4323 matches found
Bitdefender Total Security Local Code Execution Vulnerability (CNVD-2017-35574)
Bitdefender Total Security is a security solution. A local code execution vulnerability exists in Bitdefender Total Security. A local attacker can exploit this issue to execute arbitrary code in the context of an affected application...
Bitdefender Total Security Local Code Execution Vulnerability
Bitdefender Total Security is a security solution. A local code execution vulnerability exists in Bitdefender Total Security. A local attacker can exploit this issue to execute arbitrary code in the context of an affected application...
IrfanView buffer overflow vulnerability (CNVD-2017-30376)
IrfanView is a Bosnia and Herzegovina software developer Irfan Skiljan developed a picture viewer, which supports image browsing, image editing, image format conversion, etc. PDF plugin is one of the PDF document reading plug-ins. IrfanView 4.44 32-bit in the PDF plugin version 4.43 there is a...
CVE-2017-5721
Insufficient input validation in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows local attackers to execute arbitrary code via manipulation of memory...
STDU Viewer Buffer Overflow Vulnerability (CNVD-2017-30276)
STDU Viewer is a free file viewer that supports multiple formats. The program supports TIFF, PDF, DjVu, XPS and WWF formats. A buffer overflow vulnerability exists in STDU Viewer version 1.6.375. A local attacker can exploit this vulnerability with a specially crafted .xps file to execute arbitra...
STDU Viewer Buffer Overflow Vulnerability (CNVD-2017-30323)
STDU Viewer is a free file viewer that supports multiple formats. The program supports TIFF, PDF, DjVu, XPS and WWF formats. A buffer overflow vulnerability exists in STDU Viewer version 1.6.375. A local attacker can exploit this vulnerability with a specially crafted .djvu file to execute...
STDU Viewer Buffer Overflow Vulnerability (CNVD-2017-30283)
STDU Viewer is a free file viewer that supports multiple formats. The program supports TIFF, PDF, DjVu, XPS and WWF formats. A buffer overflow vulnerability exists in STDU Viewer version 1.6.375. A local attacker can exploit this vulnerability with a specially crafted .xps file to execute arbitra...
STDU Viewer Buffer Overflow Vulnerability (CNVD-2017-30285)
STDU Viewer is a free file viewer that supports multiple formats. The program supports TIFF, PDF, DjVu, XPS and WWF formats. A buffer overflow vulnerability exists in STDU Viewer version 1.6.375. A local attacker can exploit this vulnerability with a specially crafted .xps file to execute arbitra...
XnView Classic for Windows Buffer Overflow Vulnerability (CNVD-2017-27610)
XnView Classic for Windows is an image viewing software for Windows developed by French software developer Gougelet Pierre-Emmanuel. The software can be used to view, convert, organize and edit graphic and video files. A buffer overflow vulnerability exists in version 2.40 of XnView Classic for...
CVE-2016-5759
CVE-2016-5759 affects the mkdumprd script used by kdump environments. The vulnerability arises because mkdumprd can invoke dracut from the current directory (./dracut), enabling a local attacker to trick the administrator into executing code with root privileges. Public sources (NVD, SUSE and Red...
CVE-2017-11158
Multiple untrusted search path vulnerabilities in the installer in Synology Cloud Station Drive before 4.2.5-4396 on Windows allow local attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse 1 shfolder.dll, 2 ntmarta.dll, 3 secur32.dll or 4 dwmapi.dll file in th...
The Sleuth Kit Buffer Overflow Vulnerability
The Sleuth Kit TSK is a collection of data forensic tools developed by software developer Brian Carrier. The tools are able to analyze file systems such as FAT, NTFS, UFS, etc. and provide detailed information about the file system, including deleted data. A buffer overflow vulnerability exists i...
CVE-2017-10950
This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Bitdefender Total Security 21.0.24.62. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...
CVE-2017-10950
CVE-2017-10950 affects Bitdefender Total Security (bdfwfpf kernel driver). The vulnerability lies in the handling of IOCTL 0x8000E038 where the driver fails to validate the existence of an object before operating on it, enabling a local attacker to execute arbitrary code in the SYSTEM context. Ex...
CVE-2017-11159
Multiple untrusted search path vulnerabilities in installer in Synology Photo Station Uploader before 1.4.2-084 on Windows allows local attackers to execute arbitrary code and conduct DLL hijacking attack via a Trojan horse 1 shfolder.dll, 2 ntmarta.dll, 3 secur32.dll or 4 dwmapi.dll file in the...
CVE-2017-11160
Multiple untrusted search path vulnerabilities in installer in Synology Assistant before 6.1-15163 on Windows allows local attackers to execute arbitrary code and conduct DLL hijacking attack via a Trojan horse 1 shfolder.dll, 2 ntmarta.dll, 3 secur32.dll or 4 dwmapi.dll file in the current worki...
CVE-2015-3649
The open-uri-cached rubygem allows local users to execute arbitrary Ruby code by creating a directory under /tmp containing "openuri-" followed by a crafted UID, and putting Ruby code in said directory once a meta file is created...
SIMPlight SCADA Software DLL Load Local Code Execution Vulnerability
SIMPlight SCADA is software for building management systems and automation equipment. SIMPlight SCADA Software suffers from a DLL Load Native Code Execution vulnerability that could be exploited by an attacker to submit a special file to trick a user into requesting and elevating privileges...
Solar Controls WATTConfig M Software DLL Load Local Code Execution Vulnerability
Solar Controls WATTConfig M Software is a suite of software for use in Solar Controls devices from Solar Controls, Czech Republic. A security vulnerability exists in Solar Controls WATTConfig M Software version 2.5.10.1 and earlier. The vulnerability can be exploited by an attacker to execute...
Denial of service
HashiCorp Vagrant VMware Fusion plugin aka vagrant-vmware-fusion before 4.0.24 uses weak permissions for the sudo helper scripts, allows local users to execute arbitrary code with root privileges by overwriting one of the scripts...