DEBIAN-CVE-2018-1084

corosync before version 2.4.4 is vulnerable to an integer overflow in exec/totemcrypto.c...

Integer overflow

corosync before version 2.4.4 is vulnerable to an integer overflow in exec/totemcrypto.c...

CVE-2018-1084

corosync before version 2.4.4 is vulnerable to an integer overflow in exec/totemcrypto.c...

CVE-2018-1084

corosync before version 2.4.4 is vulnerable to an integer overflow in exec/totemcrypto.c...

CVE-2018-1084

corosync before version 2.4.4 is vulnerable to an integer overflow in exec/totemcrypto.c...

CVE-2018-9862

util.c in runV 1.0.0 for Docker mishandles a numeric username, which allows attackers to obtain root access by leveraging the presence of an initial numeric value on an /etc/passwd line, and then issuing a "docker exec" command with that value in the -u argument, a similar issue to CVE-2016-3697...

CVE-2018-9862

util.c in runV 1.0.0 for Docker mishandles a numeric username, which allows attackers to obtain root access by leveraging the presence of an initial numeric value on an /etc/passwd line, and then issuing a "docker exec" command with that value in the -u argument, a similar issue to CVE-2016-3697...

Code injection

util.c in runV 1.0.0 for Docker mishandles a numeric username, which allows attackers to obtain root access by leveraging the presence of an initial numeric value on an /etc/passwd line, and then issuing a "docker exec" command with that value in the -u argument, a similar issue to CVE-2016-3697...

CVE-2018-4088

The CVE-2018-4088 entry maps to memory-corruption flaws in WebKit that could allow remote code execution via crafted web content in Apple platforms. Affected products include iOS before 11.2.5, macOS before 10.13.3, Safari before 11.0.3, iCloud/iTunes on Windows, tvOS before 11.2.5, and watchOS b...

Allok AVI DivX MPEG to DVD Converter 2.6.1217 - Buffer Overflow (SEH) Exploit

Exploit for windows platform in category local exploits !/usr/bin/env python Exploit Title : Allok AVI DivX MPEG to DVD Converter - Buffer Overflow SEH Date : 3/27/18 Exploit Author : wetw0rk Vulnerable Software : Allok AVI DivX MPEG to DVD Converter Vendor Homepage : http://alloksoft.com/ Versio...

Cisco IOS XE Software for Cisco 4000 Series Integrated Services Routers Privileged EXEC Mode Root Shell Access Vulnerability

A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. The vulnerability is due to the affected software improperl...

Node.js third-party modules: `fs-path` concatenates unsanitized input into exec()/execSync() commands

I would like to report command injection in fs-path. It allows to inject and execute arbitrary shell commands while performing various operations from fs-path API like copying files. Module module name: fs-path version: 0.0.24 npm page: https://www.npmjs.com/package/fs-path Module Description...

zsh buffer overflow vulnerability

zsh is an interactive command interpreter and command programming language used on Linux systems. A buffer overflow vulnerability exists in the exec.c file in versions of zsh prior to 5.0.7. An attacker could exploit this vulnerability to execute code or cause a denial of service...

MS14-066: Vulnerability in SChannel could allow remote code execution: November 11, 2014

MS14-066: Vulnerability in SChannel could allow remote code execution: November 11, 2014 INTRODUCTION The update that this article describes has been replaced by a newer update on December 9, 2014. We recommend that you install the most current security update for Windows. To install the most...

Node.js third-party modules: `whereis` concatenates unsanitized input into exec() command

I would like to report command injection in whereis It allows to inject arbitrary shell commands by trying to locate crafted filenames. Module module name: whereis version: 0.4.0 npm page: https://www.npmjs.com/package/whereis Module Description Simply get the first path to a bin on any system...

Node.js third-party modules: `macaddress` concatenates unsanitized input into exec() command

NOTE! Thanks for submitting a report! Please replace all the square sections below with the pertinent details. Remember, the more detail you provide, the easier it is for us to triage and respond quickly, so be sure to take your time filling out the report! I would like to report code injection i...

CVE-2011-3477

GEAR Software CD DVD Filter driver aka GEARAspiWDM.sys, as used in Symantec Backup Exec System Recovery 8.5 and BESR 2010, Symantec System Recovery 2011, Norton 360, and Norton Ghost, allows local users to cause a denial of service system crash via unspecified vectors...

Code injection

GEAR Software CD DVD Filter driver aka GEARAspiWDM.sys, as used in Symantec Backup Exec System Recovery 8.5 and BESR 2010, Symantec System Recovery 2011, Norton 360, and Norton Ghost, allows local users to cause a denial of service system crash via unspecified vectors...

CVE-2011-3477

GEAR Software CD DVD Filter driver aka GEARAspiWDM.sys, as used in Symantec Backup Exec System Recovery 8.5 and BESR 2010, Symantec System Recovery 2011, Norton 360, and Norton Ghost, allows local users to cause a denial of service system crash via unspecified vectors...

CVE-2011-3477

CVE-2011-3477 concerns the GEAR Software CD/DVD Filter driver (GEARAspiWDM.sys) as used in several Symantec products (Backup Exec System Recovery 8.5 and BESR 2010, System Recovery 2011, Norton 360, Norton Ghost). According to the linked records, the vulnerability enables a local attacker to caus...