451 matches found
DEBIAN-CVE-2019-1010180
GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet...
Fedora 29 : filezilla / libfilezilla (2019-6e77507660)
Bugfixes, and a security fix: Fixed vulnerabilities : Filenames containing double-quotation marks were not escaped correctly when selected for opening/editing. Depending on the associated program, parts of the filename could be interpreted as commands. Note that Tenable Network Security has...
June 18, 2019—KB4501371 (OS Build 17763.592)
None None...
The vulnerability of the sub-component “Job Opening” in the PeopleSoft Enterprise HCM Talent Acquisition Manager component of the Oracle PeopleSoft products allows a hacker to gain access to modify, add, or delete data.
The vulnerability of the Job Opening sub-component of the PeopleSoft Enterprise HCM Talent Acquisition Manager component of the Oracle PeopleSoft products is related to access control deficiencies. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to modify...
CVE-2019-2590
Vulnerability in the PeopleSoft Enterprise HCM Talent Acquisition Manager component of Oracle PeopleSoft Products subcomponent: Job Opening. The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...
CVE-2019-2590
Vulnerability in the PeopleSoft Enterprise HCM Talent Acquisition Manager component of Oracle PeopleSoft Products subcomponent: Job Opening. The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...
CVE-2019-0728
A remote code execution vulnerability exists in Visual Studio Code when it process environment variables after opening a project, aka 'Visual Studio Code Remote Code Execution Vulnerability'...
PT-2019-18293 · Foxit · Foxit Phantompdf
Name of the Vulnerable Software and Affected Versions: Foxit PhantomPDF affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on vulnerable installations. It requires user interaction, such as visiting a malicious page or opening a...
Hootoo HT-05 - Remote Code Execution Exploit
require 'msf/core' require 'net/http' require "uri" class MetasploitModule 'Hootoo HT-05 remote shell exploit', 'Description' = %q This module tries to open a door in the device by exploiting the RemoteCodeExecution by creating a backdoor inside the device This exploit was written by Andrei Manol...
Microsoft Jet Database Engine Remote Code Execution Vulnerability (CNVD-2019-14461)
Microsoft Jet Database Engine is an underlying database engine. A remote code execution vulnerability exists in Microsoft Jet Database Engine, which arises from the failure of Jet Database Engine to properly handle objects in memory, and can be exploited to execute arbitrary code on a victim's...
Microsoft Excel Information Disclosure Vulnerability (CNVD-2019-02778)
Microsoft Excel is a spreadsheet processing software in the Office suite of Microsoft USA. An information disclosure vulnerability exists in Microsoft Excel. An attacker can exploit this vulnerability by tricking a user into opening a specially crafted document to obtain sensitive information...
CVE-2018-4040
An exploitable uninitialized pointer vulnerability exists in the rich text format parser of Atlantis Word Processor, version 3.2.7.2. A specially crafted document can cause certain RTF tokens to dereference a pointer that has been uninitialized and then write to it. An attacker must convince a...
With The NASDAQ Bell Ceremony, We Kick Off The Next Leg of Imperva’s Incredible Journey
On Friday morning our CEO Chris Hylen and company execs rung the NASDAQ opening bell in New York, welcoming another day of trading for the world’s second-largest stock exchange; and taking full advantage of the opportunity to celebrate recent corporate milestones for Imperva. “I’m honored to be...
Mozilla: Crash with nested event loops
When manipulating user events in nested loops while opening a document through script, it is possible to trigger a potentially exploitable crash due to poor event handling. This vulnerability affects Firefox 63, Firefox ESR 60.3, and Thunderbird 60.3...
Mozilla: Crash with nested event loops
When manipulating user events in nested loops while opening a document through script, it is possible to trigger a potentially exploitable crash due to poor event handling. This vulnerability affects Firefox 63, Firefox ESR 60.3, and Thunderbird 60.3...
Mozilla Firefox and Firefox ESR Denial of Service Vulnerability (CNVD-2018-21822)
Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the U.S. Firefox ESR is an extended support version of Firefox. A security vulnerability exists in Mozilla Firefox versions prior to 63 and Firefox ESR versions prior to 60.3. The vulnerability stems from imprope...
Mozilla: Crash with nested event loops
When manipulating user events in nested loops while opening a document through script, it is possible to trigger a potentially exploitable crash due to poor event handling. This vulnerability affects Firefox 63, Firefox ESR 60.3, and Thunderbird 60.3...
CVE-2018-12392
When manipulating user events in nested loops while opening a document through script, it is possible to trigger a potentially exploitable crash due to poor event handling. This vulnerability affects Firefox 63, Firefox ESR 60.3, and Thunderbird 60.3...
UBUNTU-CVE-2018-12392
When manipulating user events in nested loops while opening a document through script, it is possible to trigger a potentially exploitable crash due to poor event handling. This vulnerability affects Firefox 63, Firefox ESR 60.3, and Thunderbird 60.3...
CVE-2018-3978
An exploitable out-of-bounds write vulnerability exists in the Word Document parser of the Atlantis Word Processor 3.0.2.3, 3.0.2.5. A specially crafted document can cause Atlantis to write a value outside the bounds of a heap allocation, resulting in a buffer overflow. An attacker must convince ...