Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write. Heap-based buffer overflow in the zzipmementryextrablock function in memdisk.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote attackers to cause a denial of service crash via ...

CVE-2017-3387

Vulnerability in the Oracle Advanced Outbound Telephony component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with...

IBM dashDB Local Hardcoding Vulnerability

IBM dashDB Local is a next-generation data warehouse storage and analytics solution from IBM USA for use in private clouds, virtual private clouds, and other container-enabled infrastructures. The solution features flexible container delivery, hybrid environment to store data, Spark in-memory bas...

Unspecified Vulnerability in Oracle FLEXCUBE Universal Banking (CNVD-2017-00945)

Oracle FLEXCUBE Universal Banking is the United States Oracle Oracle company's set of real-time, online coverage of retail, group, investment banking, a comprehensive solution. The program supports multi-currency, multi-language and multi-entity operations. A remote security vulnerability exists ...

Unspecified Vulnerability in Oracle FLEXCUBE Universal Banking (CNVD-2017-00941)

Oracle FLEXCUBE Universal Banking is the United States Oracle Oracle company's set of real-time, online coverage of retail, group, investment banking, a comprehensive solution. The program supports multi-currency, multi-language and multi-entity operations. A remote security vulnerability exists ...

Irssi memory corruption vulnerability (CNVD-2017-00312)

Irssi is a free, open source IRC client for use in Linux and Unix operating systems. Memory corruption vulnerabilities exist in Irssi versions 0.8.17 - 0.8.20. An attacker could exploit these vulnerabilities to obtain sensitive information or cause a denial of service condition...

Unspecified Buffer Overflow Vulnerability in IBM General Parallel File System

IBM Spectrum Scale and IBM GPFS General Parallel File System are both products of IBM Corporation in the U.S. IBM GPFS is a set of enterprise file management systems optimized for petabyte-scale storage management.IBM Spectrum Scale is a set of IBM GPFS-based data and IBM Spectrum Scale is a data...

PT-2017-1224 · Google +4 · Android +4

Name of the Vulnerable Software and Affected Versions: Android versions Kernel-3.10 through Kernel-3.18 Description: An elevation of privilege issue in the kernel networking subsystem could allow a local malicious application to execute arbitrary code within the context of the kernel. This issue ...

Samba User Emulation Vulnerability

Samba is a set of free software developed by the Samba team that enables UNIX series operating systems to connect to the SMB/CIFS network protocol of Microsoft Windows operating systems. The program supports sharing printers, transferring data files to each other, and so on. A security...

Core Security Bypass Vulnerability in Joomla!

Joomla! is the United States Open Source Matters team developed a set of open source content management system CMS. The system provides RSS feeds , site search and other features.Joomla! Core is a Joomla! kernel . A security bypass vulnerability exists in Joomla! Core versions 3.4.4 through 3.6.3...

Apache Tomcat Security Manager Security Restriction Bypass Vulnerability (CNVD-2016-10421)

Apache Tomcat is a popular open source JSP application server program. Apache Tomcat 7.0.0-7.0.70 suffers from a security restriction bypass vulnerability in its implementation. An attacker can exploit this vulnerability to bypass certain security restrictions and perform unauthorized operations...

PT-2022-21128 · Ovs +3 · Ovs +3

Name of the Vulnerable Software and Affected Versions: ovs versions v0.90.0 through v2.5.0 Description: The issue is related to a heap buffer over-read in flow.c, caused by an unsafe comparison in the minimasks function. This could lead to access to an unmapped region of memory, resulting in...

Cisco NX-OS Denial of Service Vulnerability (CNVD-2016-09438)

Cisco NX-OS on Nexus 2000, etc. is the United States Cisco Cisco company's set of operating system running in the Nexus 2000 and other series of devices. A denial of service vulnerability exists in Cisco NX-OS versions 4.0 through 7.3 and 11.0 through 11.2, which can be exploited by a remote...

Cybozu Office Restriction Bypass Vulnerability

Cybozu Office is a Web-based, cross-platform collaboration solution from Cybozu. A security vulnerability exists in Cybozu Office versions 9.0.0 through 10.4.0. An attacker can exploit the vulnerability to modify project information...

Cybozu Office Reflected File Download Vulnerability

Cybozu Office is a Web-based, cross-platform collaboration solution from Cybozu. A security vulnerability exists in Cybozu Office versions 9.0.0 through 10.4.0. The vulnerability can be exploited by an attacker to download files by tricking users into visiting a malicious page...

UBUNTU-CVE-2016-3920

id3/ID3.cpp in libstagefright in mediaserver in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows remote attackers to cause a denial of service device hang or reboot via a crafted file, aka internal bug 30744884...

c-ares heap buffer overflow vulnerability

c-ares is a C library for asynchronous execution of DNS requests and name resolution. A heap buffer overflow vulnerability exists in the 'arescreatequery' function in versions c-ares 1.0.0 through 1.11.0. A remote attacker could exploit this vulnerability to cause a denial of service write across...

CVE-2016-6433

The Threat Management Console in Cisco Firepower Management Center 5.2.0 through 6.0.1 allows remote authenticated users to execute arbitrary commands via crafted web-application parameters, aka Bug ID CSCva30872...

IBM Spectrum Control and IBM Storage Insights Catalog Traversal Vulnerability

IBM Spectrum Control and IBM Storage Insights are both storage resource management software from IBM USA. A directory traversal vulnerability exists in IBM Spectrum Control versions 5.2.8 through 5.2.10.1 and IBM Storage Insights. An attacker can exploit this vulnerability by sending a URL reques...

Haxx libcurl Integer Overflow Vulnerability

Haxx libcurl is a free , open source client-side URL transport library from the Swedish company Haxx. The library supports FTP, FTPS, TFTP, HTTP and so on. An integer overflow vulnerability exists in Haxx libcurl versions 7.11.1 through 7.50.2. An attacker can exploit this vulnerability to execut...