CVE-2017-11459

SAP TREX 7.10 allows remote attackers to 1 read arbitrary files via an fget command or 2 write to arbitrary files and consequently execute arbitrary code via an fdir command, aka SAP Security Note 2419592...

The vulnerability of the Android operating system, allowing a hacker to execute arbitrary code

The vulnerability of the Android operating system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

Buffer overflow

An FR-GV-202 issue in FreeRADIUS 2.x before 2.2.10 allows "Write overflow in radcoalesce" - this allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code...

CVE-2017-10979

An FR-GV-202 issue in FreeRADIUS 2.x before 2.2.10 allows "Write overflow in radcoalesce" - this allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code...

CVE-2017-10979

An FR-GV-202 issue in FreeRADIUS 2.x before 2.2.10 allows "Write overflow in radcoalesce" - this allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code...

CVE-2017-10979

An FR-GV-202 issue in FreeRADIUS 2.x before 2.2.10 allows "Write overflow in radcoalesce" - this allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code...

CVE-2017-10984

An FR-GV-301 issue in FreeRADIUS 3.x before 3.0.15 allows "Write overflow in data2vpwimax" - this allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code...

CVE-2017-10984

An FR-GV-301 issue in FreeRADIUS 3.x before 3.0.15 allows "Write overflow in data2vpwimax" - this allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code...

CVE-2017-10979

An FR-GV-202 issue in FreeRADIUS 2.x before 2.2.10 allows "Write overflow in radcoalesce" - this allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code...

CVE-2016-6793

The DiskFileItem class in Apache Wicket 6.x before 6.25.0 and 1.5.x before 1.5.17 allows remote attackers to cause a denial of service infinite loop and write to, move, and delete files with the permissions of DiskFileItem, and if running on a Java VM before 1.3.1, execute arbitrary code via a...

CVE-2017-10994

Foxit Reader before 8.3.1 and PhantomPDF before 8.3.1 have an Arbitrary Write vulnerability, which allows remote attackers to execute arbitrary code via a crafted document...

CVE-2017-9920

IrfanView version 4.44 32bit with TOOLS Plugin 4.50 might allow attackers to cause a denial of service or execute arbitrary code via a crafted file, related to "Data from Faulting Address controls Branch Selection starting at ntdll77df0000!LdrpResSearchResourceInsideDirectory+0x000000000000029e."...

CVE-2017-9878

IrfanView version 4.44 32bit with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "Read Access Violation on Control Flow starting at FPX!FPXGetScanDevicePropertyGroup+0x000000000000c99a."...

CVE-2017-9530

IrfanView version 4.44 32bit might allow attackers to cause a denial of service or execute arbitrary code via a crafted file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at...

Design/Logic Flaw

IrfanView version 4.44 32bit with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "Read Access Violation on Control Flow starting at FPX!GetPlugInInfo+0x0000000000012bf2."...

Code injection

IrfanView version 4.44 32bit with TOOLS Plugin 4.50 might allow attackers to cause a denial of service or execute arbitrary code via a crafted file, related to "Data from Faulting Address controls Branch Selection starting at ntdll77df0000!LdrpCompareResourceNamesU+0x0000000000000062."...

CVE-2017-9919

IrfanView version 4.44 32bit with TOOLS Plugin 4.50 might allow attackers to cause a denial of service or execute arbitrary code via a crafted file, related to "Data from Faulting Address controls Branch Selection starting at ntdll77df0000!LdrpResCompareResourceNames+0x0000000000000087."...

GNU C Library: Multiple vulnerabilities

Background The GNU C library is the standard C library used by Gentoo Linux systems. Description Multiple vulnerabilities have been discovered in the GNU C Library. Please review the CVE identifiers and Qualys’ security advisory referenced below for details. Impact An attacker could possibly...

Ubuntu: Security Advisory (USN-3319-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mozilla Thunderbird Security Advisories (MFSA2017-17, MFSA2017-17) - Windows

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...