CVE-2014-8789

GleamTech FileVista before 6.1 allows remote authenticated users to create arbitrary files and possibly execute arbitrary code via a crafted path in a zip archive, which is not properly handled during extraction...

CVE-2014-3065

Unspecified vulnerability in IBM Java Runtime Environment JRE 7 R1 before SR2 7.1.2.0, 7 before SR8 7.0.8.0, 6 R1 before SR8 FP2 6.1.8.2, 6 before SR16 FP2 6.0.16.2, and before SR16 FP8 5.0.16.8 allows local users to execute arbitrary code via vectors related to the shared classes cache...

CVE-2014-8001

Buffer overflow in decode.cpp in Cisco OpenH264 1.2.0 and earlier allows remote attackers to execute arbitrary code via an encoded media file...

CVE-2014-8001

Buffer overflow in decode.cpp in Cisco OpenH264 1.2.0 and earlier allows remote attackers to execute arbitrary code via an encoded media file...

CVE-2014-8388

Stack-based buffer overflow in Advantech WebAccess, formerly BroadWin WebAccess, before 8.0 allows remote attackers to execute arbitrary code via a crafted ipaddress parameter in an HTML document...

Memory corruption

The DfDiskLo.sys driver in Faronics Deep Freeze Standard and Enterprise 8.10 and earlier allows local administrators to cause a denial of service crash and execute arbitrary code via a crafted IOCTL request that writes to arbitrary memory locations, related to the IofCallDriver function...

USN-2410-1: Oxide vulnerabilities

A buffer overflow was discovered in Skia. If a user were tricked in to opening a specially crafted website, an attacked could potentially exploit this to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. CVE-2014-7904...

CVE-2014-4462

WebKit, as used in Apple iOS before 8.1.1 and Apple TV before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted web site, a different vulnerability than CVE-2014-4452...

CVE-2014-4452

WebKit, as used in Apple iOS before 8.1.1 and Apple TV before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted web site, a different vulnerability than CVE-2014-4462...

CVE-2014-0586

Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code by leveraging an...

CVE-2014-8438

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute...

CVE-2014-6341

Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-4143...

[SECURITY] [DSA 3071-1] nss security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3071-1 [email protected] http://www.debian.org/security/ Sebastien Delafond November 11, 2014 http://www.debian.org/security/faq -...

Joomla Component JE Media Player Arbitrary File Upload

An Arbitrary File Upload vulnerability has been reported in Joomla JE Media PlayerLFI. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Design/Logic Flaw

Use-after-free vulnerability in the socket manager of Impress Remote in LibreOffice 4.x before 4.2.7 and 4.3.x before 4.3.3 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted request to TCP port 1599...

CVE-2014-8669

The SAP Promotion Guidelines CRM-MKT-MPL-TPM-PPG module for SAP CRM allows remote attackers to execute arbitrary code via unspecified vectors...

CVE-2014-0223

Integer overflow in the qcowopen function in block/qcow.c in QEMU before 1.7.2 allows local users to cause a denial of service crash and possibly execute arbitrary code via a large image size, which triggers a buffer overflow or out-of-bounds read...

CVE-2013-4542

The virtioscsiloadrequest function in hw/scsi/scsi-bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds array access...

CVE-2014-0182

Heap-based buffer overflow in the virtioload function in hw/virtio/virtio.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted config length in a savevm image...

CVE-2013-4533

Buffer overflow in the pxa2xxsspload function in hw/arm/pxa2xx.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted s-rxlevel value in a savevm image...