SUSE CVE-2015-1248

The FileSystem API in Google Chrome before 40.0.2214.91 allows remote attackers to bypass the SafeBrowsing for Executable Files protection mechanism by creating a .exe file in a temporary filesystem and then referencing this file with a filesystem:http: URL...

SUSE CVE-2016-2091

The dwarfreadciefdeprefix function in dwarfframe2.c in libdwarf 20151114 allows attackers to cause a denial of service out-of-bounds read via a crafted ELF object file...

SUSE CVE-2017-7610

The checkgroup function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted ELF file...

SUSE CVE-2017-14128

The decodelineinfo function in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service read1byte heap-based buffer over-read and application crash via a crafted ELF file...

SUSE CVE-2017-14939

decodelineinfo in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, mishandles a length calculation, which allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted ELF file, related to...

SUSE CVE-2017-15225

bfddwarf2cleanupdebuginfo in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service memory leak via a crafted ELF file...

SUSE CVE-2017-17125

nm.c and objdump.c in GNU Binutils 2.29.1 mishandle certain global symbols, which allows remote attackers to cause a denial of service bfdelfgetsymbolversionstring buffer over-read and application crash or possibly have unspecified other impact via a crafted ELF file...

SUSE CVE-2018-7643

The displaydebugranges function in dwarf.c in GNU Binutils 2.30 allows remote attackers to cause a denial of service integer overflow and application crash or possibly have unspecified other impact via a crafted ELF file, as demonstrated by objdump...

SUSE CVE-2018-15378

A vulnerability in ClamAV versions prior to 0.100.2 could allow an attacker to cause a denial of service DoS condition. The vulnerability is due to an error related to the MEW unpacker within the "unmew11" function libclamav/mew.c, which can be exploited to trigger an invalid read memory access v...

SUSE CVE-2018-17360

An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.31. a heap-based buffer over-read in bfdgetl32 in libbfd.c allows an attacker to cause a denial of service through a crafted PE file. This vulnerability can be triggered by the executabl...

SUSE CVE-2018-18310

An invalid memory address dereference was discovered in dwflsegmentreportmodule.c in libdwfl in elfutils through v0.174. The vulnerability allows attackers to cause a denial of service application crash with a crafted ELF file, as demonstrated by considernotes...

SUSE CVE-2020-15801

In Python 3.8.4, sys.path restrictions specified in a python38.pth file are ignored, allowing code to be loaded from arbitrary locations. The .pth file e.g., the python.pth file is not affected...

CVE-2023-25718

ConnectWise Control (through 22.9.10032) has a vulnerability where, after an executable is signed, additional instructions can be appended without invalidating the signature, potentially leading to an attacker-controlled executable being offered to the end user for download and execution. Connect...

CVE-2020-24307

An issue in mRemoteNG v1.76.20 allows attackers to escalate privileges via a crafted executable file. NOTE: third parties were unable to reproduce any scenario in which the claimed access of BUILTIN\Users:M is present...

Design/Logic Flaw

An issue in mRemoteNG v1.76.20 allows attackers to escalate privileges via a crafted executable file. NOTE: third parties were unable to reproduce any scenario in which the claimed access of BUILTIN\Users:M is present...

ESTsoft Alyac 安全漏洞

ESTsoft Alyac is a low-priced comprehensive security software from the Korean company ESTsoft. A security vulnerability exists in ESTsoft Alyac version 2.5.8.645, which originates from a denial-of-service vulnerability in the malware scanning function, which can be exploited by an attacker to sen...

CVE-2020-24307

CVE-2020-24307 affects mRemoteNG v1.76.20. The issue is an improper access control vulnerability that allows privilege escalation through a crafted executable file. The Packet Storm advisory confirms vulnerable version 1.76.20 and lists a fixed version: 1.76.20.24615. Exploitation notes in the pu...

CVE-2022-4258 Hima: Unquoted path vulnerabilities in HIMA PC based Software

In multiple versions of HIMA PC based Software an unquoted Windows search path vulnerability might allow local users to gain privileges via a malicious .exe file and gain full access to the system...

CVE-2022-46875

The executable file warning was not presented when downloading .atloc and .ftploc files, which can run commands on a user's computer. Note: This issue only affected Mac OS operating systems. Other operating systems are unaffected.. This vulnerability affects Firefox 108, Firefox ESR 102.6, and...

CVE-2022-46875

The executable file warning was not presented when downloading .atloc and .ftploc files, which can run commands on a user's computer. Note: This issue only affected Mac OS operating systems. Other operating systems are unaffected.. This vulnerability affects Firefox 108, Firefox ESR 102.6, and...