Atomic Alarm Clock x86 6.3 - 'AtomicAlarmClock' Unquoted Service Path

Exploit Title: Atomic Alarm Clock x86 6.3 - 'AtomicAlarmClock' Unquoted Service Path Exploit Author: boku Date: 2020-04-17 Vendor Homepage: http://www.drive-software.com Software Link: http://www.drive-software.com/download/ataclock.exe Version: 6.3 Tested On: Windows 10 Pro 1909 32-bit...

CVE-2019-9139

DaviewIndy 8.98.7 and earlier versions have a Integer overflow vulnerability, triggered when the user opens a malformed PDF file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution...

CVE-2019-9139

DaviewIndy 8.98.7 and earlier versions have a Integer overflow vulnerability, triggered when the user opens a malformed PDF file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution...

CVE-2019-9137

DaviewIndy 8.98.7 and earlier versions have a Integer overflow vulnerability, triggered when the user opens a malformed Image file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution...

CVE-2018-15990

CVE-2018-15990 affects Adobe Acrobat and Reader; use-after-free vulnerability in various versions (2019.008.20081/20080, 2017.011.30106/30105, 2015.006.30457/30456, and earlier). Successful exploitation could lead to arbitrary code execution. The connected documents list the affected product vers...

USN-3781-1: WebKitGTK+ vulnerabilities

A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

CVE-2017-10870

CVE-2017-10870 is a memory corruption vulnerability in JustSystems products Rakuraku Hagaki (and Rakuraku Hagaki Select for Ichitaro across multiple versions) that allows arbitrary code execution when a user opens a specially crafted file. Exploitation would run with the application’s privileges....

CVE-2017-15739

IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls subsequent Write Address starting at CADIMAGE+0x00000000000042d5."...

CVE-2017-10924

IrfanView 4.44 32bit with FPX Plugin 4.47 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at FPX!FPXGetScanDevicePropertyGroup+0x000000000000a529."...

OpenText Documentum Content Server - dm_bp_transition.ebs docbase Method Arbitrary Code Execution

''' CVE Identifier: CVE-2017-7221 Vendor: OpenText Affected products: OpenText Documentum Content Server all versions Researcher: Andrey B. Panfilov Severity Rating: CVSS v3 Base Score: 8.8 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Fix: not available PoC:...

DSA-3724-1 gst-plugins-good0.10 - security update

Bulletin has no description...

Junkware Removal Tool DLL Hijacking

Hi @ll, JRT.exe see 1. is vulnerable to DLL hijacking: see and for these WELL-KNOWN and WELL-DOCUMENTED beginner's errors; 2. creates an unsafe directory "%TEMP%\jrt": see and for these WELL-KNOWN and WELL-DOCUMENTED beginner's errors! An attacker can exploit these vulnerabilities to gain arbitra...

Amazon Linux: Security Advisory (ALAS-2013-168)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Bash-CMD-Injection

GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment. Modified by JSacco - [email protected] Exploit Pack 2014 How to run: checkCVE20146271.py...

dbPowerAmp < 2.0/10.0 - Local Buffer Overflow

dbPowerAmp Buffer Overflow Vendor: Illustrate Product: dbPowerAmp Version: = 2.0/10.0 Website: http://www.dbpoweramp.com BID: 11266 CVE: CVE-2004-1569 OSVDB: 10380 11126 11127 SECUNIA: 12684 PACKETSTORM: 34531 Description: Often called the Swiss Army knife of audio, dMC can digitally rip sound fr...

Multiple ManageEngine Products 7.0 - 9.0.054 Arbitrary File Upload Vulnerability

Multiple ManageEngine Products are prone to an arbitrary-file-upload vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

RedHat Update for java-1.6.0-openjdk RHSA-2013:1014-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ThinPrint - tpfc.dll Insecure Library Loading Arbitrary Code Execution

ThinPrint - tpfc.dll Insecure Library Loading Arbitrary Code Execution // source: https://www.securityfocus.com/bid/55421/info ThinPrint is prone to a vulnerability that lets attackers execute arbitrary code. Exploiting this issue allows local attackers to execute arbitrary code with the privileg...

globalSCAPE CuteZIP Stack Buffer Overflow

Exploit for windows platform in category local exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core'...

CentOS Update for libvorbis CESA-2012:0136 centos5

Check for the Version of libvorbis OpenVAS Vulnerability Test CentOS Update for libvorbis CESA-2012:0136 centos5 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...