CVE-2013-0277

ActiveRecord in Ruby on Rails before 2.3.17 and 3.x before 3.1.0 allows remote attackers to cause a denial of service or execute arbitrary code via crafted serialized attributes that cause the +serialize+ helper to deserialize arbitrary YAML...

CVE-2013-0277

ActiveRecord in Ruby on Rails before 2.3.17 and 3.x before 3.1.0 allows remote attackers to cause a denial of service or execute arbitrary code via crafted serialized attributes that cause the +serialize+ helper to deserialize arbitrary YAML...

CVE-2013-0649

Use-after-free vulnerability in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 o...

CVE-2013-0170

Use-after-free vulnerability in the virNetMessageFree function in rpc/virnetserverclient.c in libvirt 1.0.x before 1.0.2, 0.10.2 before 0.10.2.3, 0.9.11 before 0.9.11.9, and 0.9.6 before 0.9.6.4 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code by...

CVE-2013-0170

CVE-2013-0170 is a use-after-free in virNetMessageFree (rpc/virnetserverclient.c) affecting libvirt 1.0.x prior to 1.0.2, 0.10.2 prior to 0.10.2.3, 0.9.11 prior to 0.9.11.9, and 0.9.6 prior to 0.9.6.4. By triggering certain errors during an RPC connection, a freed message may remain in the queue,...

CVE-2013-0170

Use-after-free vulnerability in the virNetMessageFree function in rpc/virnetserverclient.c in libvirt 1.0.x before 1.0.2, 0.10.2 before 0.10.2.3, 0.9.11 before 0.9.11.9, and 0.9.6 before 0.9.6.4 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code by...

Directory traversal

Directory traversal vulnerability in EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 allows remote authenticated users to upload files, and consequently execute arbitrary code, via a relative path...

CVE-2012-2293

Directory traversal vulnerability in EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 allows remote authenticated users to upload files, and consequently execute arbitrary code, via a relative path...

CVE-2012-1541

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs...

Design/Logic Flaw

Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX 2.2.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than other CVEs listed in the February 2013 CPU. NOTE: the previous informatio...

Buffer Overflow vulnerability in VLC media player

VideoLAN recently published a security advisory warning of a buffer overflow vulnerability in versions 2.0.5 and earlier of VLC Media Player, which might be exploited to execute arbitrary code. This vulnerability was reported by Debasish Mandal. The vulnerability is caused due to an error in the...

Stack overflow

Stack-based buffer overflow in the uniqueservicename function in ssdp/ssdpserver.c in the SSDP parser in the portable SDK for UPnP Devices aka libupnp, formerly the Intel SDK for UPnP devices before 1.6.18 allows remote attackers to execute arbitrary code via a long UDN aka uuid field within a...

Ubuntu 12.04 LTS / 12.10 : libvirt vulnerabilities (USN-1708-1)

Wenlong Huang discovered that libvirt incorrectly handled certain RPC calls. A remote attacker could exploit this and cause libvirt to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS. CVE-2012-4423 Tingting Zheng discovered that libvirt incorrectly handled clean...

AIX 5.3 TL 9 : libc (IZ50445)

There is a race condition in the MALLOCDEBUG debugging component of the malloc subsystem in the library libc.a. A local user can exploit this race condition when executing setuid root programs and thereby overwrite any file in the system. The successful exploitation of this vulnerability allows a...

CVE-2013-0951

WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1...

Stack overflow

Stack-based buffer overflow in the reader in CoolPDF 3.0.2.256 allows remote attackers to execute arbitrary code via a PDF document with a crafted stream...

CVE-2012-2137

Buffer overflow in virt/kvm/irqcomm.c in the KVM subsystem in the Linux kernel before 3.2.24 allows local users to cause a denial of service crash and possibly execute arbitrary code via vectors related to Message Signaled Interrupts MSI, irq routing entries, and an incorrect check by the...

CVE-2013-0929

Format string vulnerability in the vsnsprintf function in rrobotd.exe in the Device Manager in EMC AlphaStor 4.0 before build 800 allows remote attackers to execute arbitrary code via format string specifiers in a command...

Buffer overflow

Buffer overflow in the "create torrent dialog" functionality in uTorrent 1.8.3 build 15772, and possibly other versions before 1.8.3 Build 16010, allows user-assisted remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a text file containing a...

Mozilla Products Multiple Vulnerabilities-02 January13 (Windows)

This host is installed with Mozilla Firefox/Thunderbird/Seamonkey and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillaprdtsmultvuln02jan13win.nasl 6469 2017-06-28 14:24:07Z cfischer $ Mozilla Products Multiple Vulnerabilities-02 January13 Windows Authors: Rachana...