Privilege escalation

An elevation of privilege vulnerability in the MediaTek power driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A...

Code injection

In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code...

Design/Logic Flaw

An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause...

CVE-2017-0464

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions:...

Privilege escalation

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions:...

CVE-2016-4390

The CVE-2016-4390 entry relates to HPE KeyView’s Filter SDK (versions 10.18–10.24). A remote code execution vulnerability exists in this component, allowing an attacker to run arbitrary code on a vulnerable system via unspecified vectors. Several connected CNVD entries corroborate the existence o...

CVE-2016-2838

CVE-2016-2838: A heap-based buffer overflow in Mozilla Firefox's nsBidi::BracketData::AddOpening function (affecting Firefox before 48.0 and Firefox ESR 45.x before 45.3) can be triggered by directional content in an SVG document, potentially allowing remote code execution. The vulnerability is c...

Memory corruption

Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service memory corruption via unspecified vectors, a different vulnerability than CVE-2016-4172,...

Memory corruption

Bluetooth in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service memory corruption via a crafted app, a different vulnerability than CVE-2016-1735...

CVE-2016-0973

Use-after-free vulnerability in the URLRequest object implementation in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before...

Heap overflow

Heap-based buffer overflow in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute...

Cogent Real-Time Systems Vulnerabilities

Overview Dillon Beresford of Cimation has identified four vulnerabilities in the Cogent Real-Time Systems DataHub application. Cogent has produced an update that mitigates these vulnerabilities. These vulnerabilities could be exploited remotely. Affected Products Cogent Real-Time Systems reports...

CVE-2012-5279

Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600...

Scientific Linux Security Update : gnome-vfs2 on SL3.x, SL4.x i386/x86_64

A buffer overflow flaw was discovered in the GNOME virtual file system when handling data returned by CDDB servers. If a user connected to a malicious CDDB server, an attacker could use this flaw to execute arbitrary code on the victim's machine. CVE-2005-0706 All running GNOME sessions must be...

2 Buffer Overflows in Wireless Manager Sony VAIO

Advisory ID: HTB23063 Product: Wireless Manager Sony VAIO Vendor: Sony Computers Vulnerable Versions: 4.0.0.0 and probably prior Tested Version: 4.0.0.0 Vendor Notification: 7 December 2011 Vendor Patch: 20 January 2012 Public Disclosure: 30 May 2012 Vulnerability Type: Buffer Overflow CVE...

CVE-2011-3442

The kernel in Apple iOS before 5.0.1 does not ensure the validity of flag combinations for an mmap system call, which allows local users to execute arbitrary unsigned code via a crafted app...

CVE-2010-4307

Buffer overflow in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code via unspecified vectors...

CVE-2011-0310

Buffer overflow in IBM WebSphere MQ 7.0 before 7.0.1.4 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted header field in a message...

EnjoySAP SAP GUI - ActiveX Control Buffer Overflow (Metasploit)

$Id: enjoysapguipreparetoposthtml.rb 9525 2010-06-15 07:18:08Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

SystemTap 1.0/1.1 - '__get_argv()' / '__get_compat_argv()' Local Memory Corruption

source: https://www.securityfocus.com/bid/38120/info SystemTap is prone to multiple local memory-corruption vulnerabilities. An attacker may exploit these issues to execute arbitrary code with SYSTEM privileges. Failed exploit attempts will result in a denial of service. SystemTap 1.1 is...