866 matches found
Adobe Acrobat and Reader Memory Corruption (APSB17-11: CVE-2017-3038)
A memory corruption vulnerability exists in Adobe Acrobat Reader. The vulnerability is due to improper parsing of True Type font TTF format stream data resulting in out of bounds memory access. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted...
Linux kernel security bypass vulnerability (CNVD-2017-01860)
The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A security vulnerability exists in the time subsystem of Linux kernel 4.9.9 and earlier versions. A local attacker can exploit this vulnerability by reading the /proc/timerlis...
Acronis True Image: Backup App - Customized SSL, Dangerous filesystem permissions vulnerabilities
HackApp vulnerability scanner discovered that application Acronis True Image: Backup App published at the 'play' market has multiple vulnerabilities...
CVE-2016-7083
VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary code on the host OS or cause a denial of service host OS memory corruption via TrueType fonts embedd...
True Free Balance - Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application True Free Balance published at the 'play' market has multiple vulnerabilities...
gd: Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow
An integer overflow flaw, leading to a heap-based buffer overflow was found in the gdImagePaletteToTrueColor function of PHP's gd extension. A remote attacker could use this flaw to crash a PHP application or execute arbitrary code with the privileges of the user running that PHP application usin...
DLA-706-1 python-django - security update
Bulletin has no description...
Updated python-django packages fix security vulnerabilities
User with hardcoded password created when running tests on Oracle When running tests with an Oracle database, Django creates a temporary database user. In older versions, if a password isn't manually specified in the database settings TEST dictionary, a hardcoded password is used. This could allo...
Linux Kernel 2.6.22 3.9 (x86x64) - Dirty COW procselfmem Race Condition Privilege Escalation (SUID Method)
Linux Kernel 2.6.22 3.9 x86x64 - Dirty COW procselfmem Race Condition Privilege Escalation SUID Method / EDB-Note: After getting a shell, doing "echo 0 /proc/sys/vm/dirtywritebackcentisecs" may make the system more stable. uncomment correct payload first x86 or x64! $ gcc cowroot.c -o cowroot...
CVE-2016-7182
The Graphics component in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010...
CVE-2016-7182
The Graphics component in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010...
CVE-2016-3209
Graphics Device Interface aka GDI or GDI+ in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for Business 2016; Lync...
Privilege escalation
The Graphics component in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010...
CVE-2016-7182
CVE-2016-7182 is a true‑type font parsing elevation of privilege vulnerability in the Windows Graphics component. The flaw affects multiple Windows OS versions (Vista SP2, Server 2008 SP2/R2 SP1, Windows 7/8.1/10, Windows Server 2012 R2, Windows RT 8.1, Office 2007/2010, Word Viewer, Skype for Bu...
CVE-2016-3209
Graphics Device Interface aka GDI or GDI+ in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for Business 2016; Lync...
CVE-2016-7182
The Graphics component in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010...
Microsoft Office Multiple Remote Code Execution Vulnerabilities (3192884)
This host is missing a critical security update according to Microsoft Bulletin MS16-120. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Microsoft Silverlight Information Disclosure Vulnerability (3192884) - Mac OS X
This host is missing a critical security update according to Microsoft Bulletin MS16-120. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Microsoft Office Word Viewer Remote Code Execution Vulnerabilities (3192884)
This host is missing a critical security update according to Microsoft Bulletin MS16-120. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Microsoft Silverlight Information Disclosure Vulnerability (3192884)
This host is missing a critical security update according to Microsoft Bulletin MS16-120. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...