Adobe Flash Player <= 25.0.0.171 Multiple Vulnerabilities (APSB17-17)

The version of Adobe Flash Player installed on the remote Windows host is equal or prior to version 25.0.0.171. It is, therefore, affected by multiple vulnerabilities : - Multiple use-after-free errors exist that allow an unauthenticated, remote attacker to execute arbitrary code. CVE-2017-3075,...

CVE-2016-7820

Buffer overflow in I-O DATA DEVICE TS-WRLP firmware version 1.01.02 and earlier and TS-WRLA firmware version 1.01.02 and earlier allows an attacker with administrator rights to cause a denial-of-service DoS or execute arbitrary code via unspecified vectors...

CVE-2016-7820

Buffer overflow in I-O DATA DEVICE TS-WRLP firmware version 1.01.02 and earlier and TS-WRLA firmware version 1.01.02 and earlier allows an attacker with administrator rights to cause a denial-of-service DoS or execute arbitrary code via unspecified vectors...

Ubuntu: Security Advisory (USN-3306-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Directory traversal

Multiple directory traversal vulnerabilities in Samsung SyncThru 6 before 1.0 allow remote attackers to delete arbitrary files via unspecified parameters to 1 upload/updateDriver or 2 upload/addDriver or to execute arbitrary code with SYSTEM privileges via unspecified parameters to 3...

CVE-2017-9111

In OpenEXR 2.2.0, an invalid write of size 8 in the storeSSE function in ImfOptimizedPixelReading.h could cause the application to crash or execute arbitrary code...

Ubuntu 14.04 LTS / 16.04 LTS : jbig2dec vulnerabilities (USN-3297-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3297-1 advisory. Bingchang Liu discovered that jbig2dec incorrectly handled memory when decoding malformed image files. If a user or automated system were...

SUSE-SU-2017:1393-1 Security update for samba

This update for samba fixes the following issue: - An unprivileged user with access to the samba server could cause smbd to load a specially crafted shared library, which then had the ability to execute arbitrary code on the server as 'root'. CVE-2017-7494, bso12780, bsc1038231...

Design/Logic Flaw

Use-after-free vulnerability in Ghostscript 9.20 might allow remote attackers to execute arbitrary code via vectors related to a reference leak in .setdevice...

CVE-2016-7978

Use-after-free vulnerability in Ghostscript 9.20 might allow remote attackers to execute arbitrary code via vectors related to a reference leak in .setdevice...

CVE-2017-9113

In OpenEXR 2.2.0, an invalid write of size 1 in the bufferedReadPixels function in ImfInputFile.cpp could cause the application to crash or execute arbitrary code...

CVE-2017-9115

In OpenEXR 2.2.0, an invalid write of size 2 in the = operator function in half.h could cause the application to crash or execute arbitrary code...

F5 Networks BIG-IP : LibTIFF vulnerability (K24923910)

The TIFFVGetField function in tifdirinfo.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service out-of-bounds write or execute arbitrary code via a crafted TIFF image. CVE-2016-3632 C Tenable Network Security, Inc. The descriptive text and package checks in this plugi...

CVE-2017-0607

An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions:...

CVE-2017-8455

Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an out-of-bounds read that allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted font in a PDF document...

Ubuntu: Security Advisory (USN-3271-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2016-2347

Integer underflow in the decodelevel3header function in lib/lhafileheader.c in Lhasa before 0.3.1 allows remote attackers to execute arbitrary code via a crafted archive...

VirtualBox - Guest-to-Host Privilege Escalation via Broken Length Handling in slirp Copy Exploit

Exploit for windows platform in category local exploits Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1086 There is a vulnerability in VirtualBox that permits an attacker with root privileges in a virtual machine with a NAT network interface to corrupt the memory of the...

CVE-2017-6554

pmmasterd in Quest Privilege Manager before 6.0.0.061, when configured as a policy server, allows remote attackers to write to arbitrary files and consequently execute arbitrary code with root privileges via an ACTNEWFILESENT action...

Format string

Format string vulnerability in GNU a2ps 4.14 allows remote attackers to execute arbitrary code...