Zoho ManageEngine AssetExplorer Code Execution Vulnerability

Zoho ManageEngine AssetExplorer is a suite of asset management software from Zoho USA. The software provides asset tracking, scanning of IT assets and tracking of asset ownership. A code execution vulnerability exists in Zoho ManageEngine AssetExplorer, which can be exploited by an attacker with ...

The vulnerability of the libld component in the library that handles system calls and core functions, glibc, allows a perpetrator to execute arbitrary code.

The vulnerability of the libld component in the library that provides system calls and core functions in glibc is related to insufficient input data validation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially crafted ELF file...

CVE-2019-13702

Inappropriate implementation in installer in Google Chrome on Windows prior to 78.0.3904.70 allowed a local attacker to perform privilege escalation via a crafted executable...

CVE-2019-13702

Inappropriate implementation in installer in Google Chrome on Windows prior to 78.0.3904.70 allowed a local attacker to perform privilege escalation via a crafted executable...

UBUNTU-CVE-2019-13702

Inappropriate implementation in installer in Google Chrome on Windows prior to 78.0.3904.70 allowed a local attacker to perform privilege escalation via a crafted executable...

chromium-browser: Privilege elevation in Installer

Inappropriate implementation in installer in Google Chrome on Windows prior to 78.0.3904.70 allowed a local attacker to perform privilege escalation via a crafted executable...

CVE-2017-5333

Integer overflow in the extractgroupiconcursorresource function in b/wrestool/extract.c in icoutils before 0.31.1 allows local users to cause a denial of service process crash or execute arbitrary code via a crafted executable file...

CVE-2017-5333

Integer overflow in the extractgroupiconcursorresource function in b/wrestool/extract.c in icoutils before 0.31.1 allows local users to cause a denial of service process crash or execute arbitrary code via a crafted executable file...

Integer overflow

Integer overflow in the extractgroupiconcursorresource function in b/wrestool/extract.c in icoutils before 0.31.1 allows local users to cause a denial of service process crash or execute arbitrary code via a crafted executable file...

CVE-2017-5332

The extractgroupiconcursorresource in wrestool/extract.c in icoutils before 0.31.1 can access unallocated memory, which allows local users to cause a denial of service process crash and execute arbitrary code via a crafted executable...

CVE-2017-5332

The extractgroupiconcursorresource in wrestool/extract.c in icoutils before 0.31.1 can access unallocated memory, which allows local users to cause a denial of service process crash and execute arbitrary code via a crafted executable...

CVE-2017-5331

Integer overflow in the checkoffset function in b/wrestool/fileread.c in icoutils before 0.31.1 allows local users to cause a denial of service process crash and execute arbitrary code via a crafted executable...

CVE-2017-5331

Integer overflow in the checkoffset function in b/wrestool/fileread.c in icoutils before 0.31.1 allows local users to cause a denial of service process crash and execute arbitrary code via a crafted executable...

CVE-2017-5333

Integer overflow in the extractgroupiconcursorresource function in b/wrestool/extract.c in icoutils before 0.31.1 allows local users to cause a denial of service process crash or execute arbitrary code via a crafted executable file...

GNU Binutils Denial of Service Vulnerability (CNVD-2019-34651)

GNU Binutils is a set of programming tools for creating and managing binary programs, object files, libraries, profile data and assembly source code. A denial of service vulnerability exists in findabstractinstance in dwarf2.c in the Binary File Descriptor BFD library used in GNU Binutils 2.32. A...

Command injection

In radare2 before 3.9.0, a command injection vulnerability exists in binsymbols in libr/core/cbin.c. By using a crafted executable file, it's possible to execute arbitrary shell commands with the permissions of the victim. This vulnerability is due to an insufficient fix for CVE-2019-14745 and...

The vulnerability of the GDB debugger’s module allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the GDB debugger’s gdb module relates to the execution of an operation outside the buffer in memory. Exploiting this vulnerability allows a perpetrator to execute arbitrary code or trigger a service failure using a specially created ELF file...

Amazon Linux 2 : libvirt (ALAS-2019-1274) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)

Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. CVE-2019-11091 Modern Intel microprocessors implement hardware-level micro-optimizations to improve the...

ALPINE-CVE-2019-10168

The virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU libvirt APIs, 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accept an "emulator" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's...

CVE-2019-10167

The virConnectGetDomainCapabilities libvirt API, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accepts an "emulatorbin" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients...