Lucene search
K

4323 matches found

CNVD
CNVD
added 2017/10/30 12:0 a.m.0 views

Bitdefender Total Security Local Code Execution Vulnerability (CNVD-2017-35574)

Bitdefender Total Security is a security solution. A local code execution vulnerability exists in Bitdefender Total Security. A local attacker can exploit this issue to execute arbitrary code in the context of an affected application...

7.8AI score
Exploits0References1
CNVD
CNVD
added 2017/10/27 12:0 a.m.1 views

Bitdefender Total Security Local Code Execution Vulnerability

Bitdefender Total Security is a security solution. A local code execution vulnerability exists in Bitdefender Total Security. A local attacker can exploit this issue to execute arbitrary code in the context of an affected application...

7.8AI score
Exploits0References1
CNVD
CNVD
added 2017/10/12 12:0 a.m.4 views

IrfanView buffer overflow vulnerability (CNVD-2017-30376)

IrfanView is a Bosnia and Herzegovina software developer Irfan Skiljan developed a picture viewer, which supports image browsing, image editing, image format conversion, etc. PDF plugin is one of the PDF document reading plug-ins. IrfanView 4.44 32-bit in the PDF plugin version 4.43 there is a...

7.8CVSS8.2AI score0.02538EPSS
Exploits0References1
OSV
OSV
added 2017/10/11 12:29 a.m.3 views

CVE-2017-5721

Insufficient input validation in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows local attackers to execute arbitrary code via manipulation of memory...

7.5CVSS6AI score0.00865EPSS
Exploits0References1
CNVD
CNVD
added 2017/09/19 12:0 a.m.1 views

STDU Viewer Buffer Overflow Vulnerability (CNVD-2017-30276)

STDU Viewer is a free file viewer that supports multiple formats. The program supports TIFF, PDF, DjVu, XPS and WWF formats. A buffer overflow vulnerability exists in STDU Viewer version 1.6.375. A local attacker can exploit this vulnerability with a specially crafted .xps file to execute arbitra...

7.8CVSS8.1AI score0.00364EPSS
Exploits0References1
CNVD
CNVD
added 2017/09/19 12:0 a.m.0 views

STDU Viewer Buffer Overflow Vulnerability (CNVD-2017-30323)

STDU Viewer is a free file viewer that supports multiple formats. The program supports TIFF, PDF, DjVu, XPS and WWF formats. A buffer overflow vulnerability exists in STDU Viewer version 1.6.375. A local attacker can exploit this vulnerability with a specially crafted .djvu file to execute...

7.8CVSS8.1AI score0.00373EPSS
Exploits0References1
CNVD
CNVD
added 2017/09/19 12:0 a.m.3 views

STDU Viewer Buffer Overflow Vulnerability (CNVD-2017-30283)

STDU Viewer is a free file viewer that supports multiple formats. The program supports TIFF, PDF, DjVu, XPS and WWF formats. A buffer overflow vulnerability exists in STDU Viewer version 1.6.375. A local attacker can exploit this vulnerability with a specially crafted .xps file to execute arbitra...

7.8CVSS8.1AI score0.00364EPSS
Exploits0References1
CNVD
CNVD
added 2017/09/19 12:0 a.m.2 views

STDU Viewer Buffer Overflow Vulnerability (CNVD-2017-30285)

STDU Viewer is a free file viewer that supports multiple formats. The program supports TIFF, PDF, DjVu, XPS and WWF formats. A buffer overflow vulnerability exists in STDU Viewer version 1.6.375. A local attacker can exploit this vulnerability with a specially crafted .xps file to execute arbitra...

7.8CVSS8.1AI score0.00373EPSS
Exploits0References1
CNVD
CNVD
added 2017/09/19 12:0 a.m.3 views

XnView Classic for Windows Buffer Overflow Vulnerability (CNVD-2017-27610)

XnView Classic for Windows is an image viewing software for Windows developed by French software developer Gougelet Pierre-Emmanuel. The software can be used to view, convert, organize and edit graphic and video files. A buffer overflow vulnerability exists in version 2.40 of XnView Classic for...

7.8CVSS7.9AI score0.00373EPSS
Exploits0References1
CVE
CVE
added 2017/09/08 6:0 p.m.54 views

CVE-2016-5759

CVE-2016-5759 affects the mkdumprd script used by kdump environments. The vulnerability arises because mkdumprd can invoke dracut from the current directory (./dracut), enabling a local attacker to trick the administrator into executing code with root privileges. Public sources (NVD, SUSE and Red...

7.8CVSS7.4AI score0.00382EPSS
Exploits0References2Affected Software3
OSV
OSV
added 2017/08/31 1:29 p.m.4 views

CVE-2017-11158

Multiple untrusted search path vulnerabilities in the installer in Synology Cloud Station Drive before 4.2.5-4396 on Windows allow local attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse 1 shfolder.dll, 2 ntmarta.dll, 3 secur32.dll or 4 dwmapi.dll file in th...

7.8CVSS6.1AI score
Exploits0References1
CNVD
CNVD
added 2017/08/30 12:0 a.m.2 views

The Sleuth Kit Buffer Overflow Vulnerability

The Sleuth Kit TSK is a collection of data forensic tools developed by software developer Brian Carrier. The tools are able to analyze file systems such as FAT, NTFS, UFS, etc. and provide detailed information about the file system, including deleted data. A buffer overflow vulnerability exists i...

5.5CVSS7.2AI score0.00744EPSS
Exploits1References1
OSV
OSV
added 2017/08/29 1:29 p.m.3 views

CVE-2017-10950

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Bitdefender Total Security 21.0.24.62. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...

7CVSS6.2AI score0.00344EPSS
Exploits0References2
CVE
CVE
added 2017/08/29 1:0 p.m.54 views

CVE-2017-10950

CVE-2017-10950 affects Bitdefender Total Security (bdfwfpf kernel driver). The vulnerability lies in the handling of IOCTL 0x8000E038 where the driver fails to validate the existence of an object before operating on it, enabling a local attacker to execute arbitrary code in the SYSTEM context. Ex...

7CVSS7AI score0.00344EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2017/08/23 3:29 p.m.3 views

CVE-2017-11159

Multiple untrusted search path vulnerabilities in installer in Synology Photo Station Uploader before 1.4.2-084 on Windows allows local attackers to execute arbitrary code and conduct DLL hijacking attack via a Trojan horse 1 shfolder.dll, 2 ntmarta.dll, 3 secur32.dll or 4 dwmapi.dll file in the...

7.8CVSS6.1AI score
Exploits0References1
OSV
OSV
added 2017/08/18 7:29 p.m.3 views

CVE-2017-11160

Multiple untrusted search path vulnerabilities in installer in Synology Assistant before 6.1-15163 on Windows allows local attackers to execute arbitrary code and conduct DLL hijacking attack via a Trojan horse 1 shfolder.dll, 2 ntmarta.dll, 3 secur32.dll or 4 dwmapi.dll file in the current worki...

7.8CVSS6.1AI score0.00432EPSS
Exploits0References1
NVD
NVD
added 2017/08/18 4:29 p.m.22 views

CVE-2015-3649

The open-uri-cached rubygem allows local users to execute arbitrary Ruby code by creating a directory under /tmp containing "openuri-" followed by a crafted UID, and putting Ruby code in said directory once a meta file is created...

7.8CVSS7.7AI score0.00388EPSS
Exploits0References6
CNVD
CNVD
added 2017/08/14 12:0 a.m.2 views

SIMPlight SCADA Software DLL Load Local Code Execution Vulnerability

SIMPlight SCADA is software for building management systems and automation equipment. SIMPlight SCADA Software suffers from a DLL Load Native Code Execution vulnerability that could be exploited by an attacker to submit a special file to trick a user into requesting and elevating privileges...

7CVSS7AI score0.01356EPSS
Exploits0References1
CNVD
CNVD
added 2017/08/11 12:0 a.m.1 views

Solar Controls WATTConfig M Software DLL Load Local Code Execution Vulnerability

Solar Controls WATTConfig M Software is a suite of software for use in Solar Controls devices from Solar Controls, Czech Republic. A security vulnerability exists in Solar Controls WATTConfig M Software version 2.5.10.1 and earlier. The vulnerability can be exploited by an attacker to execute...

9.3CVSS8AI score0.01761EPSS
Exploits0References1
Prion
Prion
added 2017/08/08 7:29 p.m.15 views

Denial of service

HashiCorp Vagrant VMware Fusion plugin aka vagrant-vmware-fusion before 4.0.24 uses weak permissions for the sudo helper scripts, allows local users to execute arbitrary code with root privileges by overwriting one of the scripts...

7.2CVSS8.7AI score0.01109EPSS
Exploits3References3Affected Software1
Rows per page
Query Builder