CVE-2018-10493

CVE-2018-10493 affects Foxit Reader 9.0.1.1049. The vulnerability is an information disclosure arising from improper validation of user-supplied data in the U3D Final Maximum Resolution attribute, causing a read past the end of an allocated object. Exploitation requires user interaction (maliciou...

Trend Micro Maximum Security Multiple Vulnerabilities (May 2018) - Windows

Trend Micro Maximum Security is prone to multiple vulnerabilities. This VT has been deprecated and split into multiple VTs based on vendor advisories: - Trend Micro Maximum Security 12.0 Build 1226 Multiple Vulnerabilities tmka-20066 OID: 1.3.6.1.4.1.25623.1.0.118643 - Trend Micro Maximum Securit...

Trend Micro Maximum Security Detection (Windows SMB Login)

Detection of installed version of Trend Micro Maximum Security on Windows. This VT has been deprecated and replaced by the VT SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Trend Micro Maximum Security tmusa Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Trend Micro Maximum Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

Unbreakable Enterprise kernel security update

4.1.12-124.14.2 - scsi: iscsitcp: set BDICAPSTABLEWRITES when data digest enabled Jianchao Wang Orabug: 27726302 - block: fix biowillgap for first bvec with offset Ming Lei Orabug: 27775588 - block: relax check on sg gap Ming Lei Orabug: 27775588 - block: don't optimize for non-cloned bio in...

Microsoft Windows: Maximum password age

This test checks the setting for policy OpenVAS Vulnerability Test $Id: winpasswdmaxage.nasl 11532 2018-09-21 19:07:30Z cfischer $ Check value for Maximum password age WMI Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH, http://www.greenbone.net This program is free...

Trend Micro Maximum Security tmnciesc Out-of-Bounds Read Information Disclosure Vulnerability

Trend Micro Maximum Security is multi-device virus, malware protection software. Trend Micro Maximum Security suffers from an information disclosure vulnerability that originates from a lack of proper user data validation in the tmnciesc.sys driver processing IOCTL 0x222814, which could allow an...

Trend Micro Maximum Security tmnciesc Buffer Overflow Elevation of Privilege Vulnerability

Trend Micro Maximum Security is multi-device virus, malware protection software. An elevation of privilege vulnerability exists in Trend Micro Maximum Security that could allow an attacker to execute low-privilege code on the target system...

Trend Micro Maximum Security tmnciesc buffer overflow elevation of privilege vulnerability (CNVD-2018-09710)

Trend Micro Maximum Security is multi-device virus, malware protection software. An elevation of privilege vulnerability exists in Trend Micro Maximum Security that stems from a lack of proper user data validation in the tmnciesc.sys driver processing IOCTL 0x222060, which could allow an attacker...

CVE-2018-5507

On F5 BIG-IP versions 13.0.0, 12.1.0-12.1.3.1, 11.6.1-11.6.2, or 11.5.1-11.5.5, vCMP guests running on VIPRION 2100, 4200 and 4300 series blades cannot correctly decrypt ciphertext from established SSL sessions with small MTU...

Trend Micro Maximum Security tmnciesc Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers disclose sensitive information on vulnerable installations of Trend Micro Maximum Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists with...

Trend Micro Maximum Security tmnciesc Buffer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Trend Micro Maximum Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...

Trend Micro Maximum Security tmnciesc Buffer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Trend Micro Maximum Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...

Chrome V8 - 'PropertyArray' Integer Overflow

/ Here's a snippet of the MigrateFastToFast function which is used to create a new PropertyArray object. int numberoffields = newmap-NumberOfFields; int inobject = newmap-GetInObjectProperties; int unused = newmap-UnusedPropertyFields; ... int totalsize = numberoffields + unused; int external =...

Trend Micro Maximum Security Regex Matching Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Maximum Security. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the...

UBUNTU-CVE-2016-10714

In zsh before 5.3, an off-by-one error resulted in undersized buffers that were intended to support PATHMAX characters...

DEBIAN-CVE-2018-6551

The malloc implementation in the GNU C Library aka glibc or libc6, from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZEMAX and could return a pointer to a heap region that is smaller than requested, eventually...

CVE-2017-17815

In Netwide Assembler NASM 2.14rc0, there is an illegal address access in ismmacro in asm/preproc.c that will cause a remote denial of service attack, because of a missing check for the relationship between minimum and maximum parameter counts...

Microsoft Windows Defender - Controlled Folder Bypass Through UNC Path

Microsoft Windows Defender - Controlled Folder Bypass Through UNC Path / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1418 Windows Defender: Controlled Folder Bypass through UNC Path Platform: Windows 10 1709 + Antimalware client version 4.12.16299.15 Class: Security Feature...

CVE-2017-17432

OpenAFS 1.x before 1.6.22 does not properly validate Rx ack packets, which allows remote attackers to cause a denial of service system crash or application crash via crafted fields, as demonstrated by an integer underflow and assertion failure for a small MTU value...