SUSE CVE-2006-2898

The IAX2 channel driver chaniax2 for Asterisk 1.2.x before 1.2.9 and 1.0.x before 1.0.11 allows remote attackers to cause a denial of service crash and execute arbitrary code via truncated IAX 2 IAX2 video frames, which bypasses a length check and leads to a buffer overflow involving negative...

SUSE CVE-2007-0454

Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during Windows ACL mapping...

SUSE CVE-2017-12100

An exploitable integer overflow exists in the 'multiresloadolddm' functionality of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application...

SUSE CVE-2019-6201

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution...

CVE-2022-44939

Efs Software Easy Chat Server Version 3.1 was discovered to contain a DLL hijacking vulnerability via the component TextShaping.dll. This vulnerability allows attackers to execute arbitrary code via a crafted DLL...

CVE-2022-32948

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges...

Democritus Project d8s-html Code Execution Vulnerability

Democritus Project is a collection of simple, effective, modular, well-tested and well-documented features from Democritus. A backdoor vulnerability exists in Democritus Project d8s-html version 0.1.0, which stems from the presence of a potential code execution package, democritus-urls, inserted ...

CVE-2021-40165

A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code...

Memory corruption

A memory corruption issue was addressed with improved validation. This issue is fixed in watchOS 8.6, tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations...

CVE-2022-26776

This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. An attacker may be able to cause unexpected application termination or arbitrary code execution...

Denial Of Service (DoS)

firefox is vulnerable to denial of service. The vulnerability exists due to lack of restrictions which allows an attacker to bypass permission prompts, obtain sensitive information, bypass security restrictions, or execute arbitrary code...

Slackware: Security Advisory (SSA:2016-203-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DEBIAN-CVE-2020-28607

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any o...

CVE-2021-44630

A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloudconfig/routerpost/modifyaccountpwd feature, which allows malicious users to execute arbitrary code on the system via a crafted post request...

CVE-2021-44142

An out-of-bounds heap read write vulnerability was found in Samba. Due to a boundary error when processing EA metadata while opening files in smbd within the VFS Samba module vfsfruit, a remote attacker with ability to write to file's extended attributes can trigger an out-of-bounds write and...

Adobe Acrobat and Reader Use After Free (APSB22-01: CVE-2021-44706)

A use-after-free vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

USN-5208-1: Linux kernel vulnerabilities

Nadav Amit discovered that the hugetlb implementation in the Linux kernel did not perform TLB flushes under certain conditions. A local attacker could use this to leak or alter data from other processes that use huge pages. CVE-2021-4002 It was discovered that a race condition existed in the...

Apache Log4j Message Lookup Substitution RCE (Log4Shell) (Direct Check)

Binary data apachelog4jjdnildapgeneric.nbin...

Integer overflow

An Integer Overflow exists in Accops HyWorks Windows Client prior to v 3.2.8.200. The IOCTL Handler 0x22001B in the Accops HyWorks Windows Client prior to v 3.2.8.200 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service memory corruption and OS crash via...

CVE-2021-34864

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3 49160. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...