Arbitrary Code Execution

imagemagick is vulnerable to arbitrary code execution. The vulnerability exists as a heap-based buffer overflow flaw was found in the way ImageMagick parsed XCF files. If a specially-crafted XCF image was opened, ImageMagick could be made to overwrite heap memory beyond the bounds of its allocate...

Oolong CVE-2017-8570 samples and behind the idea-vulnerability warning-the black bar safety net

The so-called CVE-2017-8570 sample Last week, 360 days eye lab found foreign hackers on Github released a CVE-2017-8570 exploits code, but then deleted, in order to find quite a few labeled as CVE-2017-8570 Office malware samples, such as the following VirusTotal is marked as CVE-2017-8570 sample...

NX: User-assisted execution of arbitrary code

Background NoMachine's NX establishes remote connections to X11 desktops over small bandwidth links. NX and NX Node are the compression core libraries, whereas NX is used by FreeNX and NX Node by the binary-only NX servers. Description Multiple integer overflow and buffer overflow vulnerabilities...

Debian DSA-1421-1 : wesnoth - directory traversal

A vulnerability has been discovered in Battle for Wesnoth that allows remote attackers to read arbitrary files the user running the client has access to on the machine running the game client. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...