CVE-2020-10611

Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers to execute arbitrary code due to the lack of proper validation of user-supplied data, which can result in a type confusion condition. Authentication is not required to exploit this...

Code injection

IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow a remote attacker to include arbitrary files. A remote attacker could send a specially-crafted request specify a malicious file from a remote system, which could allow the attacker to execute arbitrary code on the vulnerable server. IBM X-ForceID:...

Microsoft Windows Multiple Vulnerabilities (KB4550927)

This host is missing a critical security update according to Microsoft KB4550927 SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Denial Of Service (DoS)

TeX Live is vulnerable to Denial of Service DoS. Two heap-based buffer overflow flaws were found in the way t1lib processed Adobe Font Metrics AFM files. If a specially-crafted font file was opened by a TeX Live utility, it could cause the utility to crash or, potentially, execute arbitrary code...

Arbitrary Code Execution

openoffice.org is vulnerable to arbitrary code execution. The vulnerability exist as a heap-based buffer overflow flaw was found in the way OpenOffice.org parsed certain Microsoft Office PowerPoint files. An attacker could use this flaw to create a specially-crafted Microsoft Office PowerPoint fi...

Denial Of Service (DoS)

WebKitGTK+ is vulnerable to denial of service DoS. Due use-after-free flaws caused by vectors involving selections, malicious web content leads an application using WebKitGTK+ to crash or, potentially, execute arbitrary code with the privileges of the user running the application...

Denial Of Service (DoS)

X.Org is vulnerable to Denial of Service DoS. Due to an incorrect calculation flaw in the X.Org Render extension, a malicious, authorized client can crash the X.Org server or, potentially, execute arbitrary code with root privileges...

Arbitrary Code Execution

firefox is vulnerable to arbitrary code execution. The vulnerability exists as a web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox...

Denial Of Service (DoS)

Mozilla Firefox is vulnerable to Denial Of Service DoS. It happens due to integer overflow flaws in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox...

Arbitrary Code Execution

samba is vulnerable to arbitrary code execution. A stack buffer overflow flaw was found in the way Samba authenticates remote users. A remote unauthenticated user could trigger this flaw to cause the Samba server to crash, or execute arbitrary code with the permissions of the Samba server...

Denial Of Service (DoS)

SeaMonkey is vulnerable to denial of service DoS. A flaw was found in the handling of Javascript timed events. A malicious web page could crash the browser or possibly execute arbitrary code as the user running SeaMonkey...

CVE-2016-5280

Use-after-free vulnerability in the mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird 45.4 allows remote attackers to execute arbitrary code via bidirectional text...

Stack overflow

Amcrest cameras and NVR are vulnerable to a stack-based buffer overflow over port 37777. An authenticated remote attacker can abuse this issue to crash the device and possibly execute arbitrary code...

CVE-2019-14896

A heap-based buffer overflow vulnerability was found in the Linux kernel's Marvell WiFi chip driver. A remote attacker could cause a denial of service system crash or, possibly execute arbitrary code, when the lbsibssjoinexisting function is called after a STA connects to an AP...

CVE-2020-5344

Dell EMC iDRAC7, iDRAC8 and iDRAC9 versions prior to 2.65.65.65, 2.70.70.70, 4.00.00.00 contain a stack-based buffer overflow vulnerability. An unauthenticated remote attacker may exploit this vulnerability to crash the affected process or execute arbitrary code on the system by sending specially...

Samsung Mobile Device Type Obfuscation Vulnerability (CNVD-2020-32877)

Android is a free and open source operating system from Google based on the Linux kernel without GNU components. A type confusion vulnerability exists in Samsung mobile devices, which can be exploited by attackers to execute arbitrary code...

Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2020-1298)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-12117

An issue was discovered in ONAP SDC through Dublin. By accessing port 4001 of demo-sdc-sdc-onboarding-be pod, an unauthenticated attacker who already has access to pod-to-pod communication may execute arbitrary code inside that pod. All ONAP Operations Manager OOM setups are affected...

CVE-2019-13168

Some Xerox printers such as the Phaser 3320 V53.006.16.000 were affected by a buffer overflow vulnerability in the attributes parser of the IPP service. This would allow an unauthenticated attacker to cause a Denial of Service DoS and potentially execute arbitrary code on the device...

Heap overflow

Some Brother printers such as the HL-L8360CDW v1.20 were affected by a heap buffer overflow vulnerability as the IPP service did not parse attribute names properly. This would allow an attacker to execute arbitrary code on the device...