CVE-2017-7340

A Cross-Site Scripting vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to execute unauthorized code or commands via the applicationSearch parameter in the FortiView functionality...

Cross site scripting

A Cross-Site Scripting vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to execute unauthorized code or commands via the applicationSearch parameter in the FortiView functionality...

CVE-2017-7342

CVE-2017-7342 relates to Fortinet FortiPortal. Affected product: FortiPortal versions 4.0.0 and earlier. Root cause: a weak password recovery process that can allow an attacker to execute unauthorized code or commands via a hidden Close button. Impact: as per NVD, high/severe potential with remot...

CVE-2017-7340

A Cross-Site Scripting vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to execute unauthorized code or commands via the applicationSearch parameter in the FortiView functionality...

CVE-2017-7340

A Cross-Site Scripting vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to execute unauthorized code or commands via the applicationSearch parameter in the FortiView functionality...

CVE-2017-7340

CVE-2017-7340 affects Fortinet FortiPortal 4.0.0 and earlier. A Cross-Site Scripting flaw allows an attacker to execute unauthorized code/commands via the FortiView applicationSearch parameter. The vulnerability is tied to FortiPortal’s FortiView functionality; no exploitation details or patch/ve...

HPSBHF03611 rev. 2 - NVIDIA GPU Display Driver Vulnerabilities

Potential Security Impact Denial of service, Escalation of privilege, Unauthorized code execution, or Information disclosure Source: HP, HP Product Security Response Team PSRT Reported By: NVIDIA VULNERABILITY SUMMARY HP has been notified of potential security vulnerabilities with the GPU Display...

CVE-2018-12191

Bounds check in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or IntelR Server Platform Services before versions 4.00.04.383 or SPS 4.01.02.174, or IntelR TXE before versions 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially execute arbitrar...

Format string

A format string vulnerability in Fortinet FortiOS 5.6.0 allows attacker to execute unauthorized code or commands via the SSH username variable...

CVE-2018-1352

A format string vulnerability in Fortinet FortiOS 5.6.0 allows attacker to execute unauthorized code or commands via the SSH username variable...

CVE-2018-1352

A format string vulnerability in Fortinet FortiOS 5.6.0 allows attacker to execute unauthorized code or commands via the SSH username variable...

CVE-2018-1352

CVE-2018-1352 : Fortinet FortiOS 5.6.0 is affected by a format-string vulnerability in the SSH username handling that can enable remote code execution or commands, potentially causing memory corruption. The vulnerability is tied to the SSH username variable and is described in Fortinet’s FG-IR-18...

Design/Logic Flaw

In some Lenovo ThinkPads, an unquoted search path vulnerability was found in various versions of the Synaptics Pointing Device driver which could allow unauthorized code execution as a low privilege user...

CVE-2018-16098

In some Lenovo ThinkPads, an unquoted search path vulnerability was found in various versions of the Synaptics Pointing Device driver which could allow unauthorized code execution as a low privilege user...

CVE-2018-16098

In some Lenovo ThinkPads, an unquoted search path vulnerability was found in various versions of the Synaptics Pointing Device driver which could allow unauthorized code execution as a low privilege user...

CVE-2018-16098

In Lenovo ThinkPad laptops, an unquoted search path vulnerability in certain Synaptics Pointing Device driver versions could allow unauthorized code execution as a low-privilege user. The issue is caused by an unquoted path in the driver, with local attack vector and no user interaction required ...

CVE-2018-19036

An issue was discovered in several Bosch IP cameras for firmware versions 6.32 and higher. A malicious client could potentially succeed in the unauthorized execution of code on the device via the network interface...

VLC Media Player CAF Demuxer Integer Underflow Vulnerability - Mac OS X

VLC media player is prone to an integer underflow vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2018-6707

Denial of Service through Resource Depletion vulnerability in the agent in non-Windows McAfee Agent MA 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows local users to cause DoS, unexpected behavior, or potentially unauthorized code execution via knowledge of the internal trust mechanism...

Design/Logic Flaw

Denial of Service through Resource Depletion vulnerability in the agent in non-Windows McAfee Agent MA 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows local users to cause DoS, unexpected behavior, or potentially unauthorized code execution via knowledge of the internal trust mechanism...