Huawei EulerOS: Security Advisory for systemd (EulerOS-SA-2020-1301)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GLSA-202003-42 : libgit2: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202003-42 libgit2: Multiple vulnerabilities Multiple vulnerabilities have been discovered in libgit2. Please review the CVE identifiers referenced below for details. Impact : An attacker could possibly overwrite arbitrary paths,...

libgit2: Multiple vulnerabilities

Background libgit2 is a portable, pure C implementation of the Git core methods provided as a re-entrant linkable library with a solid API. Description Multiple vulnerabilities have been discovered in libgit2. Please review the CVE identifiers referenced below for details. Impact An attacker coul...

Microsoft Windows AppX Deployment Service Hard Link Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AppX Deploymen...

GLSA-202003-30 : Git: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202003-30 Git: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Git. Please review the CVE identifiers referenced below for details. Impact : An attacker could possibly overwrite arbitrary paths, execute...

CVE-2019-13169

CVE-2019-13169 affects some Xerox printers (e.g., Phaser 3320) due to a buffer overflow in the Content-Type HTTP Header of the device’s web application. The underlying cause is improper handling of Content-Type header data, enabling an attacker to potentially execute arbitrary code on the device....

CVE-2019-12182

Directory Traversal in Safescan Timemoto and TA-8000 series version 1.0 allows unauthenticated remote attackers to execute code via the administrative API...

Parallels Desktop xHCI Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

CVE-2020-7254

Privilege Escalation vulnerability in the command line interface in McAfee Advanced Threat Defense ATD 4.x prior to 4.8.2 allows local users to execute arbitrary code via improper access controls on the sudo command...

Microsoft Windows Printer Device Context Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

Microsoft Windows ulGetNearestIndexFromColorref Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

CVE-2016-11021

setSystemCommand on D-Link DCS-930L devices before 2.12 allows a remote attacker to execute code via an OS command in the SystemCommand parameter...

Code execution vulnerability in QQMusic installation package

QQ Music QQMusic is the official music playback software launched by Tencent. A code execution vulnerability exists in the QQMusic installation package. An attacker can exploit the vulnerability to execute task code...

Microsoft Windows Client License Service Elevation of Privilege Vulnerability

Microsoft Windows is a set of operating systems for use on personal devices from the American company Microsoft. An elevation of privilege vulnerability exists in the way memory objects are handled in the Microsoft Windows Client License Service. An attacker could exploit the vulnerability by mea...

Design/Logic Flaw

This vulnerability allows remote atackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Plone DTML SQL Injection

Plone is free and open source content management system. Plone DTML suffers from SQL injection, which can be exploited by remote attackers to submit a special SQL request to manipulate the database, which can obtain sensitive information or execute arbitrary code...

CVE-2014-8126

The scheduler in HTCondor before 8.2.6 allows remote authenticated users to execute arbitrary code...

Huawei EulerOS: Security Advisory for libssh2 (EulerOS-SA-2019-1362)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libssh2 (EulerOS-SA-2019-1308)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

KLA11647 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Use-after-free vulnerability in speech recognizer can be...