CVE-2019-17244

IrfanView 4.53 allows Data from a Faulting Address to control Code Flow starting at JPEGLS+0x0000000000001d8a...

CVE-2019-17243

CVE-2019-17243 affects IrfanView 4.53 with a memory-corruption vulnerability that allows data from a faulting address to influence code flow at JPEG_LS+0x3155. The NVD entry describes it as a memory corruption issue in IrfanView 4.53 leading to potential control of execution (crash or code flow a...

CVE-2019-16899

In Advantech WebAccess/HMI Designer 2.1.9.31, Data from a Faulting Address controls Code Flow starting at PMV3!CTagInfoThreadBase::GetNICInfo+0x0000000000512918...

CVE-2019-16899

In Advantech WebAccess/HMI Designer 2.1.9.31, Data from a Faulting Address controls Code Flow starting at PMV3!CTagInfoThreadBase::GetNICInfo+0x0000000000512918...

CVE-2019-16899

In Advantech WebAccess/HMI Designer 2.1.9.31, Data from a Faulting Address controls Code Flow starting at PMV3!CTagInfoThreadBase::GetNICInfo+0x0000000000512918...

CVE-2019-16899

CVE-2019-16899 affects Advantech WebAccess/HMI Designer 2.1.9.31. The vulnerability arises from data from a faulting address that controls code flow at PM_V3!CTagInfoThreadBase::GetNICInfo+0x0000000000512918, enabling potential denial of service. Multiple sources (NVD, Red Hat, CVE listings) conf...

CVE-2018-11971

Interrupt exit code flow may undermine access control policy set forth by secure world can lead to potential secure asset leakage in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, in MDM9206...

Dynamic Data Resolver (DDR) - IDA Plugin

This blog post was authored by Holger Unterbrink Executive Summary Static reverse-engineering in IDA can often be problematic. Certain values are calculated at run time, which makes it difficult to understand what a certain basic block is doing. But, if you try to perform dynamic analysis by...

Memory corruption

Memory corruption in PDMODELProvidePDModelHFT in pdmodel.dll in pdfforge PDF Architect 6 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact because of a "Data from Faulting Address controls Code Flow" issue...

CVE-2018-19150

Memory corruption in PDMODELProvidePDModelHFT in pdmodel.dll in pdfforge PDF Architect 6 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact because of a "Data from Faulting Address controls Code Flow" issue...

CVE-2018-19150

Memory corruption in PDMODELProvidePDModelHFT in pdmodel.dll in pdfforge PDF Architect 6 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact because of a "Data from Faulting Address controls Code Flow" issue...

Epee Levin Packet Deserialization Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in the Levin deserialization functionality of the epee library. A specially crafted network packet can cause a logic flaw, resulting in code execution. An attacker can send a packet to trigger this vulnerability. Tested Versions Monero...

CVE-2017-15257

IrfanView version 4.44 32bit with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to "Data from Faulting Address controls Code Flow starting at PDF!xmlParserInputRead+0x000000000009174a."...

Code injection

IrfanView version 4.44 32bit with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to "Data from Faulting Address controls Code Flow starting at PDF!xmlParserInputRead+0x0000000000048d0c."...

Code injection

Foxit Reader 8.3.2.25013 and earlier and Foxit PhantomPDF 8.3.2.25013 and earlier, when running in single instance mode, allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to "Data from Faulting Address controls Code Flow starting at...

CVE-2017-14297

STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to "Data from Faulting Address controls Code Flow starting at STDUJBIG2File!DllGetClassObject+0x0000000000002f35."...

CVE-2017-9899

XnView Classic for Windows Version 2.40 allows remote attackers to execute code via a crafted .fpx file, related to "Data from Faulting Address controls Code Flow starting at Xfpx!gffGetFormatInfo+0x000000000002e388."...

Code injection

XnView Classic for Windows Version 2.40 allows remote attackers to execute code via a crafted .fpx file, related to "Data from Faulting Address controls Code Flow starting at Xfpx!gffGetFormatInfo+0x0000000000020e91."...

Jsprime - A JavaScript Static Security Analysis Tool

Today, more and more developers are switching to JavaScript as their first choice of language. The reason is simple JavaScript has now been started to be accepted as the mainstream programming for applications, be it on the web or on the mobile; be it on client-side, be it on the server side...

SiS Windows VGA Display Manager 6.14.10.3930 - Write-What-Where PoC

Exploit for windows platform in category dos / poc Title: SiS Windows VGA Display Manager Multiple Privilege Escalation Publication Date: 2015.09.01 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2015-003.txt 1. Vulnerability Details Affected Vendor: Silicon Integrated...