5334 matches found
KLA12377 Multiple vulnerabilities in Google Chrome
Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Security bypass vulnerability in ANGLE can be exploited to bypa...
Autodesk Navisworks Buffer Overflow Vulnerability (CNVD-2022-05701)
Autodesk Navisworks is a 3D model review software for architecture, engineering and construction from Autodesk, Inc. Autodesk Navisworks is vulnerable to a buffer overflow vulnerability that could be exploited by attackers to execute arbitrary code...
Google Chrome file API code execution vulnerability
Google Chrome is a web browser from Google, Inc. A security vulnerability exists in Google Chrome, which stems from post-release usage in the File API. A remote attacker could exploit this vulnerability to cause a denial of service or execute arbitrary code on the system...
FlexiHub For Windows Integer Overflow Vulnerability
FlexiHub is a shared and accessible remote device from the FlexiHub team. FlexiHub For Windows is vulnerable to an integer overflow vulnerability that could be exploited by an attacker to execute arbitrary code in kernel mode or cause a denial of service via a specially crafted I/O request packet...
CVE-2021-42980
NoMachine Cloud Server is affected by Buffer Overflow. IOCTL Handler 0x22001B in the NoMachine Cloud Server above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service memory corruption and OS crash via specially crafted I/O Request...
Z-BlogPHP arbitrary file upload vulnerability
Z-BlogPHP is an open source PHP-based blogging system from the Z-blog community.Z-BlogPHP is vulnerable to arbitrary file uploads, which can be exploited by attackers to execute arbitrary code via carefully crafted JPG files...
D-Link DIR-809 formStaticDHCP Buffer Overflow Vulnerability
D-Link DIR-809 is a dual-band router from D-Link, China. buffer overflow vulnerability exists in the fun80034d60 function in the D-Link DIR-809 formStaticDHCP, which can be exploited by attackers to submit special requests that can crash applications or execute arbitrary code...
Security Bulletin: A security vulnerability in Node.js vm2 module affects IBM Cloud Automation Manager
Summary A security vulnerability in Node.js vm2 module affects IBM Cloud Automation Manager. Vulnerability Details CVEID: CVE-2021-23449 DESCRIPTION: Node.js vm2 module could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw. By adding or...
Ubuntu: Security Advisory (USN-5165-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2824-1] firebird3.0 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2824-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler November 20, 2021 https://wiki.debian.org/LTS -...
Debian DLA-2824-1 : firebird3.0 - LTS security update
The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-2824 advisory. - An authenticated remote attacker can execute arbitrary code in Firebird SQL Server versions 2.5.7 and 3.0.2 by executing a malformed SQL statement. CVE-2017-11509 Note th...
KLA12351 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions, spoof user interface, obtain sensitive information. Below is a complete list of vulnerabilities: 1. Use aft...
CVE-2021-3918
The json-schema Node.JS library was vulnerable to prototype pollution during the validation of a JSON object. An attacker, able to provide a specially crafted JSON file for validation, could use this flaw to modify the behavior of the node program, to, for example, execute arbitrary code...
EulerOS Virtualization 2.9.0 : libX11 (EulerOS-SA-2021-2780)
According to the versions of the libX11 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code. The libX11...
EulerOS Virtualization 2.9.1 : libX11 (EulerOS-SA-2021-2744)
According to the versions of the libX11 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code. The libX11...
USN-5139-1: Linux kernel (OEM 5.10) vulnerabilities
Ilja Van Sprundel discovered that the SCTP implementation in the Linux kernel did not properly perform size validations on incoming packets in some situations. An attacker could possibly use this to expose sensitive information kernel memory. CVE-2021-3655 It was discovered that the AMD...
Privilege escalation
BEESCMS v4.0 was discovered to contain an arbitrary file upload vulnerability via the component /admin/upload.php. This vulnerability allows attackers to execute arbitrary code via a crafted image file...
CVE-2020-23572
BEESCMS v4.0 was discovered to contain an arbitrary file upload vulnerability via the component /admin/upload.php. This vulnerability allows attackers to execute arbitrary code via a crafted image file...
Buffer overflow
Buffer overflow vulnerability in framework/init.php in qinggan phpok 5.1, allows attackers to execute arbitrary code...
Cross site scripting
Cross Site Scripting XSS vulnerability in ElkarBackup 1.3.3, allows attackers to execute arbitrary code via the name parameter to the add client feature...