147 matches found
KLA11943 Multiple vulnerabilities in Mozilla Firefox ESR
Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, gain privileges, spoof user interface. Below is a complete list of vulnerabilities: 1. Elevation of privilege vulnerability on...
CVE-2019-9450
In the Android kernel in the FingerTipS touchscreen driver there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...
CVE-2019-9275
In the Android kernel in the mnh driver there is a use after free due to improper locking. This could lead to escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...
Adobe Reader 2017 Security Update (APSB20-05) - Mac OS X
Adobe Reader 2017 is prone to multiple vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you c...
KLA11639 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges, bypass security restrictions, spoof user interface, cause denial of service. Below is a complete list of...
Information disclosure
In the proc filesystem, there is a possible information disclosure due to log information disclosure. This could lead to local disclosure of app and browser activity with User execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android...
Adobe Acrobat 2017 Security Updates (APSB19-02) - Windows
Adobe Acrobat 2017 is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobat";...
Out-of-bounds
In nfcllcpbuildsdreqtlv of llcpcommands.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel...
CVE-2018-9385
In driveroverridestore of bus.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android I...
CVE-2018-10856
It has been discovered that podman does not drop capabilities when executing a container as a non-root user. This results in unnecessary privileges being granted to the container...
MGASA-2018-0098 Updated glibc packages fix security vulnerabilities
An issue in the code handling RPATHs was fixed that could have been exploited by an attacker to execute code loaded from arbitrary libraries CVE-2017-16997. A privilege escalation bug in the realpath function when the getcwd system call doesn't return a valid absolute pathname CVE-2018-1000001...
Icecream Apps Insecure File Permissions / Privilege Escalation
Exploit Title: Multiple Icecream Apps Local Privilege Escalation Date: 13/09/2016 Exploit Author: Tulpa Contact: [email protected] Author website: www.tulpa-security.com Vendor Homepage: icecreamapps.com Software Versions Affected: Icecream Ebook Reader 4.21 | Icecream Screen Recorder 4.21...
Centreon <= 2.5.3 Multiple Vulnerabilities - Active Check
Centreon is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:centreon:centreon"; ifdescription...
HP Service Manager / HP ServiceCenter multiple security vulnerabilities
Code execution, privilege escalation, information leakage, XSS...
CentOS Update for firefox CESA-2013:0820 centos5
Check for the Version of firefox OpenVAS Vulnerability Test CentOS Update for firefox CESA-2013:0820 centos5 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
Oracle Hyperion Financial Management ActiveX Heap Overflow
Added: 11/21/2011 BID: 50565 OSVDB: 76913 Background Oracle Hyperion Financial Management is a web-based financial consolidation, reporting and analysis solution. Problem Hyperion Financial Management webapp installs an ActiveX control on the target system. This control is marked as safe for...
CentOS Update for thunderbird CESA-2011:0474 centos4 i386
Check for the Version of thunderbird OpenVAS Vulnerability Test CentOS Update for thunderbird CESA-2011:0474 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...
GLSA-200707-01 : Firebird: Buffer overflow
The remote host is affected by the vulnerability described in GLSA-200707-01 Firebird: Buffer overflow Cody Pierce from TippingPoint DVLabs has discovered a buffer overflow when processing 'connect' requests with an overly large 'pcnctcount' value. Impact : An unauthenticated remote attacker coul...
VMware未明缓冲区溢出漏洞
VMWare是一款虚拟PC软件,允许在一台机器上同时运行两个或多个Windows、DOS、LINUX系统。 VMWare存在未明缓冲区溢出问题,远程攻击者可以利用漏洞以系统进程权限执行任意指令。 目前没有详细漏洞细节提供。 VMWare ESX Server 3.0.1 VMWare ESX Server 3.0 升级到最新程序: http://www.vmware.com/...
JVN#31185550 tDiary arbitrary Ruby script execution vulnerability
Impact Depending on tDiary's configuration, an arbitrary Ruby script could be executed on the web server with tDiary's execution privilege. This could lead to information leak or erasure, password compromise, and contents alteration, etc. Solution Products Affected tDiary 2.0.3 tDiary...