019-3726

An Uncontrolled Search Path Vulnerability is applicable to the following: Dell Update Package DUP Framework file versions prior to 19.1.0.413, and Framework file versions prior to 103.4.6.69 used in Dell EMC Servers. Dell Update Package DUP Framework file versions prior to 3.8.3.67 used in Dell...

[SECURITY] [DLA 1886-1] openjdk-7 security update

Package : openjdk-7 Version : 7u231-2.6.19-1deb8u1 CVE ID : CVE-2019-2745 CVE-2019-2762 CVE-2019-2769 CVE-2019-2816 Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in denial of service, sandbox bypass, information disclosure or the...

CVE-2018-20879

cPanel before 74.0.8 allows demo accounts to execute arbitrary code via the Fileman::viewfile API SEC-444...

Ubuntu: Security Advisory (USN-4065-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Update for Microsoft Office 2013 (KB4464543) 32-Bit Edition

A security vulnerability exists in Microsoft Office 2013 32-Bit Edition that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that vulnerability...

Arbitrary Code Execution

java is vulnerable to arbitrary code execution. The vulnerability exists through RMI...

[ASA-201902-7] libu2f-host: arbitrary code execution

Arch Linux Security Advisory ASA-201902-7 ========================================= Severity: High Date : 2019-02-11 CVE-ID : CVE-2018-20340 Package : libu2f-host Type : arbitrary code execution Remote : No Link : https://security.archlinux.org/AVG-884 Summary ======= The package libu2f-host befo...

Asustor ADM Command Injection (CVE-2018-11510)

A remote command injection vulnerability exists in Asustor ADM. Successful exploitation would allow an attacker to execute arbitrary code on the target machine...

Memory corruption

Memory safety bugs were reported in Firefox 57. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox 58...

CVE-2018-7497

In Advantech WebAccess versions V8.220170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, several untrusted pointer dereference vulnerabilities have been identified...

Design/Logic Flaw

Absolute Computrace Agent V80.845 and V80.866 does not have a digital signature for the configuration block, which allows attackers to set up communication with a web site other than the intended search.namequery.com site by modifying data within a disk's inter-partition space. This allows a...

CVE-2018-1295

In Apache Ignite 2.3 or earlier, the serialization mechanism does not have a list of classes allowed for serialization/deserialization, which makes it possible to run arbitrary code when 3-rd party vulnerable classes are present in Ignite classpath. The vulnerability can be exploited if the one...