345 matches found
CVE-2019-10207
A flaw was found in the Linux kernel’s Bluetooth implementation of UART. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call and cause the system to crash...
CVE-2019-10207
A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call and cause the syste...
Apache 2.4.17 2.4.38 - apache2ctl graceful logrotate Local Privilege Escalation
Apache 2.4.17 2.4.38 - apache2ctl graceful logrotate Local Privilege Escalation ?php CARPE DIEM: CVE-2019-0211 Apache Root Privilege Escalation Charles Fol @cfreal 2019-04-08 INFOS https://cfreal.github.io/carpe-diem-cve-2019-0211-apache-local-root.html USAGE 1. Upload exploit to Apache HTTP serv...
Internet Bug Bounty: Apache HTTP [2.4.17-2.4.38] Local Root Privilege Escalation
Hello, I reported a Local Root privilege escalation vulnerability on Apache HTTPd at the beginning of the year. Apache has now patched it, as you can see here. The vulnerability affects modprefork, modevent, and modworker, the most used mods on Linux. Basically, this is an arbitrary function call...
CVE-2019-9543
An issue was discovered in Poppler 0.74.0. A recursive function call, in JBIG2Stream::readGenericBitmap located in JBIG2Stream.cc, can be triggered by sending a crafted pdf file to for example the pdfseparate binary. It allows an attacker to cause Denial of Service Segmentation fault or possibly...
Remote Code Execution (RCE)
microsoft.chakracore is vulnerable to remote code execution. This happens when the NewTarget flag is passed on proxy function call trap. This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801,...
CVE-2018-8015
In Apache ORC 1.0.0 to 1.4.3 a malformed ORC file can trigger an endlessly recursive function call in the C++ or Java parser. The impact of this bug is most likely denial-of-service against software that uses the ORC file parser. With the C++ parser, the stack overflow might possibly corrupt the...
CVE-2018-8015
CVE-2018-8015 affects Apache ORC parsers (versions 1.0.0 to 1.4.3). A malformed ORC file can trigger an endlessly recursive function call in the C++ or Java parser, most likely causing a denial of service. With the C++ parser, the stack overflow may potentially corrupt the stack. The connected do...
CVE-2018-8015
In Apache ORC 1.0.0 to 1.4.3 a malformed ORC file can trigger an endlessly recursive function call in the C++ or Java parser. The impact of this bug is most likely denial-of-service against software that uses the ORC file parser. With the C++ parser, the stack overflow might possibly corrupt the...
CVE-2018-10734
KONGTOP DVR devices A303, A403, D303, D305, and D403 contain a backdoor that prints the login password via a PrintPassword function call in certain circumstances...
Default credentials
KONGTOP DVR devices A303, A403, D303, D305, and D403 contain a backdoor that prints the login password via a PrintPassword function call in certain circumstances...
UBUNTU-CVE-2018-8962
In libming 0.4.8, the decompileSingleArgBuiltInFunctionCall function of decompile.c has a use-after-free. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file...
Stack overflow
A stack-based buffer overflow Remote Code Execution issue was discovered in Design Science MathType 6.9c. This occurs in a function call in which the first argument is a corrupted offset value and the second argument is a stack buffer. This is fixed in 6.9d...
Moderate: Red Hat Security Advisory: kernel-rt security, bug fix, and enhancement update
An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
SAP KERNEL Trusted RFC connection security bypass vulnerability
SAP KERNEL is a set of basic technology platforms written in C from SAP in Germany. The platform is a support platform between the underlying layer and the business layer.32 NUC and so on are different versions of it.Trusted RFC connection is one of the RFC connection components. A security...
Double free
Double free in i18n/zonemeta.cpp in International Components for Unicode ICU for C/C++ through 59.1 allows remote attackers to execute arbitrary code via a crafted string, aka a "redundant UVector entry clean up function call" issue...
Oracle OIT IX SDK libvs_pdf Root xref Denial of Service Vulnerabiity(CVE-2016-3577)
DESCRIPTION A stack overflow leading to a crash due to unbounded recusive function call is present in the PDF file format parsing code of the IX SDK. TESTED VERSIONS Oracle Outside In IX sdk 8.5.1 PRODUCT URLs http://www.oracle.com/technetwork/middleware/content-management/oit-all-085236.html...
CVE-2017-15264
IrfanView version 4.44 32bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .tif file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at image0000000000400000+0x00000000000236e4....
CVE-2017-14281
XnView Classic for Windows Version 2.40 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at jbig2dec+0x00000000000090f1."...
Code Execution Vulnerability in China Knowledge Network CAJViewer Reader
China Knowledge CAJViewer Reader is a specialized full-text format reader for China Journal Network. A code execution vulnerability exists in CAJViewer. The vulnerability is due to insufficient program processing logic, an attacker can construct a specific string to control the address of the...