Ubuntu: Security Advisory (USN-4157-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Adobe Acrobat and Reader Use After Free (APSB19-49: CVE-2019-8177)

A use-after-free vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Adobe Acrobat and Reader Use After Free (APSB19-49: CVE-2019-8180)

A use-after-free vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Buffer overflow

Certain D-Link products are affected by: Buffer Overflow. This affects DIR-880L 1.08B04 and DIR-895 L/R 1.13b03. The impact is: execute arbitrary code remote. The component is: htdocs/fileaccess.cgi. The attack vector is: A crafted HTTP request handled by fileacces.cgi could allow an attacker to...

CVE-2017-14948

Certain D-Link products are affected by: Buffer Overflow. This affects DIR-880L 1.08B04 and DIR-895 L/R 1.13b03. The impact is: execute arbitrary code remote. The component is: htdocs/fileaccess.cgi. The attack vector is: A crafted HTTP request handled by fileacces.cgi could allow an attacker to...

CVE-2017-14948

The CVE-2017-14948 issue affects D-Link DIR-880L (1.08B04) and DIR-895 L/R (1.13b03) due to a buffer overflow in the htdocs/fileaccess.cgi component. A crafted HTTP request where CONTENT_TYPE begins with boundary= and exceeds 256 characters can trigger a buffer overflow, potentially enabling remo...

CVE-2018-15909

It was discovered that the ghostscript .shfill operator did not properly validate certain types. An attacker could possibly exploit this to bypass the -dSAFER protection and crash ghostscript or, possibly, execute arbitrary code in the ghostscript context via a specially crafted PostScript...

Apple macOS/tvOS/iOS Multiple Memory Corruption Vulnerabilities

Description Apple macOS, TV OS, and iOS are prone to multiple memory-corruption vulnerabilities. Attackers can exploit these issues to execute arbitrary code. Failed exploit attempts may result in a denial-of-service condition. Technologies Affected Apple TV Apple iOS 10 Apple iOS 10.0.1 Apple iO...

CVE-2008-4863

Untrusted search path vulnerability in BPYinterface in Blender 2.46 allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to an erroneous setting of sys.path by the PySysSetArgv function...

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Ubuntu: Security Advisory (USN-4144-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP5 : php (EulerOS-SA-2019-1984)

According to the versions of the php packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The geticudispvaluesrcphp function in ext/intl/locale/localemethods.c in PHP before 5.3.29, 5.4.x before 5.4.30, and 5.5.x before 5.5.14 does not...

Buffer overflow

Integard Pro 2.2.0.9026 allows remote attackers to execute arbitrary code via a buffer overflow involving a long NoJs parameter to the /LoginAdmin URI...

Security Bulletin: Synthetic Playback Agent 8.1.4 is affected by multiple vulnerabilities

Summary Synthetic Playback Agent has addressed the following vulnerabilities: CVE-ID: CVE-2019-11710 CVE-ID: CVE-2019-11721 CVE-ID: CVE-2019-11711 CVE-ID: CVE-2019-11730 CVE-ID: CVE-2019-11720 CVE-ID: CVE-2019-11714 CVE-ID: CVE-2019-11725 CVE-ID: CVE-2019-11715 CVE-ID: CVE-2019-11712 CVE-ID:...

CVE-2019-6007

Integer overflow vulnerability in apng-drawable 1.0.0 to 1.6.0 allows an attacker to cause a denial of service DoS condition or execute arbitrary code via unspecified vectors...

Code injection

An access vulnerability in CA Common Services DIA of CA Technologies Client Automation 14 and Workload Automation AE 11.3.5, 11.3.6 allows a remote attacker to execute arbitrary code...

KLA11561 Multiple vulnerabilities in Mozilla Thunderbird

Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, execute arbitrary code, perform cross-site scripting attack. Below is a complete list of vulnerabilities: 1. Unspecified...

CVE-2019-15657

In eslint-utils before 1.4.1, the getStaticValue function can execute arbitrary code...

Buffer overflow

Buffer Overflow in dactetra in Delta Controls enteliBUS Manager V3.40B-571848 allows remote unauthenticated users to execute arbitrary code and possibly cause a denial of service via unspecified vectors...

CVE-2019-13221

A stack buffer overflow in the computecodewords function in stbvorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file...