1411 matches found
Design/Logic Flaw
NVIDIA driver contains a vulnerability where it is possible a use after free malfunction can occur due to improper usage of the listforeach kernel macro which could enable unauthorized code execution and possibly lead to elevation of privileges. This issue is rated as high. Product: Android...
Out-of-bounds
NVIDIA mediaserver contains a vulnerability where it is possible a use after free malfunction can occur due to an incorrect bounds check which could enable unauthorized code execution and possibly lead to elevation of privileges. This issue is rated as high. Product: Android. Version: N/A. Androi...
CVE-2017-6262
NVIDIA driver contains a vulnerability where it is possible a use after free malfunction can occur due to a race condition which could enable unauthorized code execution and possibly lead to elevation of privileges. This issue is rated as high. Product: Android. Version: N/A. Android ID:...
CVE-2017-6263
NVIDIA driver contains a vulnerability where it is possible a use after free malfunction can occur due to improper usage of the listforeach kernel macro which could enable unauthorized code execution and possibly lead to elevation of privileges. This issue is rated as high. Product: Android...
CVE-2017-6276
NVIDIA mediaserver contains a vulnerability where it is possible a use after free malfunction can occur due to an incorrect bounds check which could enable unauthorized code execution and possibly lead to elevation of privileges. This issue is rated as high. Product: Android. Version: N/A. Androi...
CVE-2017-6262
NVIDIA driver contains a vulnerability where it is possible a use after free malfunction can occur due to a race condition which could enable unauthorized code execution and possibly lead to elevation of privileges. This issue is rated as high. Product: Android. Version: N/A. Android ID:...
CVE-2017-6263
NVIDIA driver contains a vulnerability where it is possible a use after free malfunction can occur due to improper usage of the listforeach kernel macro which could enable unauthorized code execution and possibly lead to elevation of privileges. This issue is rated as high. Product: Android...
CVE-2017-6276
NVIDIA mediaserver contains a vulnerability where it is possible a use after free malfunction can occur due to an incorrect bounds check which could enable unauthorized code execution and possibly lead to elevation of privileges. This issue is rated as high. Product: Android. Version: N/A. Androi...
CVE-2017-6263
NVIDIA driver on Android contains a use-after-free vulnerability caused by improper use of the list_for_each kernel macro, potentially enabling local code execution and privilege escalation. Severity is high; exploitation is local and requires no user interaction per the provided data. The issue ...
CVE-2016-5713
Versions of Puppet Agent prior to 1.6.0 included a version of the Puppet Execution Protocol PXP agent that passed environment variables through to Puppet runs. This could allow unauthorized code to be loaded. This bug was first introduced in Puppet Agent 1.3.0...
CVE-2016-5713
Versions of Puppet Agent prior to 1.6.0 included a version of the Puppet Execution Protocol PXP agent that passed environment variables through to Puppet runs. This could allow unauthorized code to be loaded. This bug was first introduced in Puppet Agent 1.3.0...
Multiple vulnerabilities in the Intel Server Platform Services (SPS) subsystem of the Platform Controller Hub microprogramming system, which allow unauthorized code to be executed
The multiple vulnerabilities of the Intel Server Platform Services SPS subsystem, which are part of the Platform Controller Hub PCH microcontroller-based software family and serve as south bridges, are caused by buffer overflows. Exploitation of these vulnerabilities could allow an attacker to...
Circle with Disney check_torlist.sh Update Code Execution Vulnerability(CVE-2017-2881)
Summary An exploitable vulnerability exists in the torlist update functionality of Circle with Disney running firmware 2.0.1. Specially crafted network packets can cause the product to run an attacker-supplied shell script. An attacker can intercept and alter network traffic to trigger this...
Cross site request forgery (csrf)
A Cross-Site Request Forgery issue was discovered in ProMinent MultiFLEX M10a Controller web interface. The application does not sufficiently verify requests, making it susceptible to cross-site request forgery. This may allow an attacker to execute unauthorized code, resulting in changes to the...
CVE-2017-14011
A Cross-Site Request Forgery issue was discovered in ProMinent MultiFLEX M10a Controller web interface. The application does not sufficiently verify requests, making it susceptible to cross-site request forgery. This may allow an attacker to execute unauthorized code, resulting in changes to the...
CVE-2017-14011
A Cross-Site Request Forgery issue was discovered in ProMinent MultiFLEX M10a Controller web interface. The application does not sufficiently verify requests, making it susceptible to cross-site request forgery. This may allow an attacker to execute unauthorized code, resulting in changes to the...
SUSE-SU-2017:2466-1 Security update for xen
This update for xen fixes several issues. These security issues were fixed: - CVE-2017-14316: Missing bound check in function allocheappages for an internal array allowed attackers using crafted hypercalls to execute arbitrary code within Xen XSA-231, bsc1056278 - CVE-2017-14318: The function...
CVE-2017-3133
A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.6.0 and earlier allows attackers to execute unauthorized code or commands via the Replacement Message HTML for SSL-VPN...
CVE-2017-7734
A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.4.0 through 5.4.4 allows attackers to execute unauthorized code or commands via 'Comments' while saving Config Revisions...
Cross site scripting
A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.4.0 through 5.4.4 allows attackers to execute unauthorized code or commands via 'Comments' while saving Config Revisions...