Drupal 8.x < 8.2.7 Multiple Vulnerabilities (SA-2017-001)

The version of Drupal running on the remote web server is 8.x prior to 8.2.7. It is, therefore, affected by the multiple vulnerabilities : - A security bypass vulnerability exists in the editor module due to a failure to properly check access restrictions when adding private files with a configur...

Google Chrome ANGLE Memory Misreference Vulnerability

Google Chrome is a popular web browser. A memory misreference vulnerability exists in Google Chrome ANGLE, which allows remote attackers to exploit the vulnerability to build malicious WEB pages that can be tricked into parsing by the user, which can crash the application or execute arbitrary cod...

Ubuntu: Security Advisory (USN-3232-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

KLA10979 Multiple vulnerabilities in Microsoft Windows

Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, gain privileges, obtain sensitive information and cause a denial of service. Below is a complete list of vulnerabilitie...

gdk-pixbuf 'make_available_at_least' function denial of service vulnerability

gdk-pixbuf is a toolkit for image loading and pixel buffer processing. A security vulnerability in the gdk-pixbuf 'makeavailableatleast' function allows remote attackers to build malicious files that can be exploited to trick an application into parsing, which can crash the application or execute...

Ubuntu: Security Advisory (USN-3222-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Foxit Reader JPEG2000 Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

CVE-2017-0528

An elevation of privilege vulnerability in the kernel security subsystem could enable a local malicious application to to execute code in the context of a privileged process. This issue is rated as High because it is a general bypass for a kernel level defense in depth or exploit mitigation...

CVE-2017-0528

An elevation of privilege vulnerability in the kernel security subsystem could enable a local malicious application to to execute code in the context of a privileged process. This issue is rated as High because it is a general bypass for a kernel level defense in depth or exploit mitigation...

CVE-2017-5613

Format string vulnerability in cgiemail and cgiecho allows remote attackers to execute arbitrary code via format string specifiers in a template file...

The vulnerability of the iOS operating system and the Safari browser allows a perpetrator to trigger a service failure or execute arbitrary code.

The vulnerability of the WebKit component of the iOS operating system and the Safari browser arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure memory corruption,...

CVE-2016-7626

An issue was discovered in certain Apple products. iOS before 10.2 is affected. tvOS before 10.1 is affected. watchOS before 3.1.1 is affected. The issue involves the "Profiles" component. It allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and...

Adobe Digital Editions Buffer Overflow Vulnerability (CNVD-2017-01794)

Adobe Digital Editions is a lightweight e-book reader from Adobe, USA. A buffer overflow vulnerability exists in Adobe Digital Editions, which can be exploited by an attacker to execute arbitrary code and cause a memory leak...

CVE-2017-0419

An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally...

CVE-2017-0418

An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally...

UBUNTU-CVE-2017-0450

An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as Moderate because it is mitigated by current platform configurations. Product: Android. Versions: N/A...

Code injection

IBM Kenexa LMS on Cloud could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server...

CVE-2016-8932

IBM Kenexa LMS on Cloud could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server...

Code injection

IBM FileNet WorkPlace XT could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server...

CVE-2016-8921

IBM FileNet WorkPlace XT could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server...