Apache Geode Code Execution Vulnerability

Apache Geode cluster is the Apache Software Foundation's platform for providing real-time and consistent access to data for data-intensive applications in distributed cloud architectures. A security vulnerability exists in Apache Geode cluster. A remote attacker can exploit this vulnerability to...

CVE-2017-4950

VMware Workstation and Fusion contain an integer overflow vulnerability in VMware NAT service when IPv6 mode is enabled. This issue may lead to an out-of-bound read which can then be used to execute code on the host in conjunction with other issues. Note: IPv6 mode for VMNAT is not enabled by...

Microsoft Edge Scripting Engine Memory Corruption (CVE-2018-0777)

A remote code execution vulnerability has been reported in Microsoft Edge. The vulnerability is due to an Out-of-Bounds write in the JavaScript engine. A remote attacker can exploit this issue by enticing a victim to open a specially crafted web page that could cause memory corruption in a way th...

CVE-2017-10956

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

CVE-2017-10956

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

CVE-2017-17561

SeaCMS 6.56 allows remote authenticated administrators to execute arbitrary PHP code via a crafted token field to admin/adminping.php, which interacts with data/admin/ping.php...

The vulnerability of the Microsoft Malware Protection Engine, which is used in Microsoft’s built-in security tools, allows a perpetrator to execute code and gain full control over the system.

The vulnerability of the Microsoft Malware Protection Engine is related to errors during the scanning of a specially created file. Exploiting this vulnerability allows an attacker who operates remotely to execute arbitrary code and gain full control over the system using a specially crafted file...

The vulnerability of the SpiderControl SCADA Web Server, related to deficiencies in access control, allows a intruder to execute arbitrary code.

The vulnerability of the SpiderControl SCADA Web Server is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor, operating locally, to edit executable service files with elevated privileges and execute arbitrary code within the system services...

CVE-2017-12342

A vulnerability in the Open Agent Container OAC feature of Cisco Nexus Series Switches could allow an unauthenticated, local attacker to read and send packets outside the scope of the OAC. The vulnerability is due to insufficient internal security measures in the OAC feature. An attacker could...

CVE-2017-2714

The GaussDB in FusionSphere OpenStack V100R005C10SPC705 and earlier versions has a buffer overflow vulnerability. An authenticated attacker on the LAN can exploit this vulnerability to execute arbitrary code or cause a denial of service DoS condition in the affected system...

Intel Server Platform Services Firmware Buffer Overflow Vulnerability

Intel Server Platform Services Firmware is a server platform services program used in the CPU Central Processing Unit. A buffer overflow vulnerability exists in Intel Server Platform Services Firmware. This vulnerability could be exploited by an attacker with local access to the system to execute...

Intel® Deep Learning Training Tool Beta 1 security vulnerability

Summary: A vulnerability in the Intel® Deep Learning Training Tool Beta 1 allows a network attacker to remotely execute code as a local user. Description: A vulnerability in the Intel® Deep Learning Training Tool Beta 1 allows a network attacker to remotely execute code as a local user. High 8.3...

Heap overflow

VMware Workstation 12.x before 12.5.8 and Fusion 8.x before 8.5.9 contain a heap buffer-overflow vulnerability in VMNAT device. This issue may allow a guest to execute code on the host...

CVE-2017-4936

VMware Workstation 12.x before 12.5.8 and Horizon View Client for Windows 4.x before 4.6.1 contain an out-of-bounds read vulnerability in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstatio...

CVE-2017-4937

VMware Workstation 12.x before 12.5.8 and Horizon View Client for Windows 4.x before 4.6.1 contain an out-of-bounds read vulnerability in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstatio...

CVE-2017-4934

VMware Workstation 12.x before 12.5.8 and Fusion 8.x before 8.5.9 contain a heap buffer-overflow vulnerability in VMNAT device. This issue may allow a guest to execute code on the host...

CVE-2017-4936

VMware Workstation 12.x before 12.5.8 and Horizon View Client for Windows 4.x before 4.6.1 contain an out-of-bounds read vulnerability in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstatio...

Microsoft Internet Explorer/Edge Memory Corruption Vulnerability

Internet Explorer is a web browser from Microsoft.Microsoft Edge is the web browser built into Windows 10 versions. A memory corruption vulnerability exists in Microsoft Internet Explorer/Edge, which could allow an unauthenticated, remote attacker to execute arbitrary code on the target system...

Microsoft Edge Memory Corruption Vulnerability (CNVD-2017-34926)

Microsoft Edge is the web browser built into the Windows 10 version. Microsoft Edge is implemented with a memory corruption vulnerability that can be exploited by unauthenticated, remote attackers to execute arbitrary code on the target system and corrupt memory...

Adobe Flash Player Memory Misreference Vulnerability (CNVD-2017-37245)

Adobe Flash Player is a cross-platform, browser-based multimedia player product from Adobe. The product supports cross-screen and browser viewing of applications, content and videos. A memory misreference vulnerability exists in Adobe Flash Player. A remote attacker could exploit this vulnerabili...