1415 matches found
CVE-2017-14964
In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x8300005c...
CVE-2017-14966
The IKARUS anti.virus ntguard.sys driver contains an Arbitrary Write vulnerability in all 2.x releases before 2.16.18, caused by failure to validate input values from IOCTL 0x830000c0. This allows a local attacker with access to trigger arbitrary writes, potentially compromising kernel memory. Af...
UBUNTU-CVE-2017-17509
In HDF5 1.10.1, there is an out of bounds write vulnerability in the function H5Gentdecodevec in H5Gcache.c in libhdf5.a. For example, h5dump would crash or possibly have unspecified other impact someone opens a crafted hdf5 file...
CVE-2017-8181
CVE-2017-8181 affects Huawei smartphones with MTK-based camera driver prior to Nice-AL00C00B155. The vulnerability stems from insufficient input verification in the MTK camera driver, enabling an attacker to trick a user into installing a malicious app with elevated privileges and send a specific...
UBUNTU-CVE-2017-2896
An exploitable out-of-bounds write vulnerability exists in the xlsmergedCells function of libxls 1.4. . A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability...
CVE-2017-14961
In IKARUS anti.virus 2.16.7, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x8300000c...
Eaton ELCSoft LAD File Parsing Out-of-Bounds Write Remote Code Execution Vulnerability
The Eaton ELCSoft programmable logic control software runs on a PC and can help configure the ELC controller. Eaton ELCSoft suffers from an out-of-bounds write remote code execution vulnerability that can be exploited by an attacker to execute arbitrary code in the context of the current process...
sam2p file write vulnerability
sam2p is a UNIX command line utility program written in C++ that converts images to PDF and other formats. A file write vulnerability exists in sam2p version 0.49.3. An attacker can exploit this vulnerability to write to an illegal address...
ALPINE-CVE-2017-14164
A size-validation issue was discovered in opjj2kwritesot in lib/openjp2/j2k.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service heap-based buffer overflow affecting opjwritebytesLE in lib/openjp2/cio.c or possibly remote code execution...
Foxit PhantomPDF < 8.3.2 Multiple Vulnerabilities
According to its version, the Foxit PhantomPDF application formally known as Phantom installed on the remote Windows host is prior to 8.3.2. It is, therefore, affected by multiple vulnerabilities: - A flaw exists in the app.launchURL method allowing a context-dependent attacker to potentially...
Huawei Cell Phone Write Arbitrary Memory Vulnerability
Huawei P10 and P10 Plus are both smartphone products from Chinese company Huawei Huawei. A write-anywhere memory vulnerability exists in the Bootloader of the Huawei P10 and P10 Plus due to a lack of parameter checking. An attacker who has gained root access to the Android system can trick the us...
Debian cmdlineopts.clp write vulnerability
Debian is a free operating system created by the Debian Project Collaboration with Linux or FreeBSD as its kernel. grml-debootstrap is one of the packages used to install Debian systems. A security vulnerability exists in the cmdlineopts.clp file of grml-debootstrap in Debian. An attacker can...
CVE-2017-11459
SAP TREX 7.10 allows remote attackers to 1 read arbitrary files via an fget command or 2 write to arbitrary files and consequently execute arbitrary code via an fdir command, aka SAP Security Note 2419592...
Vlcms latest version has a file write vulnerability in the frontend
vlcms is a management system developed by Xigu software team based on OneThink framework to solve the promotion of handicraft. Vlcms latest version of the front-end file writing vulnerability, the vulnerability exists in the location of /Application/Callback/Controller/BaseController.class.php,...
CVE-2017-10994
Foxit Reader before 8.3.1 and PhantomPDF before 8.3.1 have an Arbitrary Write vulnerability, which allows remote attackers to execute arbitrary code via a crafted document...
openSUSE Security Update : clamav (openSUSE-2017-779)
This update for clamav fixes the following security issue : - CVE-2012-6706: Fixed an arbitrary memory write in VMSFDELTA filter in libclamunrar bsc1045490 This update was imported from the SUSE:SLE-12:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive tex...
Siemens OZW672 and OZW772 Data Read/Write Vulnerability
Siemens OZW672 and OZW772 are both building controller products from Siemens, Germany. A data read/write vulnerability exists in the Siemens OZW672 and OZW772. An attacker can exploit the vulnerability to read and write historical measurement data under certain conditions, or read and modify data...
CVE-2017-2298
The mcollective-sshkey-security plugin before 0.5.1 for Puppet uses a server-specified identifier as part of a path where a file is written. A compromised server could use this to write a file to an arbitrary location on the client with the filename appended with the string "pub.pem"...
CVE-2014-8149
The CVE-2014-8149 entry affects OpenDaylight Defense4All, specifically versions 1.1.0 and earlier. The vulnerability allows remote authenticated users to write report data to arbitrary files, indicating an improper access control/unauthorized file write flaw. The available sources confirm the imp...
ourphp ourphp_filebox.php write any file vulnerability in frontend
OURPHP is a PHP+MySQL based development of W3C standard building system. ourphp v1.7.3 ourphpfilebox.php exists a write arbitrary file vulnerability in the frontend, due to the program fails to effectively examine the data submitted by visitors. Attackers use the vulnerability by writing Trojan...