67 matches found
Remote Code Execution (RCE)
ncurses is vulnerable to denial of service. Due to a flaw, there is a format string vulnerability in the fmtentry function. A crafted input will lead to a remote arbitrary code execution attack...
The vulnerability of the WebKit rendering module in OpenSUSE Leap operating systems, Mac OS X, iOS, tvOS, Safari browser, multimedia player iTunes, and iCloud service lies in the use of memory after it is freed. This allows an attacker to execute arbitrary code.
The vulnerability of the WebKit rendering module in operating systems such as Mac OS X, iOS, tvOS, Safari browser, multimedia player iTunes, and iCloud service is related to the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to execute arbitrary code memor...
Huawei EulerOS: Security Advisory for ncurses (EulerOS-SA-2018-1166)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Node.js third-party modules: Lack of input validation and sanitization in react-autolinker-wrapper library causes XSS
NOTE! Thanks for submitting a report! Please replace all the square sections below with the pertinent details. Remember, the more detail you provide, the easier it is for us to triage and respond quickly, so be sure to take your time filling out the report! I would like to report XSS in...
devolo dLAN 550 duo+ Starter Kit Remote Code Execution
Summary Devolo dLAN® 550 duo+ Starter Kit is Powerlineadapter which is a cost-effective and helpful networking alternative for any location without structured network wiring. Especially in buildings or residences lacking network cables or where updating the wiring would be expensive and...
CVE-2018-18589
CVE-2018-18589 concerns Micro Focus Real User Monitoring software with vulnerable versions: 9.26IP, 9.30, 9.40 and 9.50. Connected CVE data notes a Java deserialization vulnerability as the root cause, enabling potential remote arbitrary code execution. The CVE entry indicates the impact is remot...
EulerOS Virtualization 2.5.0 : ncurses (EulerOS-SA-2018-1252)
According to the versions of the ncurses packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In ncurses 6.0, there is a stack-based buffer overflow in the fmtentry function. A crafted input will lead to a remote arbitrary...
MacOS Malware Targets Cryptocurrency Community on Slack, Discord
Hackers using MacOS malware are targeting cryptocurrency investors that use both the Slack and Discord chat platforms. The malware, dubbed OSX.Dummy, uses an unsophisticated infection method, but those who are successfully attacked open their systems up to remote arbitrary code execution. “If the...
EulerOS 2.0 SP3 : ncurses (EulerOS-SA-2018-1166)
According to the versions of the ncurses packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In ncurses 6.0, there is a stack-based buffer overflow in the fmtentry function. A crafted input will lead to a remote arbitrary code execution...
CVE-2017-5807
A Remote Arbitrary Code Execution vulnerability in HPE Data Protector version prior to 8.17 and 9.09 was found...
Remote code execution
A Remote Arbitrary Code Execution vulnerability in HPE Data Protector version prior to 8.17 and 9.09 was found...
Remote code execution
A Remote Arbitrary Code Execution vulnerability in HPE Data Protector version prior to 8.17 and 9.09 was found...
CVE-2017-5793
A Remote Arbitrary Code Execution vulnerability in HPE Intelligent Management Center IMC PLAT version 7.2 E0403P06 was found...
CVE-2017-10684
In ncurses 6.0, there is a stack-based buffer overflow in the fmtentry function. A crafted input will lead to a remote arbitrary code execution attack...
HPE Synergy Planning Tool Remote Arbitrary Code Execution Vulnerability
HPE Synergy Planning Tool is prone to remote arbitrary code execution vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
HPE CISSS Remote Arbitrary Code Execution Vulnerability
HPE Converged Infrastructure Solution Sizer Suite CISSS is prone to a remote arbitrary code execution vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
The vulnerability of the Flash Player software, which allows a violator to execute arbitrary code
The vulnerability of the Flash Player software is related to errors in data type mixing. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
Mandriva Linux Security Advisory : squashfs-tools (MDVSA-2013:128)
Updated squashfs-tools packages fix security vulnerabilities : remote arbitrary code execution via crafted list file CVE-2012-4024. integer overflow in queueinit may lead to arbitrary code execution CVE-2012-4025. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and packa...
SuSE 10 Security Update : gaim (ZYPP Patch Number 6461)
This update of gaim fixes a remote arbitrary code execution vulnerability in MSN SLP packet processing code. CORE-2009-0727 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...
SuSE 10 Security Update : pidgin (ZYPP Patch Number 6463)
This update of pidgin fixes a remote arbitrary code execution vulnerability in MSN SLP packet processing code. CORE-2009-0727 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...