Lucene search
K

1415 matches found

OSV
OSV
added 2017/12/20 6:29 p.m.3 views

CVE-2017-14964

In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x8300005c...

7.8CVSS5.8AI score0.00414EPSS
Exploits1References1
CVE
CVE
added 2017/12/20 6:0 p.m.65 views

CVE-2017-14966

The IKARUS anti.virus ntguard.sys driver contains an Arbitrary Write vulnerability in all 2.x releases before 2.16.18, caused by failure to validate input values from IOCTL 0x830000c0. This allows a local attacker with access to trigger arbitrary writes, potentially compromising kernel memory. Af...

7.8CVSS7.6AI score0.00414EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2017/12/11 3:29 a.m.7 views

UBUNTU-CVE-2017-17509

In HDF5 1.10.1, there is an out of bounds write vulnerability in the function H5Gentdecodevec in H5Gcache.c in libhdf5.a. For example, h5dump would crash or possibly have unspecified other impact someone opens a crafted hdf5 file...

8.8CVSS7.3AI score0.01508EPSS
Exploits0References4
CVE
CVE
added 2017/11/22 7:0 p.m.52 views

CVE-2017-8181

CVE-2017-8181 affects Huawei smartphones with MTK-based camera driver prior to Nice-AL00C00B155. The vulnerability stems from insufficient input verification in the MTK camera driver, enabling an attacker to trick a user into installing a malicious app with elevated privileges and send a specific...

7.8CVSS7.5AI score0.0064EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2017/11/20 10:29 p.m.8 views

UBUNTU-CVE-2017-2896

An exploitable out-of-bounds write vulnerability exists in the xlsmergedCells function of libxls 1.4. . A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability...

8.8CVSS7.4AI score0.02052EPSS
Exploits1References3
Cvelist
Cvelist
added 2017/11/15 4:0 p.m.30 views

CVE-2017-14961

In IKARUS anti.virus 2.16.7, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x8300000c...

7.6AI score0.01527EPSS
Exploits5References4
CNVD
CNVD
added 2017/09/27 12:0 a.m.5 views

Eaton ELCSoft LAD File Parsing Out-of-Bounds Write Remote Code Execution Vulnerability

The Eaton ELCSoft programmable logic control software runs on a PC and can help configure the ELC controller. Eaton ELCSoft suffers from an out-of-bounds write remote code execution vulnerability that can be exploited by an attacker to execute arbitrary code in the context of the current process...

8.7AI score
Exploits0References1
CNVD
CNVD
added 2017/09/25 12:0 a.m.19 views

sam2p file write vulnerability

sam2p is a UNIX command line utility program written in C++ that converts images to PDF and other formats. A file write vulnerability exists in sam2p version 0.49.3. An attacker can exploit this vulnerability to write to an illegal address...

9.8CVSS7.1AI score0.01694EPSS
Exploits1References1
OSV
OSV
added 2017/09/06 6:29 p.m.3 views

ALPINE-CVE-2017-14164

A size-validation issue was discovered in opjj2kwritesot in lib/openjp2/j2k.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service heap-based buffer overflow affecting opjwritebytesLE in lib/openjp2/cio.c or possibly remote code execution...

8.8CVSS8.6AI score0.05437EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2017/08/31 12:0 a.m.57 views

Foxit PhantomPDF < 8.3.2 Multiple Vulnerabilities

According to its version, the Foxit PhantomPDF application formally known as Phantom installed on the remote Windows host is prior to 8.3.2. It is, therefore, affected by multiple vulnerabilities: - A flaw exists in the app.launchURL method allowing a context-dependent attacker to potentially...

8.8CVSS8.6AI score0.07152EPSS
Exploits2References5
CNVD
CNVD
added 2017/08/17 12:0 a.m.5 views

Huawei Cell Phone Write Arbitrary Memory Vulnerability

Huawei P10 and P10 Plus are both smartphone products from Chinese company Huawei Huawei. A write-anywhere memory vulnerability exists in the Bootloader of the Huawei P10 and P10 Plus due to a lack of parameter checking. An attacker who has gained root access to the Android system can trick the us...

9.3CVSS8.1AI score0.00958EPSS
Exploits0References1
CNVD
CNVD
added 2017/08/08 12:0 a.m.11 views

Debian cmdlineopts.clp write vulnerability

Debian is a free operating system created by the Debian Project Collaboration with Linux or FreeBSD as its kernel. grml-debootstrap is one of the packages used to install Debian systems. A security vulnerability exists in the cmdlineopts.clp file of grml-debootstrap in Debian. An attacker can...

7.5CVSS7.4AI score0.01723EPSS
Exploits0References1
OSV
OSV
added 2017/07/25 6:29 p.m.4 views

CVE-2017-11459

SAP TREX 7.10 allows remote attackers to 1 read arbitrary files via an fget command or 2 write to arbitrary files and consequently execute arbitrary code via an fdir command, aka SAP Security Note 2419592...

9.8CVSS6.1AI score0.02354EPSS
Exploits0References1
CNVD
CNVD
added 2017/07/13 12:0 a.m.4 views

Vlcms latest version has a file write vulnerability in the frontend

vlcms is a management system developed by Xigu software team based on OneThink framework to solve the promotion of handicraft. Vlcms latest version of the front-end file writing vulnerability, the vulnerability exists in the location of /Application/Callback/Controller/BaseController.class.php,...

7AI score
Exploits0
OSV
OSV
added 2017/07/07 4:29 p.m.2 views

CVE-2017-10994

Foxit Reader before 8.3.1 and PhantomPDF before 8.3.1 have an Arbitrary Write vulnerability, which allows remote attackers to execute arbitrary code via a crafted document...

7.3CVSS6.1AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2017/07/07 12:0 a.m.32 views

openSUSE Security Update : clamav (openSUSE-2017-779)

This update for clamav fixes the following security issue : - CVE-2012-6706: Fixed an arbitrary memory write in VMSFDELTA filter in libclamunrar bsc1045490 This update was imported from the SUSE:SLE-12:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive tex...

10CVSS8.3AI score0.10027EPSS
Exploits4References2
CNVD
CNVD
added 2017/07/05 12:0 a.m.8 views

Siemens OZW672 and OZW772 Data Read/Write Vulnerability

Siemens OZW672 and OZW772 are both building controller products from Siemens, Germany. A data read/write vulnerability exists in the Siemens OZW672 and OZW772. An attacker can exploit the vulnerability to read and write historical measurement data under certain conditions, or read and modify data...

6.5CVSS6.8AI score0.00761EPSS
Exploits0References1
OSV
OSV
added 2017/06/30 8:29 p.m.22 views

CVE-2017-2298

The mcollective-sshkey-security plugin before 0.5.1 for Puppet uses a server-specified identifier as part of a path where a file is written. A compromised server could use this to write a file to an arbitrary location on the client with the filename appended with the string "pub.pem"...

6.5CVSS7AI score0.01494EPSS
Exploits0References3
CVE
CVE
added 2017/06/27 8:0 p.m.56 views

CVE-2014-8149

The CVE-2014-8149 entry affects OpenDaylight Defense4All, specifically versions 1.1.0 and earlier. The vulnerability allows remote authenticated users to write report data to arbitrary files, indicating an improper access control/unauthorized file write flaw. The available sources confirm the imp...

8.8CVSS8.3AI score0.01832EPSS
Exploits0References5Affected Software1
CNVD
CNVD
added 2017/06/26 12:0 a.m.4 views

ourphp ourphp_filebox.php write any file vulnerability in frontend

OURPHP is a PHP+MySQL based development of W3C standard building system. ourphp v1.7.3 ourphpfilebox.php exists a write arbitrary file vulnerability in the frontend, due to the program fails to effectively examine the data submitted by visitors. Attackers use the vulnerability by writing Trojan...

7.1AI score
Exploits0
Rows per page
Query Builder