CVE-2018-0103

A Buffer Overflow vulnerability in Cisco WebEx Network Recording Player for Advanced Recording Format ARF files could allow a local attacker to execute arbitrary code on the system of a user. The attacker could exploit this vulnerability by sending the user a link or email attachment with a...

Cisco WebEx Network Recording Player Buffer Overflow Vulnerability (CNVD-2018-02227)

Cisco WebEx Network Recording Player is an application used to play back WebEx meeting minutes recorded on the computers of online meeting participants. A buffer overflow vulnerability exists in Cisco WebEx Network Recording Player. A local attacker could exploit this vulnerability by sending a...

Flaw Found In Dirty COW Patch

A flaw in the original patch for the notorious Dirty COW vulnerability could allow an adversary to run local code on affected systems and exploit a race condition to perform a privilege escalation attack. The flaw in the Dirty COW patch CVE-2016-5195, released in October 2016, was identified by...

CVE-2017-5706

Multiple buffer overflows in kernel in Intel Server Platform Services Firmware 4.0 allow attacker with local access to the system to execute arbitrary code...

Cisco FindIT Network Discovery Utility Local Arbitrary Code Execution Vulnerability

Cisco FindIT Network Discovery Utility is a network device manager from Cisco USA. The product provides management functions for Cisco network devices. A local arbitrary code execution vulnerability exists in Cisco FindIT Network Discovery Utility that originates when the program loads a maliciou...

Cisco Immunet antimalware installer untrustworthy search path vulnerability

Cisco Immunet antimalware is a set of malware protection programs from Cisco USA. installer is one of the installers. An untrusted search path vulnerability exists in the installer of Cisco Immunet antimalware, which results from insufficient input detection of paths and filenames before loading ...

PT-2017-3132 · Intel · Intel Management Engine +3

Name of the Vulnerable Software and Affected Versions: Intel Manageability Engine Firmware versions 8.x through 11.20 Description: The issue is related to multiple buffer overflows in Active Management Technology AMT that can be exploited by an attacker with local access to the system, allowing...

UBUNTU-CVE-2017-16837

Certain function pointers in Trusted Boot tboot through 1.9.6 are not validated and can cause arbitrary code execution, which allows local users to overwrite dynamic PCRs of Trusted Platform Module TPM by hooking these function pointers...

The vulnerability of the `load_elf_binary` function in the Linux operating system’s kernel allows a hacker to execute arbitrary code.

The vulnerability of the loadelfbinary function in the Linux operating system’s kernel arises from the improper allocation of the address range for the binary file PIE. This occurs when the CONFIGARCHBINFMTELFRANDOMIZEPIE configuration option is enabled, and the usual strategy for allocating...

Bitdefender Total Security Local Code Execution Vulnerability (CNVD-2017-35574)

Bitdefender Total Security is a security solution. A local code execution vulnerability exists in Bitdefender Total Security. A local attacker can exploit this issue to execute arbitrary code in the context of an affected application...

Bitdefender Total Security Local Code Execution Vulnerability

Bitdefender Total Security is a security solution. A local code execution vulnerability exists in Bitdefender Total Security. A local attacker can exploit this issue to execute arbitrary code in the context of an affected application...

IrfanView buffer overflow vulnerability (CNVD-2017-30376)

IrfanView is a Bosnia and Herzegovina software developer Irfan Skiljan developed a picture viewer, which supports image browsing, image editing, image format conversion, etc. PDF plugin is one of the PDF document reading plug-ins. IrfanView 4.44 32-bit in the PDF plugin version 4.43 there is a...

CVE-2017-5721

Insufficient input validation in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows local attackers to execute arbitrary code via manipulation of memory...

STDU Viewer Buffer Overflow Vulnerability (CNVD-2017-30323)

STDU Viewer is a free file viewer that supports multiple formats. The program supports TIFF, PDF, DjVu, XPS and WWF formats. A buffer overflow vulnerability exists in STDU Viewer version 1.6.375. A local attacker can exploit this vulnerability with a specially crafted .djvu file to execute...

XnView Classic for Windows Buffer Overflow Vulnerability (CNVD-2017-27610)

XnView Classic for Windows is an image viewing software for Windows developed by French software developer Gougelet Pierre-Emmanuel. The software can be used to view, convert, organize and edit graphic and video files. A buffer overflow vulnerability exists in version 2.40 of XnView Classic for...

STDU Viewer Buffer Overflow Vulnerability (CNVD-2017-30276)

STDU Viewer is a free file viewer that supports multiple formats. The program supports TIFF, PDF, DjVu, XPS and WWF formats. A buffer overflow vulnerability exists in STDU Viewer version 1.6.375. A local attacker can exploit this vulnerability with a specially crafted .xps file to execute arbitra...

STDU Viewer Buffer Overflow Vulnerability (CNVD-2017-30283)

STDU Viewer is a free file viewer that supports multiple formats. The program supports TIFF, PDF, DjVu, XPS and WWF formats. A buffer overflow vulnerability exists in STDU Viewer version 1.6.375. A local attacker can exploit this vulnerability with a specially crafted .xps file to execute arbitra...

STDU Viewer Buffer Overflow Vulnerability (CNVD-2017-30285)

STDU Viewer is a free file viewer that supports multiple formats. The program supports TIFF, PDF, DjVu, XPS and WWF formats. A buffer overflow vulnerability exists in STDU Viewer version 1.6.375. A local attacker can exploit this vulnerability with a specially crafted .xps file to execute arbitra...

CVE-2016-5759

CVE-2016-5759 affects the mkdumprd script used by kdump environments. The vulnerability arises because mkdumprd can invoke dracut from the current directory (./dracut), enabling a local attacker to trick the administrator into executing code with root privileges. Public sources (NVD, SUSE and Red...

CVE-2017-11158

Multiple untrusted search path vulnerabilities in the installer in Synology Cloud Station Drive before 4.2.5-4396 on Windows allow local attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse 1 shfolder.dll, 2 ntmarta.dll, 3 secur32.dll or 4 dwmapi.dll file in th...