CVE-2019-4728

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.52, 6.0.0.0 through 6.0.3.2, and 6.1.0.0 could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data. By sending specially crafted request, an attacker could exploit this...

CVE-2020-36158

mwifiexcmd80211adhocstart in drivers/net/wireless/marvell/mwifiex/join.c in the Linux kernel through 5.10.4 might allow remote attackers to execute arbitrary code via a long SSID value, aka CID-5c455c5ab332...

CVE-2020-4928

IBM Cloud Pak System 2.3 could allow a local privileged attacker to upload arbitrary files. By intercepting the request and modifying the file extention, the attacker could execute arbitrary code on the server. IBM X-Force ID: 191705...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : libproxy vulnerability (USN-4673-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4673-1 advisory. Li Fei discovered that libproxy incorrectly handled certain PAC files. An attacker could possibly use this issue to cause a crash or execu...

CVE-2020-25066

A heap-based buffer overflow in the Treck HTTP Server component before 6.0.1.68 allows remote attackers to cause a denial of service crash/reset or to possibly execute arbitrary code...

Mozilla Firefox ESR Security Advisories (MFSA2020-54, MFSA2020-56) - Windows

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...

KLA12024 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, bypass security restrictions, execute arbitrary code. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerabili...

CVE-2020-4701

IBM DB2 for Linux, UNIX and Windows includes DB2 Connect Server 10.5, 11.1, and 11.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges...

KLA12101 Use after free vulnerability in VMware Workstation and Player

A use after free vulnerability was found in VMware Workstation and Player. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories VMSA-2020-0026 Related products VMware-Workstation VMware-Player CVE list CVE-2020-4004 critical Solution Update to the latest...

KLA12011 Multiple vulnerabilities in Mozilla Firefox ESR

Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to gain privileges, perform cross-site scripting attack, obtain sensitive information, cause denial of service, spoof user interface, execute arbitrary code, bypass security restrictions...

TP-Link Archer A7 AC1750 Command Injection Vulnerability

TP-Link Archer A7 AC1750 is a wireless router from TP-Link. tdpServer security vulnerability exists in TP-Link Archer A7 AC1750 devices before version 201029, which can be exploited by attackers to execute arbitrary code from mac parameters...

CVE-2020-3603

Cisco WebEx Network Recording Player for Windows and Cisco WebEx Player for Windows contain ARF/WRF parsing vulnerabilities that allow remote code execution. The issue stems from insufficient validation of elements within Webex recordings, enabling a malicious ARF/WRF file delivered via link or e...

CVE-2020-24433

Adobe Acrobat Reader DC versions 2020.012.20048 and earlier, 2020.001.30005 and earlier and 2017.011.30175 and earlier are affected by a local privilege escalation vulnerability that could enable a user without administrator privileges to delete arbitrary files and potentially execute arbitrary...

EulerOS 2.0 SP2 : perl-XML-LibXML (EulerOS-SA-2020-2383)

According to the version of the perl-XML-LibXML package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Use-after-free in the XML-LibXML module through 2.0129 for Perl allows remote attackers to execute arbitrary code by controlling the...

Memory corruption

IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force I...

USN-4593-2: FreeType vulnerability

USN-4593-1 fixed a vulnerability in FreeType. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Sergei Glazunov discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font...

Ubuntu: Security Advisory (USN-4595-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4593-1: FreeType vulnerability

Sergei Glazunov discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges...

Google Chrome Use After Free (CVE-2015-1209)

A use-after-free vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to cause a denial of service or execute arbitrary code on the affected system...

CVE-2020-11800

Zabbix Server 2.2.x and 3.0.x before 3.0.31, and 3.2 allows remote attackers to execute arbitrary code...