CVE-2017-4907

VMware Unified Access Gateway 2.5.x, 2.7.x, 2.8.x prior to 2.8.1 and Horizon View 7.x prior to 7.1.0, 6.x prior to 6.2.4 contain a heap buffer-overflow vulnerability which may allow a remote attacker to execute code on the security gateway...

CVE-2017-4908

VMware Workstation 12.x prior to 12.5.3 and Horizon View Client 4.x prior to 4.4.0 contain multiple heap buffer-overflow vulnerabilities in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs...

CVE-2016-8228

In Lenovo Service Bridge before version 4, a user with local privileges on a system could execute code with administrative privileges...

CVE-2017-5688

There is an escalation of privilege vulnerability in the Intel Solid State Drive Toolbox versions before 3.4.5 which allow a local administrative attacker to load and execute arbitrary code...

CVE-2017-2306

On Juniper Networks Junos Space versions prior to 16.1R1, due to an insufficient authorization check, readonly users on the Junos Space administrative web interface can execute code on the device...

The vulnerability of the Android operating system’s kernel subsystem allows a hacker to execute arbitrary code.

The vulnerability of the Android operating system’s kernel subsystem is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to enhance their privileges and execute arbitrary code within the kernel context, using a local malware application...

CVE-2017-2514

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted we...

Quest Privilege Manager Elevation of Privilege Vulnerability

Quest Privilege Manager is a comprehensive solution for user privilege management that provides the core functionality needed to quickly elevate and manage user and administrative privileges. pmmasterd is one of the encryption programs. A security vulnerability exists in pmmasterd in Quest...

Google Android Mediaserver elevation of privilege vulnerability (CNVD-2017-06872)

Google Android is a Linux-based operating system for smartphone devices. A security vulnerability exists in Google Android Mediaserver, which can be exploited by remote attackers to build malicious applications, execute arbitrary code, and elevate privileges...

Google Android Framework APIs elevation of privilege vulnerability (CNVD-2017-08230)

Google Android is a Linux-based operating system for smartphone devices. An elevation of privilege vulnerability exists in the Google Android Framework APIs, which can be exploited by remote attackers to build malicious applications, execute arbitrary code, and elevate privileges...

Advantech WebAccess Directory Traversal Vulnerability (CNVD-2017-06980)

Advantech WebAccess is a set of HMI/SCADA software from Advantech based on browser architecture. The software supports dynamic graphic display and real-time data control, and provides remote control and management of automation equipment. A directory traversal vulnerability exists in Advantech...

Linux Kernel Heap Buffer Overflow Vulnerability (CNVD-2017-06742)

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. The Linux kernel suffers from a heap buffer overflow vulnerability that can be exploited by a local attacker to execute arbitrary code on an affected system. A failed exploit...

The vulnerability of the iOS operating system, which allows a hacker to execute arbitrary code

The vulnerability of the WebKit component of the iOS operating system arises from the distribution and initialization of resources using incompatible types. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Adobe Reader DC JPEG2000 Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

CVE-2016-8235

Privilege escalation in Lenovo Customer Care Software Development Kit CCSDK versions earlier than 2.0.16.3 allows local users to execute code with elevated privileges...

Code injection

In Fiyo CMS 2.x through 2.0.7, attackers may upload a webshell via the content parameter to "/dapur/apps/apptheme/libs/savefile.php" and then execute code...

Google Android Mediaserver Code Execution Vulnerability (CNVD-2017-04725)

Google Android is a mobile operating system based on the Linux open kernel. Google Android suffers from a security vulnerability in the Mediaserver implementation, which allows remote attackers to exploit the vulnerability to construct special media files and trick users into parsing them, which...

Apple iOS webkit memory corruption vulnerability (CNVD-2017-05602)

Apple iOS is an operating system for Apple smart devices. A memory corruption vulnerability exists in Webkit used by Apple iOS, which allows attackers to exploit the vulnerability to build malicious web pages that can be clicked on by users, which can crash the application or execute arbitrary co...

Apple iOS webkit memory corruption vulnerability (CNVD-2017-05603)

Apple iOS is an operating system for Apple smart devices. A memory corruption vulnerability exists in Webkit used by Apple iOS, which allows attackers to exploit the vulnerability to build malicious web pages that can be clicked on by users, which can crash the application or execute arbitrary co...

WebKit memory corruption vulnerability in multiple Apple products (CNVD-2017-04675)

Apple iOS, Safari, and tvOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser that comes with Mac OS X and iOS operating systems; and tvOS is an operating system for smart TVs. webKit is an open source web...