1914 matches found
Linux Kernel Heap Buffer Overflow Vulnerability (CNVD-2017-06742)
The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. The Linux kernel suffers from a heap buffer overflow vulnerability that can be exploited by a local attacker to execute arbitrary code on an affected system. A failed exploit...
Adobe Reader DC JPEG2000 Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...
CVE-2016-8235
Privilege escalation in Lenovo Customer Care Software Development Kit CCSDK versions earlier than 2.0.16.3 allows local users to execute code with elevated privileges...
Code injection
In Fiyo CMS 2.x through 2.0.7, attackers may upload a webshell via the content parameter to "/dapur/apps/apptheme/libs/savefile.php" and then execute code...
Google Android Mediaserver Code Execution Vulnerability (CNVD-2017-04725)
Google Android is a mobile operating system based on the Linux open kernel. Google Android suffers from a security vulnerability in the Mediaserver implementation, which allows remote attackers to exploit the vulnerability to construct special media files and trick users into parsing them, which...
Apple iOS webkit memory corruption vulnerability (CNVD-2017-05603)
Apple iOS is an operating system for Apple smart devices. A memory corruption vulnerability exists in Webkit used by Apple iOS, which allows attackers to exploit the vulnerability to build malicious web pages that can be clicked on by users, which can crash the application or execute arbitrary co...
Apple iOS webkit memory corruption vulnerability (CNVD-2017-05602)
Apple iOS is an operating system for Apple smart devices. A memory corruption vulnerability exists in Webkit used by Apple iOS, which allows attackers to exploit the vulnerability to build malicious web pages that can be clicked on by users, which can crash the application or execute arbitrary co...
WebKit memory corruption vulnerability in multiple Apple products (CNVD-2017-04675)
Apple iOS, Safari, and tvOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser that comes with Mac OS X and iOS operating systems; and tvOS is an operating system for smart TVs. webKit is an open source web...
Drupal 8.x < 8.2.7 Multiple Vulnerabilities (SA-2017-001)
The version of Drupal running on the remote web server is 8.x prior to 8.2.7. It is, therefore, affected by the multiple vulnerabilities : - A security bypass vulnerability exists in the editor module due to a failure to properly check access restrictions when adding private files with a configur...
Google Chrome ANGLE Memory Misreference Vulnerability
Google Chrome is a popular web browser. A memory misreference vulnerability exists in Google Chrome ANGLE, which allows remote attackers to exploit the vulnerability to build malicious WEB pages that can be tricked into parsing by the user, which can crash the application or execute arbitrary cod...
Ubuntu: Security Advisory (USN-3232-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
KLA10979 Multiple vulnerabilities in Microsoft Windows
Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, gain privileges, obtain sensitive information and cause a denial of service. Below is a complete list of vulnerabilitie...
gdk-pixbuf 'make_available_at_least' function denial of service vulnerability
gdk-pixbuf is a toolkit for image loading and pixel buffer processing. A security vulnerability in the gdk-pixbuf 'makeavailableatleast' function allows remote attackers to build malicious files that can be exploited to trick an application into parsing, which can crash the application or execute...
Ubuntu: Security Advisory (USN-3222-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Foxit Reader JPEG2000 Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...
CVE-2017-0528
An elevation of privilege vulnerability in the kernel security subsystem could enable a local malicious application to to execute code in the context of a privileged process. This issue is rated as High because it is a general bypass for a kernel level defense in depth or exploit mitigation...
CVE-2017-0528
An elevation of privilege vulnerability in the kernel security subsystem could enable a local malicious application to to execute code in the context of a privileged process. This issue is rated as High because it is a general bypass for a kernel level defense in depth or exploit mitigation...
CVE-2017-5613
Format string vulnerability in cgiemail and cgiecho allows remote attackers to execute arbitrary code via format string specifiers in a template file...
CVE-2016-7626
An issue was discovered in certain Apple products. iOS before 10.2 is affected. tvOS before 10.1 is affected. watchOS before 3.1.1 is affected. The issue involves the "Profiles" component. It allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and...
Adobe Digital Editions Buffer Overflow Vulnerability (CNVD-2017-01794)
Adobe Digital Editions is a lightweight e-book reader from Adobe, USA. A buffer overflow vulnerability exists in Adobe Digital Editions, which can be exploited by an attacker to execute arbitrary code and cause a memory leak...