CVE-2013-1607

Ruby PDFKit gem prior to 0.5.3 has a Code Execution Vulnerability...

CVE-2013-1607

Ruby PDFKit gem prior to 0.5.3 has a Code Execution Vulnerability...

Extreme Office 2019 has a code execution vulnerability

Extreme Office is an independently controlled office learning software developed by Beijing Haiteng Times Technology Co. Extreme Office 2019 suffers from a code execution vulnerability that can be exploited by an attacker to execute code or cause a denial of service...

SUSE-SU-2020:0360-1 Security update for e2fsprogs

This update for e2fsprogs fixes the following issues: - CVE-2019-5188: Fixed a code execution vulnerability in the directory rehashing functionality bsc1160571...

Security Bulletin: Multiple Vulnerabilities in WebSphere Application Server bundled with IBM WebSphere Application Server Patterns

Summary WebSphere Application Server is shipped as a component of IBM WebSphere Application Server Patterns. Information about security vulnerabilities affecting WebSphere Application Server have been published in multiple security bulletins. Vulnerability Details Refer to the security bulletinss...

Google Chrome Code Execution Vulnerability (CNVD-2020-04538)

Google Chrome is a web browser from Google, an American company. A code execution vulnerability exists in Google Chrome, which can be exploited by an attacker to execute arbitrary code or cause a denial of service condition on a system...

OPENSUSE-SU-2020:0166-1 Security update for e2fsprogs

This update for e2fsprogs fixes the following issues: - CVE-2019-5188: Fixed a code execution vulnerability in the directory rehashing functionality bsc1160571. This update was imported from the SUSE:SLE-15:Update update project...

Windscribe WindscribeService Named Pipe Privilege Escalation

The Windscribe VPN client application for Windows makes use of a Windows service WindscribeService.exe which exposes a named pipe \.\pipe\WindscribeService allowing execution of programs with elevated privileges. Windscribe versions prior to 1.82 do not validate user-supplied program names,...

OPENSUSE-SU-2020:0142-1 Security update for shadowsocks-libev

This update for shadowsocks-libev fixes the following issues: - Update version to 3.3.3 Refine the handling of suspicious connections. Fix exploitable denial-of-service vulnerability exists in the UDPRelay functionality boo1158251, CVE-2019-5163 Fix code execution vulnerability in the ss-manager...

New 'CacheOut' Attack Leaks Data from Intel CPUs, VMs and SGX Enclave

Another month, another speculative execution vulnerability found in Intel processors. If your computer is running any modern Intel CPU built before October 2018, it's likely vulnerable to a newly discovered hardware issue that could allow attackers to leak sensitive data from the OS kernel,...

Trend Micro Security Code Execution Vulnerability

Trend Micro Security is a suite of computer security. A code execution vulnerability exists in Trend Micro Security that can be exploited by an attacker to elevate privileges using a malware program...

Description of the security update for Excel 2010: January 14, 2020

Description of the security update for Excel 2010: January 14, 2020 Summary This security update resolves a remote code execution vulnerability that exists in Microsoft Excel software when the software fails to properly handle objects in memory. To learn more about the vulnerability, see Microsof...

Description of the security update for Excel 2013: January 14, 2020

Description of the security update for Excel 2013: January 14, 2020 Summary This security update resolves a remote code execution vulnerability that exists in Microsoft Excel software if the software does not correctly handle objects in memory. To learn more about the vulnerability, see Microsoft...

Security Updates for Internet Explorer (January 2020)

The Internet Explorer installation on the remote host is missing a security update. It is, therefore, affected by the following vulnerability : - A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in su...

CVE-2013-6225

LiveZilla 5.0.1.4 has a Remote Code Execution vulnerability...

The vulnerability of the filemanager2.php component of the CentOS Web Panel management application allows a hacker to execute arbitrary HTML code or JavaScript scripts.

The vulnerability of the filemanager2.php component of the CentOS Web Panel management application relates to the lack of measures for sanitizing input data. Exploiting this vulnerability could allow an attacker to execute arbitrary HTML code or JavaScript scripts...

E2fsprogs e2fsck rehash.c mutate_name() Code Execution Vulnerability

Summary A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4. A specially crafted ext4 directory can cause an out-of-bounds write on the stack, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability. Test...

MGASA-2020-0006 Updated shadowsocks-libev packages fix security vulnerabilities

Updated shadowsocks-libev packages fix security vulnerabilities: Exploitable denial-of-service vulnerability exists in the UDPRelay functionality CVE-2019-5163. Code execution vulnerability in the ss-manager binary CVE-2019-5164...

Command Execution Vulnerability in WDJA Web Content Management System

WDJA Web Content Management System is a set of existing modules can be expanded and cloned PHP open source CMS system , using UTF-8 coding , to take the language/code/program two separate technical modes . WDJA Web Content Management System has a command execution vulnerability that can be...

EulerOS 2.0 SP3 : freerdp (EulerOS-SA-2019-2580)

According to the versions of the freerdp packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An exploitable code execution vulnerability exists in the RDP receive functionality of FreeRDP 2.0.0-beta1+android11. A specially crafted serve...