Foxit Reader OCG name Remote Code Execution Vulnerability

Foxit Reader is a small PDF document viewer and printing program. Foxit Reader has a security vulnerability in the handling of the OCG name attribute, which can be exploited to execute arbitrary code in the context of the current process due to a lack of validation before performing an operation ...

Foxit Reader XFA Button resolveNodes Remote Code Execution Vulnerability

Foxit Reader is a small PDF document viewer and printing program. Foxit Reader has a security vulnerability in the handling of the XFA Button resolveNodes element, which can be exploited to execute arbitrary code in the context of the current process, due to a lack of validation before performing...

UBUNTU-CVE-2017-17514

DISPUTED boxes.c in nip2 8.4.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that this product does not use the...

PT-2017-17124 · Andrzuk · Finecms

Name of the Vulnerable Software and Affected Versions: andrzuk/FineCMS versions prior to 2017-03-06 Description: The issue is related to a reflected XSS in index.php due to missing validation of the action parameter in application/classes/application.php. Recommendations: For versions prior to...

Midea's i+ smart refrigerator has design logic flaws

The Midea i+ Smart Refrigerator is a smart home appliance developed by Midea Group. Midea's i+ Smart Refrigerator is susceptible to man-in-the-middle attacks due to the insecure protocol for transmitting data and the lack of validation of what is transmitted on the client and server side. The lac...

ntp: vallen in extension fields are not validated

A stack-based buffer overflow was found in the way the NTP autokey protocol was implemented. When an NTP client decrypted a secret received from an NTP server, it could cause that client to crash...

abrt: does not validate contents of uploaded problem reports

It was discovered that, when moving problem reports between certain directories, abrt-handle-upload did not verify that the new problem directory had appropriate permissions and did not contain symbolic links. An attacker able to create a crafted problem report could use this flaw to expose other...

xen: Xen domain builder Out-of-memory due to malicious kernel/ramdisk

The PV domain builder in Xen 4.2 and earlier does not validate the size of the kernel or ramdisk 1 before or 2 after decompression, which allows local guest administrators to cause a denial of service domain 0 memory consumption via a crafted a kernel or b ramdisk...

Host crash due to failure to correctly validate PV kernel execution state

ISSUE DESCRIPTION Cannot specify user mode execution without specifying user-mode pagetables. Failure to validate this allows a malicious or buggy 64 bit PV guest to crash the host. nb: predates vulnerability handling process and therefore no formal announcement...

kernel: ext4: make_indexed_dir() missing validation

The makeindexeddir function in fs/ext4/namei.c in the Linux kernel 2.6.27 before 2.6.27.19 and 2.6.28 before 2.6.28.7 does not validate a certain reclen field, which allows local users to cause a denial of service OOPS by attempting to mount a crafted ext4 filesystem...

CVE-2008-5396

Array index error in the 1 torisa.c and 2 dahdi/tor2.c drivers in Zaptel aka DAHDI 1.4.11 and earlier allows local users in the dialout group to overwrite an integer value in kernel memory by writing to /dev/zap/ctl, related to missing validation of the sync field associated with the ZTSPANCONFIG...