EulerOS Virtualization 3.0.2.0 : libX11 (EulerOS-SA-2021-2839)

According to the versions of the libX11 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code. The libX11...

The vulnerability in the command-line utility BusyBox, related to memory usage after deallocation, allows an attacker to execute arbitrary code.

The vulnerability of the BusyBox command-line utility set is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Security Bulletin: IBM Storage Support for Microsoft Volume Shadow Copy Service (VSS) and Virtual Disk Service (VDS) is affected by a vulnerability in Apache Log4j (CVE-2021-4104)

Summary A vulnerability was identified within the Apache Log4j library that is used by IBM Storage Support for Microsoft Volume Shadow Copy Service VSS and Virtual Disk Service VDS for IBM Spectrum Virtualize family and IBM DS8000 family storage systems. This vulnerability has been addressed...

Security Bulletin: Vulnerability in Apache Log4j affects IBM Spectrum Copy Data Management (CVE-2021-44228)

Summary A vulnerability in Apache Log4j could allow an attacker to execute arbitrary code on the system. This vulnerability may affect the Help system in IBM Spectrum Copy Data Management Vulnerability Details CVEID: CVE-2021-44228 DESCRIPTION: Apache Log4j could allow a remote attacker to execut...

Adobe Premiere Rush Code Execution Vulnerability (CNVD-2021-101116)

Adobe Premiere Rush is a cross-platform video editing software from Adobe. Adobe Premiere Rush has a security vulnerability that could be exploited by attackers to execute arbitrary code on the system...

Adobe Premiere Rush Code Execution Vulnerability (CNVD-2021-101126)

Adobe Premiere Rush is a cross-platform video editing software from Adobe. Adobe Premiere Rush has a security vulnerability that could be exploited by attackers to execute arbitrary code on the system...

KLA12382 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Security bypass vulnerability in ANGLE can be exploited to...

Microsoft Message Queuing 信息泄露漏洞

Microsoft Message Queuing technology allows applications running at different times to communicate on heterogeneous networks and systems that are temporarily offline.An information disclosure vulnerability exists in Microsoft Message Queuing. An attacker could exploit this vulnerability to execut...

KLA12377 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Security bypass vulnerability in ANGLE can be exploited to bypa...

Autodesk Navisworks Buffer Overflow Vulnerability (CNVD-2022-05701)

Autodesk Navisworks is a 3D model review software for architecture, engineering and construction from Autodesk, Inc. Autodesk Navisworks is vulnerable to a buffer overflow vulnerability that could be exploited by attackers to execute arbitrary code...

Google Chrome file API code execution vulnerability

Google Chrome is a web browser from Google, Inc. A security vulnerability exists in Google Chrome, which stems from post-release usage in the File API. A remote attacker could exploit this vulnerability to cause a denial of service or execute arbitrary code on the system...

FlexiHub For Windows Integer Overflow Vulnerability

FlexiHub is a shared and accessible remote device from the FlexiHub team. FlexiHub For Windows is vulnerable to an integer overflow vulnerability that could be exploited by an attacker to execute arbitrary code in kernel mode or cause a denial of service via a specially crafted I/O request packet...

CVE-2021-42980

NoMachine Cloud Server is affected by Buffer Overflow. IOCTL Handler 0x22001B in the NoMachine Cloud Server above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service memory corruption and OS crash via specially crafted I/O Request...

Z-BlogPHP arbitrary file upload vulnerability

Z-BlogPHP is an open source PHP-based blogging system from the Z-blog community.Z-BlogPHP is vulnerable to arbitrary file uploads, which can be exploited by attackers to execute arbitrary code via carefully crafted JPG files...

D-Link DIR-809 formStaticDHCP Buffer Overflow Vulnerability

D-Link DIR-809 is a dual-band router from D-Link, China. buffer overflow vulnerability exists in the fun80034d60 function in the D-Link DIR-809 formStaticDHCP, which can be exploited by attackers to submit special requests that can crash applications or execute arbitrary code...

Security Bulletin: A security vulnerability in Node.js vm2 module affects IBM Cloud Automation Manager

Summary A security vulnerability in Node.js vm2 module affects IBM Cloud Automation Manager. Vulnerability Details CVEID: CVE-2021-23449 DESCRIPTION: Node.js vm2 module could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw. By adding or...

Ubuntu: Security Advisory (USN-5165-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 2824-1] firebird3.0 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2824-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler November 20, 2021 https://wiki.debian.org/LTS -...

Debian DLA-2824-1 : firebird3.0 - LTS security update

The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-2824 advisory. - An authenticated remote attacker can execute arbitrary code in Firebird SQL Server versions 2.5.7 and 3.0.2 by executing a malformed SQL statement. CVE-2017-11509 Note th...

KLA12351 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions, spoof user interface, obtain sensitive information. Below is a complete list of vulnerabilities: 1. Use aft...