6067 matches found
CVE-2017-17514
boxes.c in nip2 8.4.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that this product does not use the BROWSER...
DEBIAN-CVE-2017-17518
swt/motif/browser.c in Whitedune aka whitedune 0.30.10 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: This issue is being disputed as not being ...
CVE-2017-17530
common/help.c in Geomview 1.9.5 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: this is disputed by a third party because no untrusted input can ...
CVE-2017-17518
swt/motif/browser.c in Whitedune aka whitedune 0.30.10 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: This issue is being disputed as not being ...
Foxit Reader Information Disclosure Vulnerability (CNVD-2018-00173)
Foxit Reader is China's Foxit Foxit Software Corporation, a PDF document reader. A security vulnerability exists in Foxit Reader version 8.3.1.21155, which is caused by the program failing to properly validate user-submitted data. The vulnerability can be exploited by a remote attacker to disclos...
CVE-2017-16680
Two potential audit log injections in SAP HANA extended application services 1.0, advanced model: 1 Certain HTTP/REST endpoints of controller service are missing user input validation which could allow unprivileged attackers to forge audit log lines. Hence the interpretation of audit log files...
PT-2017-14519 · Sap · Sap Hana Extended Application Services
Name of the Vulnerable Software and Affected Versions: SAP HANA extended application services version 1.0 Description: The issue involves two potential audit log injections in SAP HANA extended application services. Firstly, certain HTTP/REST endpoints of the controller service lack user input...
CVE-2017-17497
In Tidy 5.7.0, the prvTidyTidyMetaCharset function in clean.c allows attackers to cause a denial of service Segmentation Fault, because the currentNode variable in the "children of the head" processing feature is modified in the loop without validating the new value...
CVE-2017-17497
In Tidy 5.7.0, the prvTidyTidyMetaCharset function in clean.c allows attackers to cause a denial of service Segmentation Fault, because the currentNode variable in the "children of the head" processing feature is modified in the loop without validating the new value...
CVE-2017-8169
Huawei smart phones with software earlier than VIE-L09C40B360 versions have a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP which has the root privilege; the APP can send a specific parameter to the smart phone,...
CVE-2017-8150
The boot loaders of P10 and P10 Plus Huawei mobile phones with software the versions before Victoria-L09AC605B162, the versions before Victoria-L29AC605B162, the versions before Vicky-L29AC605B162 have an arbitrary memory write vulnerability due to the lack of parameter validation. An attacker wi...
SUSE-SU-2017:3047-1 Security update for xorg-x11-server
This update for xorg-x11-server fixes several issues. These security issues were fixed: - CVE-2017-13721: Missing validation of shmseg resource id in Xext/XShm could lead to shared memory segments of other users beeing freed bnc1052984 - CVE-2017-13723: A local denial of service via unusual...
IBM Rational DOORS Next Generation Cross-Site Scripting Vulnerability (CNVD-2017-37834)
IBM Rational DOORS Next Generation DNG and Rational Requirements Composer RRC are both requirements management solutions from IBM USA. The solutions are primarily used to define, manage, and report on requirements throughout the project lifecycle. A cross-site scripting vulnerability exists in IB...
Cisco Spark Board Local Security Bypass Vulnerability
Cisco Spark Board is a dedicated tablet device for video conferencing from Cisco. A local security bypass vulnerability exists in the upgrade process in Cisco Spark Board, which arises from the program failing to adequately validate the upgrade package. A local attacker could exploit the...
Trusted Boot Arbitrary Code Execution Vulnerability
Trusted Boot tboot is an open source pre-kernel/vmm module that supports booting OS kernels/VMMs after measurement and determination utilizing Intel TXT technology. An arbitrary code execution vulnerability exists in Boot 1.9.6 and earlier versions, which stems from a program's failure to validat...
Design/Logic Flaw
The Phoenix Framework versions 1.0.0 through 1.0.4, 1.1.0 through 1.1.6, 1.2.0, 1.2.2 and 1.3.0-rc.0 are vulnerable to unvalidated URL redirection, which may result in phishing or social engineering attacks...
CVE-2017-1000163
The Phoenix Framework versions 1.0.0 through 1.0.4, 1.1.0 through 1.1.6, 1.2.0, 1.2.2 and 1.3.0-rc.0 are vulnerable to unvalidated URL redirection, which may result in phishing or social engineering attacks...
UBUNTU-CVE-2017-16845
hw/input/ps2.c in Qemu does not validate 'rptr' and 'count' values during guest migration, leading to out-of-bounds access...
SUSE-SU-2017:3025-1 Security update for xorg-x11-server
This update for xorg-x11-server provides several fixes. These security issues were fixed: - CVE-2017-13723: Prevent local DoS via unusual characters in XkbAtomText and XkbStringText bsc1051150. - Improve the entropy when generating random data used in X.org server authorization cookies generation...
CVE-2017-14025
An Improper Input Validation issue was discovered in ABB FOX515T release 1.0. An improper input validation vulnerability has been identified, allowing a local attacker to provide a malicious parameter to the script that is not validated by the application, This could enable the attacker to retrie...