Type confusion

Structured reply is a feature of the newstyle NBD protocol allowing the server to send a reply in chunks. A bounds check which was supposed to test for chunk offsets smaller than the beginning of the request did not work because of signed/unsigned confusion. If one of these chunks contains a...

CVE-2019-6189

A potential vulnerability was reported in Lenovo System Interface Foundation versions before v1.1.18.3 that could allow an administrative user to load an unsigned DLL...

CVE-2019-6189

A potential vulnerability was reported in Lenovo System Interface Foundation versions before v1.1.18.3 that could allow an administrative user to load an unsigned DLL...

Design/Logic Flaw

A potential vulnerability was reported in Lenovo System Interface Foundation versions before v1.1.18.3 that could allow an administrative user to load an unsigned DLL...

CVE-2019-6189

A potential vulnerability was reported in Lenovo System Interface Foundation versions before v1.1.18.3 that could allow an administrative user to load an unsigned DLL...

Lenovo System Interface Foundation Unsigned DLL Loading Vulnerability

The Lenovo System Interface Foundation is a collection of system services, drivers and plug-ins that support Lenovo Vantage applications. An unsigned DLL loading vulnerability exists in Lenovo System Interface Foundation versions prior to 1.1.18.3. An attacker can exploit this vulnerability to lo...

Comodo Internet Security DLL Preload Vulnerability

Comodo Internet Security CIS is an Internet security suite that includes an antivirus program, personal firewall, sandbox, and host-based intrusion prevention system HIPS. A DLL preloading vulnerability in signmgr.dll 6.5.0.819 in Comodo Internet Security 12.0 and earlier can be exploited to bypa...

CVE-2019-18215

An issue was discovered in signmgr.dll 6.5.0.819 in Comodo Internet Security through 12.0. A DLL Preloading vulnerability allows an attacker to implant an unsigned DLL named iLog.dll in a partially unprotected product directory. This DLL is then loaded into a high-privileged service before the...

CVE-2019-18215

An issue was discovered in signmgr.dll 6.5.0.819 in Comodo Internet Security through 12.0. A DLL Preloading vulnerability allows an attacker to implant an unsigned DLL named iLog.dll in a partially unprotected product directory. This DLL is then loaded into a high-privileged service before the...

Design/Logic Flaw

An issue was discovered in signmgr.dll 6.5.0.819 in Comodo Internet Security through 12.0. A DLL Preloading vulnerability allows an attacker to implant an unsigned DLL named iLog.dll in a partially unprotected product directory. This DLL is then loaded into a high-privileged service before the...

Symantec Endpoint Protection Code Execution Vulnerability

Symantec Endpoint Protection is a suite of antivirus software from Symantec USA. The software provides security across physical and virtual systems. A security vulnerability exists in Symantec Endpoint Protection SEP versions prior to 14.2 RU2. An attacker could exploit the vulnerability to execu...

CVE-2019-12758

Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to an unsigned code execution vulnerability, which may allow an individual to execute code without a resident proper digital signature...

CVE-2019-12758

Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to an unsigned code execution vulnerability, which may allow an individual to execute code without a resident proper digital signature...

Remote code execution

Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to an unsigned code execution vulnerability, which may allow an individual to execute code without a resident proper digital signature...

CVE-2019-12758

CVE-2019-12758 affects Symantec Endpoint Protection (SEP)/SEP Manager prior to 14.2 RU2. The issue is an unsigned code execution vulnerability; a local attacker may execute code without a resident digital signature, in the context of the affected application. Documents from Red Hat and Symantec i...

CVE-2019-12758

Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to an unsigned code execution vulnerability, which may allow an individual to execute code without a resident proper digital signature...

CVE-2019-5701

NVIDIA GeForce Experience, all versions prior to 3.20.0.118, contains a vulnerability when GameStream is enabled in which an attacker with local system access can load the Intel graphics driver DLLs without validating the path or signature also known as a binary planting or DLL preloading attack,...

DEBIAN-CVE-2019-18835

Matrix Synapse before 1.5.0 mishandles signature checking on some federation APIs. Events sent over /sendjoin, /sendleave, and /invite may not be correctly signed, or may not come from the expected servers...

gd: Unsigned integer underflow _gdContributionsAlloc()

Integer underflow in the gdContributionsAlloc function in gdinterpolation.c in the GD Graphics Library aka libgd before 2.2.4 allows remote attackers to have unspecified impact via vectors related to decrementing the u variable...

CVE-2010-2783

IcedTea6 before 1.7.4 allow unsigned apps to read and write arbitrary files, related to Extended JNLP Services...