EulerOS 2.0 SP5 : e2fsprogs (EulerOS-SA-2019-2140)

According to the version of the e2fsprogs packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The e2fsprogs package contains a number of utilities for creating,checking, modifying, and correcting any inconsistencies in second,third and...

GLSA-201911-02 : pump: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-201911-02 pump: User-assisted execution of arbitrary code It was discovered that there was an arbitrary code execution vulnerability in the pump DHCP/BOOTP client. Impact : A remote attacker, by enticing a user to connect to a...

OPENSUSE-SU-2019:2441-1 Security update for php7

This update for php7 fixes the following issues: Security issue fixed: - CVE-2019-11043: Fixed possible remote code execution via envpathinfo underflow in fpmmain.c bsc1154999. This update was imported from the SUSE:SLE-15:Update update project...

Security fix for the ALT Linux 8 package sudo version 1:1.8.28-alt1

1:1.8.28-alt1 built Oct. 31, 2019 Ivan Zakharyaschev in task 240030 Oct. 15, 2019 Evgeny Sinelnikov - Update to autumn security release closes: 37334 - Code execution with euid==0 in rare box configurations fixes: CVE-2019-14287 - Fix post script for sudowheel control in case of upgrade in not...

CVE-2019-17323

CVE-2019-17323 affects ClipSoft REXPERT (versions 1.0.0.527 and earlier). The vulnerability is an XML injection in the Rexpert viewer's report printing function, enabling arbitrary file creation and execution. Exploitation requires user interaction: the target must visit a malicious web page. Imp...

CVE-2019-17323

ClipSoft REXPERT 1.0.0.527 and earlier version allows arbitrary file creation and execution via report print function of rexpert viewer with modified XML document. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page...

Command Execution Vulnerability in ThinkCMFX

ThinkCMF is a Chinese content management framework based on ThinkPHP+MySQL, of which the X series is based on ThinkPHP 3.2.3. A command execution vulnerability exists in ThinkCMFX, which can be exploited by attackers to execute malicious code...

CVE-2019-15678

TightVNC code version 1.3.10 contains heap buffer overflow in rfbServerCutText handler, which can potentially result code execution.. This attack appear to be exploitable via network connectivity...

Security Updates for Microsoft Office Online Server Apps (May 2019)

The Microsoft Office Online Server installation on the remote host is missing a security update. It is, therefore, affected by the following vulnerability: - A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who...

CMSimple has a code execution vulnerability

CMSimple is a small PHP-based web content management tool. A code execution vulnerability exists in CMSimple that can be exploited by an attacker to execute arbitrary code...

SUSE-SU-2019:2158-1 Security update for postgresql94

This update for postgresql94 fixes the following issues: Security issue fixed: - CVE-2019-10208: Fixed arbitrary SQL execution via suitable SECURITY DEFINER function under the identity of the function owner bsc1145092...

Android-Gif-Drawable Open Source Stock in Code Execution Vulnerability

Android-Gif-Drawable is an open source library for Android Gif view and drawing . Android-Gif-Drawable through the JNI bundled Giflib way to render the number of frames , based on this way of rendering will be more efficient than the use of WebView class or Movie class . Android-Gif-Drawable open...

CVE-2019-5094

An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability...

CVE-2019-16759

vBulletin 5.x through 5.5.4 allows remote command execution via the widgetConfigcode parameter in an ajax/render/widgetphp routestring request...

Code execution vulnerability in rgcms

RuiGu information management system RGCMS is a set of open source station management system , using PHP language , the system features free , extended , extremely fast security , free and open source. rgcms there are code execution vulnerabilities , attackers can exploit vulnerabilities to obtain...

McAfee Total Protection MTP Free Antivirus Trial Code Issue Vulnerability

McAfee Total Protection MTP is a suite of antivirus software from McAfee, Inc.MTP Free Antivirus Trial is its free trial version. A code issue vulnerability exists in the Microsoft Windows client in McAfee Total Protection MTP Free Antivirus Trial 16.0.R18 and prior versions. An attacker could...

Google Chrome V8 Code Execution Vulnerability (CNVD-2019-42757)

Google Chrome is a web browser. A security vulnerability exists in the Google Chrome V8 engine handling, which allows remote attackers to exploit the vulnerability to build malicious WEB pages that can be tricked into parsing by users, which can crash applications or execute arbitrary code...

Delta Industrial Automation TPEditor TPE File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation TPEditor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

CVE-2019-0355

SAP NetWeaver Application Server Java Web Container, ENGINEAPI before versions 7.10, 7.20, 7.30, 7.31, 7.40, 7.50 and SAP-JEECOR before versions 6.40, 7.0, 7.01, allows an attacker to inject code that can be executed by the application. An attacker could thereby control the behaviour of the...

OPENSUSE-SU-2019:2108-1 Security update for SDL2_image

This update for SDL2image fixes the following issues: Update to new upstream release 2.0.5. Security issues fixed: TALOS-2019-0820 CVE-2019-5051: exploitable heap-based buffer overflow vulnerability when loading a PCX file boo1140419 TALOS-2019-0821 CVE-2019-5052: exploitable integer overflow...