6840 matches found
mystem-wrapper Remote Code Execution Vulnerability
mystem-wrapper is a package for installing the Yandex mystem application. A security vulnerability exists in mystem-wrapper that originates when the program downloads an executable file over an unencrypted HTTP connection. A remote attacker could exploit the vulnerability by intercepting the...
Herbivore Remote Code Execution Vulnerability
herbivore is a set of open source packet sniffing tools. A security vulnerability exists in herbivore that originates when the program downloads an executable file over an unencrypted HTTP connection. A remote attacker can exploit the vulnerability by intercepting the response and replacing the...
phantomjs-cheniu remote code execution vulnerability
phantomjs-cheniu is a headless Webkit script with JavaScript API. A security vulnerability exists in phantomjs-cheniu, which originates when the program downloads an executable file over an unencrypted HTTP connection. A remote attacker can exploit the vulnerability by intercepting the response a...
clang-extra remote code execution vulnerability
clang-extra is a tool for installing LLVM. A security vulnerability exists in clang-extra, which originates when the program downloads an executable file over an unencrypted HTTP connection. A remote attacker can exploit the vulnerability by intercepting the response and replacing the requested...
Co-cli-installer Remote Code Execution Vulnerability
The co-cli-installer is a package for installing the co-cli command line tool. A security vulnerability exists in co-cli-installer that originates when the program downloads an executable file over an unencrypted HTTP connection. A remote attacker could exploit the vulnerability by intercepting t...
selenium-portal remote code execution vulnerability
selenium-portal is a Node.js based on the use of JavaScript to write Selenium test program tools . A security vulnerability exists in selenium-portal, which originates when the program downloads an executable file over an unencrypted HTTP connection. A remote attacker can exploit the vulnerabilit...
Haxe 3 Remote Code Execution Vulnerability
Haxe 3 is a toolkit for building cross-platform tools and frameworks. A security vulnerability exists in Haxe 3 that originates when a program downloads a binary file over an unencrypted HTTP connection. A remote attacker can exploit the vulnerability by intercepting the response and replacing th...
Unspecified vulnerability in pk-app-wonderbox
pk-app-wonderbox is an app that integrates wonderbox and pillakloud. A security vulnerability exists in pk-app-wonderbox that originates when the program downloads an executable file over an unencrypted HTTP connection. A remote attacker could exploit the vulnerability by intercepting the respons...
wixtoolset Remote Code Execution Vulnerability
wixtoolset is a set of tools for building installers for Windows applications. A security vulnerability exists in wixtoolset that originates when the program downloads an executable file over an unencrypted HTTP connection. A remote attacker could exploit the vulnerability by intercepting the...
serc.js remote code execution vulnerability
serc.js is a Selenium RC Process Wrapper A security vulnerability exists in serc.js, which originates when a program downloads an executable file over an unencrypted HTTP connection. A remote attacker can exploit the vulnerability by intercepting the response and replacing the requested executabl...
windows-seleniumjar-mirror remote code execution vulnerability
windows-seleniumjar-mirror is a package for downloading selenium jar files. A security vulnerability exists in windows-seleniumjar-mirror, which originates when a program downloads an executable file over an unencrypted HTTP connection. A remote attacker could exploit the vulnerability by...
arcanist Remote Code Execution Vulnerability
arcanist is a package for installing arcanist in phabricator. A security vulnerability exists in arcanist that originates when the program downloads an executable file over an unencrypted HTTP connection. A remote attacker can exploit the vulnerability by intercepting the response and replacing t...
USN-3686-1 file vulnerabilities
Alexander Cherepanov discovered that file incorrectly handled a large number of notes. An attacker could use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS. CVE-2014-9620 Alexander Cherepanov discovered that file incorrectly handled certain long strings. An...
CVE-2017-11672
The OPC Foundation Local Discovery Server LDS before 1.03.367 is installed as a Windows Service without adding double quotes around the opcualds.exe executable path, which might allow local users to gain privileges...
Design/Logic Flaw
The OPC Foundation Local Discovery Server LDS before 1.03.367 is installed as a Windows Service without adding double quotes around the opcualds.exe executable path, which might allow local users to gain privileges...
CVE-2017-11672
The OPC Foundation Local Discovery Server LDS before 1.03.367 is installed as a Windows Service without adding double quotes around the opcualds.exe executable path, which might allow local users to gain privileges...
CVE-2018-5173
The filename appearing in the "Downloads" panel improperly renders some Unicode characters, allowing for the file name to be spoofed. This can be used to obscure the file extension of potentially executable files from user view in the panel. Note: the dialog to open the file will show the full,...
CVE-2017-7821
A vulnerability where WebExtensions can download and attempt to open a file of some non-executable file types. This can be triggered without specific user interaction for the file download and open actions. This could be used to trigger known vulnerabilities in the programs that handle those...
CVE-2017-7821
A vulnerability where WebExtensions can download and attempt to open a file of some non-executable file types. This can be triggered without specific user interaction for the file download and open actions. This could be used to trigger known vulnerabilities in the programs that handle those...
CVE-2017-7761
The Mozilla Maintenance Service "helper.exe" application creates a temporary directory writable by non-privileged users. When this is combined with creation of a junction a form of symbolic link, protected files in the target directory of the junction can be deleted by the Mozilla Maintenance...