2019 matches found
CVE-2018-15909
In Artifex Ghostscript 9.23 before 2018-08-24, a type confusion using the .shfill operator could be used by attackers able to supply crafted PostScript files to crash the interpreter or potentially execute code...
CVE-2018-15910
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the LockDistillerParams parameter to crash the interpreter or execute code...
CVE-2018-15910
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the LockDistillerParams parameter to crash the interpreter or execute code...
CVE-2018-3784
A code injection in cryo 0.0.6 allows an attacker to arbitrarily execute code due to insecure implementation of deserialization...
Intel Smart Sound Technology Driver Module Elevation of Privilege Vulnerability (CNVD-2018-15605)
Intel Smart Sound Technology is an integrated audio DSP Digital Signal Processor from Intel USA, which is mainly used to process audio, support voice interaction and so on. An elevation of privilege vulnerability exists in the driver module in versions prior to Intel Smart Sound Technology...
VMSA-2018-0022:VMware Workstation and Fusion updates address an out-of-bounds write issue
VMSA-2018-0022 VMware Workstation and Fusion updates address an out-of-bounds write issue VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2018-0022 VMware Security Advisory Severity: Critical VMware Security Advisory Synopsis: VMware Workstation and Fusion updates address an...
VMWare Horizon Client wswc_sharedMem_shared Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of VMware Horizon Client. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...
Insteon Hub Buffer Overflow Vulnerability
The Insteon Hub is an Insteon central controller product from Insteon USA. This product can remotely control light bulbs, wall switches, air conditioners and more in your home. A buffer overflow vulnerability exists in the Insteon Hub using firmware version 1012. An attacker could exploit the...
CVE-2018-14246
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2018-14311
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA...
Intel Quartus II Elevation of Privilege Vulnerability
Intel Quartus II is a suite of software for hardware programming from the American company Intel Intel. An elevation of privilege vulnerability exists in Intel Quartus II versions 11.0 through 15.0. A local attacker could exploit this vulnerability to execute arbitrary code...
Passenger: Multiple Vulnerabilities
Background Passenger runs and manages your Ruby, Node.js, and Python apps. Description Multiple vulnerabilities have been discovered in Passenger. Please review the CVE identifiers referenced below for details. Impact A remote attacker could escalate privileges, execute arbitrary code, cause a...
AVEVA InTouch Buffer Overflow Vulnerability
AVEVA InTouch is an embedded HMI software package from AVEVA Group plc in the UK. The product provides read and write tagging and event monitoring functionality for HMI clients. A security vulnerability exists in AVEVA InTouch. A remote attacker could exploit this vulnerability by sending special...
Out-of-bounds
An exploitable out-of-bounds write exists in the TIFF parsing functionality of Canvas Draw version 4.0.0. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this vulnerability...
CVE-2018-3858
An exploitable heap overflow exists in the TIFF parsing functionality of Canvas Draw version 4.0.0. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this vulnerability and...
CVE-2018-0343
A vulnerability in the configuration and management service of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to execute arbitrary code with vmanage user privileges or cause a denial of service DoS condition on an affected system. The vulnerability is due to insufficient...
CVE-2018-0343
A vulnerability in the configuration and management service of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to execute arbitrary code with vmanage user privileges or cause a denial of service DoS condition on an affected system. The vulnerability is due to insufficient...
Adobe Acrobat Pro DC U3D PCX Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2018-4858
A vulnerability has been identified in IEC 61850 system configurator All versions V5.80, DIGSI 5 affected as IEC 61850 system configurator is incorporated All versions V7.80, DIGSI 4 All versions V4.93, SICAM PAS/PQS All versions V8.11, SICAM PQ Analyzer All versions V3.11, SICAM SCC All versions...
Code injection
Incorrect Permission Assignment on the /var/www/xms/cleanzip.sh shell script run periodically in Dialogic PowerMedia XMS through 3.5 allows local users to execute code as the root user...