systemtap: signed module loading race condition

The insertmodule function in runtime/staprun/staprunfuncs.c in the systemtap runtime tool staprun in SystemTap before 1.6 does not properly validate a module when loading it, which allows local users to gain privileges via a race condition between the signature validation and the module...

XnView may insecurely load executable files

Overview XnView may use unsafe methods for determining how to load executables .exe XnView is a software for viewing and converting graphic files. XnView loads certain executables when using the "Open containing folder" function. XnView contains an issue with the file search path, which may...

JVN#17844633: XnView may insecurely load executable files

XnView is a software for viewing and converting graphic files. XnView loads certain executables when using the "Open containing folder" function. XnView contains an issue with the file search path, which may insecurely load executables. Impact An attacker may execute arbitrary code with the...

Opera Browser Multiple Vulnerabilities Jul-11 (Windows)

The host is installed with Opera browser and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gboperamultvulnwin02jul11.nasl 7006 2017-08-25 11:51:20Z teissa $ Opera Browser Multiple Vulnerabilities July-11 Windows Authors: Madhuri D Copyright: Copyright c 2011 Greenbone...

Opera Browser Multiple Vulnerabilities (Jul 2011) - Windows

Opera browser is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Citrix EdgeSight for Load Testing Detection

Citrix EdgeSight for Load Testing, a system and network monitoring application, is installed on the remote Windows host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid55473; scriptversion"1.9"; scriptsetattributeattribute:"pluginmodificationdate", value:"2022/10/10"...

Citrix EdgeSight for Load Testing < 3.8.1 Remote Code Execution

According to its version number, the Citrix EdgeSight for Load Testing install on the remote Windows host is earlier than 3.8.1. As such, it is affected by a code execution vulnerability in the 'LauncherService.exe' component. C Tenable Network Security, Inc. include"compat.inc"; if description...

Integer overflow

Multiple integer overflows in the loadimage function in file-pcx.c in the Personal Computer Exchange PCX plugin in GIMP 2.6.x and earlier allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted PCX image that triggers a heap-based...

Nmap NSE net: nrpe-enum

Queries Nagios Remote Plugin Executor NRPE daemons to obtain information such as load averages, process counts, logged in user information, etc. This script attempts to execute the stock list of commands that are enabled. User-supplied arguments are not supported. SYNTAX: nrpe-enum.cmds: A...

Gimp: Stack-based buffer overflow in Lighting plug-in

Stack-based buffer overflow in the loadpresetresponse function in plug-ins/lighting/lighting-ui.c in the "LIGHTING EFFECTS LIGHT" plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a long Position field...

Gimp: Integer overflow in the PCX image file plug-in

Multiple integer overflows in the loadimage function in file-pcx.c in the Personal Computer Exchange PCX plugin in GIMP 2.6.x and earlier allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted PCX image that triggers a heap-based...

Gimp: Integer overflow in the PCX image file plug-in

Multiple integer overflows in the loadimage function in file-pcx.c in the Personal Computer Exchange PCX plugin in GIMP 2.6.x and earlier allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted PCX image that triggers a heap-based...

Slackware 10.2 / 11.0 : bind 10.2/11.0 recompile (SSA:2009-015-01)

Updated bind packages are available for Slackware 10.2 and 11.0 to address a load problem. It was reported that the initial build of these updates complained that the Linux capability module was not present and would refuse to load. It was determined that the packages which were compiled on 10.2...

eFront js/scripts.php 'load' Parameter Remote File Inclusion

The version of eFront running on the remote web server is affected by a remote file inclusion vulnerability due to improper sanitization of user-supplied input to the 'load' parameter of the js/scripts.php script before using it in a PHP include function call. An attacker can exploit this issue t...

kernel: CAP_SYS_MODULE bypass via CAP_NET_ADMIN

The devload function in net/core/dev.c in the Linux kernel before 2.6.38 allows local users to bypass an intended CAPSYSMODULE capability requirement and load arbitrary modules by leveraging the CAPNETADMIN capability...

PT-2013-1385 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.38 Description: The issue allows local users to bypass an intended capability requirement, enabling them to load arbitrary modules. This is achieved by leveraging the CAP NET ADMIN capability in the dev load...

CVE-2011-1446

Google Chrome before 11.0.696.57 allows remote attackers to spoof the URL bar via vectors involving 1 a navigation error or 2 an interrupted load...

Design/Logic Flaw

Google Chrome before 11.0.696.57 allows remote attackers to spoof the URL bar via vectors involving 1 a navigation error or 2 an interrupted load...

CVE-2011-1446

Removed by vendor...

libmodplug: ReadS3M stack overflow vulnerability

Stack-based buffer overflow in the ReadS3M method in loads3m.cpp in libmodplug before 0.8.8.2 allows remote attackers to execute arbitrary code via a crafted S3M file...