3056 matches found
Design/Logic Flaw
IrfanView version 4.44 32bit with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "Read Access Violation on Control Flow starting at FPX!GetPlugInInfo+0x0000000000012bf2."...
Code injection
XnView Classic for Windows Version 2.40 allows remote attackers to execute code via a crafted .bie file, related to a "Read Access Violation on Block Data Move starting at Xjbig+0x000000000000121b."...
CVE-2017-9926
In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted file, related to a "Read Access Violation starting at image0000000000400000+0x000000000001b596."...
Design/Logic Flaw
IrfanView version 4.44 32bit with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "Read Access Violation on Control Flow starting at FPX!FPXGetScanDevicePropertyGroup+0x000000000000c99a."...
Design/Logic Flaw
IrfanView version 4.44 32bit with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "Read Access Violation on Block Data Move starting at FPX!FPXGetScanDevicePropertyGroup+0x000000000000b84f."...
UBUNTU-CVE-2017-9927
In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted file, related to a "Read Access Violation starting at image0000000000400000+0x000000000001b5fe."...
UBUNTU-CVE-2017-9926
In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted file, related to a "Read Access Violation starting at image0000000000400000+0x000000000001b596."...
CVE-2017-9926
In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted file, related to a "Read Access Violation starting at image0000000000400000+0x000000000001b596."...
CVE-2017-9926
Removed by vendor...
CVE-2017-9833
CVE-2017-9833 affects BOA Web Server 0.94.14rc21, enabling arbitrary file read via path traversal through the FILECAMERA parameter in /cgi-bin/wapopen. Exploitation reads files with root privileges without credentials. Affected component: BOA Web Server; root cause: improper handling of FILECAMER...
Siemens XHQ Elevation of Privilege Vulnerability
XHQ Production Operations Intelligence is Siemens Energy's flagship solution, widely deployed by the world's largest oil & gas and chemical companies. An elevation of privilege vulnerability exists in Siemens XHQ 4 and XHQ 5. It allows an authenticated remote user with low privileges to gain read...
CVE-2016-10395
In FlexNet Publisher versions before Luton SP1 11.14.1.1 running FlexNet Publisher Licensing Service on Windows platform, a boundary error related to a named pipe within the FlexNet Publisher Licensing Service can be exploited to cause an out-of-bounds memory read access and subsequently execute...
U.S. Dept Of Defense: Exposed FTP Credentials on ███████
Summary: An exposed configuration file leaks FTP credentials to a DoD server. Description: The config file hosted onftp://█████████/pub/misc/FTP███████Sign.exe.config exposes a username █████████ and associated password ███████. These are valid credentials for the FTP server operating on...
CVE-2017-3548
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: Integration Broker. Supported versions that are affected are 8.54 and 8.55. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HTTP to compromise...
CVE-2017-3552
Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications subcomponent: OPERA Room Image/Picture Setup. Supported versions that are affected are 5.4.0.x, 5.4.1.x, 5.4.2.x, 5.4.3.x, 5.5.0.x and 5.5.1.x. Easily "exploitable" vulnerability allows...
CVE-2017-3490
Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral Management component of Oracle Financial Services Applications subcomponent: Limits and Collateral. Supported versions that are affected are 12.0.0 and 12.1.0. Difficult to exploit vulnerability allows low privileged attacker...
CVE-2017-3498
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Kernel. The supported version that is affected is 11.3. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris...
CVE-2017-3474
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Zone. The supported version that is affected is 11.3. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successf...
CVE-2017-3473
Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications subcomponent: Miscellaneous. Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0.1 and 12.0.1. Easily "exploitable" vulnerability allows low privileged attacker with network access vi...
CVE-2016-5551
Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite subcomponent: NAS device addition. The supported version that is affected is 4.3. Easily "exploitable" vulnerability allows unauthenticated attacker with logon to the infrastructure where Solaris Cluster executes ...