4382 matches found
Microsoft Windows DNS Server Memory Misreference Vulnerability
Microsoft Windows is a series of operating systems released by the American company Microsoft. A memory misreference vulnerability exists in the Microsoft Windows DNS server, which arises from a failure of the program to properly process a request. An attacker is allowed to exploit the...
UBUNTU-CVE-2015-5723
Doctrine Annotations before 1.2.7, Cache before 1.3.2 and 1.4.x before 1.4.2, Common before 2.4.3 and 2.5.x before 2.5.1, ORM before 2.4.8 or 2.5.x before 2.5.1, MongoDB ODM before 1.0.2, and MongoDB ODM Bundle before 3.0.1 use world-writable permissions for cache directories, which allows local...
The vulnerability of the Integrated Architecture Builder software, a tool for creating control systems, allows a hacker to execute arbitrary code.
The vulnerability of the IAB.exe component of the Integrated Architecture Builder software, which is used for creating control systems, is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating locally, to execute arbitrary code using a...
CVE-2016-2780
Untrusted search path vulnerability in Huawei UTPS before UTPS-V200R003B015D15SP00C983 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL in an unspecified directory...
Red Hat redhat-support-plugin-rhev local code execution vulnerability
Red Hat redhat-support-plugin-rhev is a technology preview feature that seamlessly integrates access to Red Hat Subscription Services from the Red Hat Enterprise Virtualization Management Portal. A security vulnerability in Red Hat redhat-support-plugin-rhev allows local attackers to exploit the...
FTPShell Client 5.24 - Local Buffer Overflow
FTPShell Client 5.24 - Local Buffer Overflow ''' + Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/FTPSHELL-v5.24-BUFFER-OVERFLOW.txt Vendor: ================================ www.ftpshell.com Product: ================================...
FTPShell Client 5.24 Buffer Overflow
Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/FTPSHELL-v5.24-BUFFER-OVERFLOW.txt Vendor: ================================ www.ftpshell.com Product: ================================ FTPShell Client version 5.24 FTPShell client is a...
KiTTY Portable 0.65.1.1p - Local Saved Session Overflow (Egghunter XP / Denial of Service 7/8.1/10)
Exploit Title: KiTTY Portable Local Code Execution Win7 - Denial Of Service Win8.1 - Denial Of Service Win10 - Denial Of Service...
glibc: data corruption while reading the NSS files database
It was discovered that the nssfiles backend for the Name Service Switch in glibc would return incorrect data to applications or corrupt the heap depending on adjacent heap contents. A local attacker could potentially use this flaw to execute arbitrary code on the system...
Debian: Security Advisory (DSA-3369-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Apple OS X intel graphics driver memory corruption vulnerability
Apple OS X is an operating system developed by Apple Inc. A memory corruption vulnerability exists in the Apple OS X Intel graphics driver, which can be exploited by a local attacker to execute arbitrary code with system privileges...
HP LoadRunner < 12.50 Scenario File Local Code Execution
The version of HP LoadRunner installed on the remote host is prior to 12.50. It is, therefore, affected by a local code execution vulnerability due to an overflow condition that is triggered when handling scenario files .lrs. A local attacker can exploit this, via a specially crafted scenario fil...
Oracle Berkeley DB Local Arbitrary Code Execution Vulnerability (CNVD-2015-04784)
Oracle Berkeley DB is the industry's leading open source, embeddable storage engine that provides developers with a fast, reliable native database that requires no administration. A security vulnerability exists in the Oracle Berkeley DB Data Store component that can be exploited by a local...
Oracle Berkeley DB Local Arbitrary Code Execution Vulnerability (CNVD-2015-04779)
Oracle Berkeley DB is the industry-leading open source, embeddable storage engine that provides developers with a fast, reliable native database that requires no administration. A security vulnerability exists in the Oracle Berkeley DB Data Store component that can be exploited by a local attacke...
IBM i Access for Windows Stack Buffer Overflow Vulnerability
IBM i Access for Windows is a suite of client solutions from IBM in the United States that provide access to and use of desktop resources from a variety of different Windows operating systems. A stack buffer overflow vulnerability exists in IBM i Access for Windows that stems from the program's...
python-dbusmock local code execution vulnerability
python-dbusmock is a Python library for creating simulated objects on the D-Bus. A security vulnerability exists in python-dbusmock that allows a local attacker to exploit the vulnerability to execute arbitrary code...
WordPress BackWPUp Plugin 1.7.1 - Remote & Local Code Execution
This plugin is prone to remote and local code execution vulnerability. Solution Update the plugin...
Multiple Local Code Execution Vulnerabilities in DLL Loading for Multiple Rockwell Automation Products
FactoryTalk Services Platform provides regular. services such as diagnostic information, health monitoring services, and real-time data access for products and applications in the FactoryTalk system. Services such as diagnostic information, health monitoring services, and real-time data access ar...
Cisco IP Phones Vulnerable To Remote Eavesdropping
A critical vulnerability in the firmware of Cisco small business phones lets an unauthenticated attacker to remotely eavesdrop on private conversation and make phone calls from vulnerable devices without needing to authenticate, Cisco warned. LISTEN AND MAKE PHONE CALLS REMOTELY The vulnerability...
USN-2507-1 e2fsprogs vulnerabilities
Jose Duart discovered that e2fsprogs incorrectly handled invalid block group descriptor data. A local attacker could use this issue with a crafted filesystem image to possibly execute arbitrary code. CVE-2015-0247, CVE-2015-1572...