Format string

Format string vulnerability in GNU a2ps 4.14 allows remote attackers to execute arbitrary code...

CVE-2017-0106

Microsoft Excel 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outlook 2013 SP1, and Microsoft Outlook 2016 allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."...

KLA11058 Multiple vulnerabilities in Microsoft Edge and Internet Explorer

Multiple serious vulnerabilities have been found in Microsoft Internet Explorer and Microsoft Edge. Malicious users can exploit these vulnerabilities to to gain privileges, execute arbitrary code, bypass security restrictions and obtain sensitive information. Below is a complete list of...

CVE-2017-0575

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions:...

CVE-2017-0563

An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing...

CVE-2017-7565

Splunk Hadoop Connect App has a path traversal vulnerability that allows remote authenticated users to execute arbitrary code, aka ERP-2041...

Path traversal

Splunk Hadoop Connect App has a path traversal vulnerability that allows remote authenticated users to execute arbitrary code, aka ERP-2041...

CVE-2017-2449

An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service use-after-free via a crafted app...

Ubuntu: Security Advisory (USN-3249-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

VLC Media Player 'audio.c' Heap-Based Buffer Overflow Vulnerability - Windows

VLC media player is prone to a heap overflow vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2014-6440

VideoLAN VLC media player before 2.1.5 allows remote attackers to execute arbitrary code or cause a denial of service...

CVE-2015-8026

Heap-based buffer overflow in the verifyvbrchecksum function in exfatfsck in exfat-utils before 1.2.1 allows remote attackers to cause a denial of service infinite loop or possibly execute arbitrary code via a crafted filesystem...

CVE-2015-8026

Heap-based buffer overflow in the verifyvbrchecksum function in exfatfsck in exfat-utils before 1.2.1 allows remote attackers to cause a denial of service infinite loop or possibly execute arbitrary code via a crafted filesystem...

CVE-2015-8026

Heap-based buffer overflow in the verifyvbrchecksum function in exfatfsck in exfat-utils before 1.2.1 allows remote attackers to cause a denial of service infinite loop or possibly execute arbitrary code via a crafted filesystem...

Stack overflow

Multiple stack buffer overflow vulnerabilities in Jensen of Scandinavia AS Air:Link 3G AL3G version 2.23m Rev. 3, Air:Link 5000AC AL5000AC version 1.13, and Air:Link 59300 AL59300 version 1.04 Rev. 4 devices allow remote attackers to execute arbitrary code or crash the web service via the 1...

CVE-2016-6206

Huawei AR3200 routers with software before V200R007C00SPC600 allow remote attackers to cause a denial of service or execute arbitrary code via a crafted packet...

CVE-2016-6206

Huawei AR3200 routers running software before V200R007C00SPC600 are affected by an input‑validation vulnerability that allows remote attackers to cause a denial of service or execute arbitrary code via a crafted packet. Root cause is a validation flaw in the device’s handling of malformed packets...

Integer overflow

Integer overflow in the IOwstroverflow function in libio/wstrops.c in the GNU C Library aka glibc or libc6 before 2.22 allows context-dependent attackers to cause a denial of service application crash or possibly execute arbitrary code via vectors related to computing a size in bytes, which...

Adobe Flash Player Within Google Chrome Security Update (APSB17-07) - Mac OS X

Adobe Flash Player is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:flashplayerchrome"...

CVE-2015-3884

Unrestricted file upload vulnerability in the 1 myAccount, 2 projects, 3 tasks, 4 tickets, 5 discussions, 6 reports, and 7 scheduler pages in qdPM 8.3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the...