2218 matches found
Signal Messenger Android self deleting messages Information Disclosure Vulnerability
Summary Signal Messenger for Android 4.24.8 may expose private information when using “disappearing messages.” If a user uses the photo feature available in the “attach file” menu, then Signal will leave the picture in its own cache directory, which is available to any application on the system...
Netgate pfSense system_advanced_misc.php multiple remote command injection vulnerabilities
Summary Three exploitable command injection vulnerabilities exists in the way Netgate pfSense CE 2.4.4-RELEASE processes the parameters of a specific POST request. The attacker can exploit this and gain the ability to execute arbitrary commands on the system. An attacker needs to be able to send...
Atlantis Word Processor Huffman table code length remote code execution vulnerability
Summary An exploitable out-of-bounds write vulnerability exists in the PNG implementation of Atlantis Word Processor, version 3.2.7.2. This can allow an attacker to corrupt memory, which can result in code execution under the context of the application. An attacker must convince a victim to open ...
Atlantis Word Processor rich text format uninitialized TAutoList remote code execution vulnerability
Summary An exploitable uninitialized pointer vulnerability exists in the rich text format parser of Atlantis Word Processor, version 3.2.7.2. A specially crafted document can cause certain RTF tokens to dereference a pointer that has been uninitialized and then write to it. An attacker must...
Atlantis Word Processor open document format unchecked NewAnsiString length remote code execution vulnerability
Summary An exploitable arbitrary write vulnerability exists in the open document format parser of the Atlantis Word Processor, version 3.2.7.2, while trying to null-terminate a string. A specially crafted document can allow an attacker to pass an untrusted value as a length to a constructor. This...
TP-Link TL-R600VPN HTTP server denial-of-service vulnerability
Summary An exploitable denial-of-service vulnerability exists in the URI-parsing functionality of the TP-Link TL-R600VPN HTTP server. A specially crafted URL can cause the server to stop responding to requests, resulting in downtime for the management portal. An attacker can send either an...
TP-Link TL-R600VPN HTTP server information disclosure vulnerability
Summary An exploitable information disclosure vulnerability exists in the HTTP server functionality of the TP-Link TL-R600VPN. A specially crafted URL can cause a directory traversal, resulting in the disclosure of sensitive system files. An attacker can send either an unauthenticated or an...
TP-Link TL-R600VPN HTTP server ping address remote code execution vulnerability
Summary An exploitable remote code execution vulnerability exists in the ping and tracert functionality of the TP-Link TL-R600VPN http server. A specially crafted IP address can cause a stack overflow, resulting in remote code execution. An attacker can send a single authenticated HTTP request to...
TP-Link TL-R600VPN HTTP Server fs directory Remote Code Execution Vulnerability
Summary An exploitable remote code execution vulnerability exists in the HTTP header-parsing function of the TP-Link TL-R600VPN HTTP Server. A specially crafted HTTP request can cause a buffer overflow, resulting in remote code execution on the device. An attacker can send an authenticated HTTP...
Yi Technology Home Camera 27US p2p_tnp cleartext data transmission vulnerability
Summary An exploitable information disclosure vulnerability exists in the phone-to-camera communications of Yi Home Camera 27US 1.8.7.0D. An attacker can sniff network traffic to exploit this vulnerability. Tested Versions Yi Technology Home Camera 27US 1.8.7.0D Product URLs...
Yi Technology Home Camera 27US QR Code trans_info Code Execution Vulnerability
Summary An exploitable code execution vulnerability exists in the QR code scanning functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted QR Code can cause a buffer overflow, resulting in code execution. An attacker can make the camera scan a QR code to trigger this vulnerability...
Yi Technology Home Camera 27US Firmware 7z CRC Collision Vulnerability
Summary An exploitable code execution vulnerability exists in the firmware update functionality of the Yi Home Camera 27US 1.8.7.0D. A specially crafted 7-Zip file can cause a CRC collision, resulting in a firmware update and code execution. An attacker can insert an SDcard to trigger this...
Yi Technology Home Camera 27US Firmware Downgrade Vulnerability
Summary An exploitable firmware downgrade vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted file can cause a logic flaw, resulting in a firmware downgrade. An attacker can insert an SD card to trigger this vulnerability. Tested Versions...
Yi Technology Home Camera 27US nonce reuse authentication bypass vulnerability
Summary An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted set of UDP packets can cause a logic flaw, resulting in an authentication bypass. An attacker can sniff network traffic and send a set of packets to...
Yi Technology Home Camera 27US cloudAPI SSID Code Execution Vulnerability
Summary An exploitable code execution vulnerability exists in the cloud OTA setup functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted SSID can cause a command injection, resulting in code execution. An attacker can cause a camera to connect to this SSID to trigger this vulnerabilit...
Yi Technology Home Camera 27US QR Code Base64 Code Execution Vulnerability
Summary An exploitable code execution vulnerability exists in the QR code scanning functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted QR Code can cause a buffer overflow, resulting in code execution. An attacker can make the camera scan a QR code to trigger this vulnerability...
Yi Technology Home Camera 27US notice_to denial-of-service vulnerability
Summary An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted set of UDP packets can cause a settings change, resulting in denial of service. An attacker can send a set of packets to trigger this vulnerability...
Yi Technology Home Camera 27US TimeSync Code Execution Vulnerability
Summary An exploitable firmware downgrade vulnerability exists in the time syncing functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted packet can cause a buffer overflow, resulting in code execution. An attacker can intercept and alter network traffic to trigger this vulnerability...
Yi Technology Home Camera 27US Firmware Update Code Execution Vulnerability
Summary An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted file can cause a logic flaw and command injection, resulting in code execution. An attacker can insert an SD card to trigger this vulnerability...
Yi Technology Home Camera 27US CRCDec denial-of-service vulnerability
Summary An exploitable code execution vulnerability exists in the UDP network functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted set of UDP packets can allocate unlimited memory, resulting in denial of service. An attacker can send a set of packets to trigger this vulnerability...
Simple DirectMedia Layer SDL2_Image do_layer_surface code execution vulnerability
Summary An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2image-2.0.3. A specially crafted XCF image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. Tested...
MKVToolNix MKVINFO read_one_element code execution vulnerability
Summary A use-after-free vulnerability exists in the way MKVToolNix MKVINFO v25.0.0 handles the MKV matroska file format. A specially crafted MKV file can cause arbitrary code execution in the context of the current user. Tested Versions MKVToolNix mkvinfo v25.0.0 ‘Prog Noir’ 64-bit Product URLs...
Sophos HitmanPro.Alert hmpalert 0x2222CC privilege escalation vulnerability
Summary An exploitable arbitrary write vulnerability exists in the 0x2222CC IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to write data under controlled by an attacker address, resulting in memory corruption. An attacker can...
Sophos HitmanPro.Alert hmpalert 0x222000 kernel memory disclosure vulnerability
Summary An exploitable memory disclosure vulnerability exists in the 0x222000 IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure. An attacker can send an IRP...
Live Networks LIVE555 streaming media RTSPServer lookForHeader code execution vulnerability
Summary An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability...
Linksys ESeries multiple OS command injection vulnerabilities
Summary Multiple exploitable operating system command injections exist in the Linksys ESeries line of routers. Specially crafted entries to network configuration information can cause execution of arbitrary system commands, resulting in full control of the device. An attacker can send an...
Microsoft WindowsCodecs.dll SniffAndConvertToWideString information leak vulnerability
Summary An exploitable memory leak vulnerability exists in the SniffAndConvertToWideString function of WindowsCodecs.dll 10.0.17134.1. A specially crafted JPEG file can cause the library to return uninitialized memory, resulting in an information leak. An a victim would have to interact with a...
Intel Unified Shader Compiler for Intel Graphics Accelerator Remote Denial Of Service
Summary An exploitable denial-of-service vulnerability exists in the Intel’s Unified Shader Compiler for IntelR Graphics Accelerator 10.18.14.4889. A specially crafted pixel shader can cause denial-of-service issues. An attacker can provide a specially crafted shader file either in binary or text...
Intel Unified Shader Compiler for Intel Graphics Accelerator Pointer Corruption
Summary An exploitable pointer corruption vulnerability exists in the Intel’s Unified Shader Compiler for IntelR Graphics Accelerator 10.18.14.4889. A specially crafted pixel shader can cause a pointer corruption resulting in at least denial of service or, if exploited successfully, code executio...
Intel Unified Shader Compiler for Intel Graphics Accelerator Remote Denial Of Service
Summary An exploitable denial of service vulnerability exists in the Intel’s Unified Shader Compiler for IntelR Graphics Accelerator 10.18.14.4889. A specially crafted pixel shader can cause denial-of-service issues. An attacker can provide a specially crafted shader file either in binary or text...
Intuit Quicken Deluxe 2018 for Mac Password Protection Authentication Bypass Vulnerability
Summary An exploitable information disclosure vulnerability exists in the password protection functionality of Quicken Deluxe 2018 for Mac version 5.2.2. A specially crafted sqlite3 request can cause the removal of the password protection, allowing an attacker to access and modify the data withou...
VMware Workstation 14 Shader Functionality Assert Denial Of Service
Summary An exploitable denial-of-service vulnerability exists in VMware Workstation 14. A specially crafted pixel shader can cause denial-of-service issues. An attacker can provide a specially crafted shader file either in binary or text form to trigger this vulnerability. This vulnerability can ...
Google PDFium JBIG2 image ComposeToOpt2WithRect information disclosure vulnerability
Summary An exploitable out-of-bounds read on the heap vulnerability exists in the JBIG2 parsing code of Google Chrome version 67.0.3396.99. A specially crafted PDF document can trigger an out-of-bounds read, which can possibly lead to an information leak that could be used as part of an exploit. ...
Adobe Acrobat Reader DC collab review server remote code execution vulnerability
Summary Specific JavaScript code embedded in a PDF file can lead to a use-after-free condition when opening a PDF document in Adobe Acrobat Reader DC 2018.011.20040. With careful memory manipulation, this can lead to arbitrary code execution. In order to trigger this vulnerability, the victim wou...
Atlantis Word Processor Word document paragraph property (0xD608) sprmTDefTable uninitialized length code execution vulnerability
Summary An exploitable uninitialized length vulnerability exists within the Word document-parser of the Atlantis Word Processor. A specially crafted document can cause Atlantis to skip initializing a value representing the number of columns of a table. Later, the application will use this as a...
Atlantis Word Processor Windows Enhanced Metafile Code Execution Vulnerability
Summary An exploitable heap-based buffer overflow vulnerability exists in the Windows enhanced metafile parser of Atlantis Word Processor, version 3.2.5.0. A specially crafted image embedded within a document can cause an undersized allocation, resulting in an overflow when the application tries ...
Foxit PDF Reader JavaScript JSON.Stringify this remote code execution vulnerability
Summary An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick...
Foxit PDF Reader JavaScript Field object signatureInfo remote code execution vulnerability
Summary An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 9.2.0.9297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick...
Atlantis Word Processor Office Open XML TTableRow double free code execution vulnerability
Summary An exploitable double-free vulnerability exists in the Office Open XML parser of Atlantis Word Processor, version 3.2.5.0. A specially crafted document can cause a TTableRow instance to be referenced twice, resulting in a double-free vulnerability when both the references go out of scope...
Foxit PDF Reader JavaScript page change remote code execution vulnerability
Summary An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 9.2.0.9297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to...
Foxit PDF Reader Javascript importDataObject Remote Code Execution Vulnerability
Summary An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader version 9.2.0.9297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to...
Foxit PDF Reader JavaScript this.event.target Remote Code Execution Vulnerability
Summary An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to...
Foxit PDF Reader JavaScript getNthFieldName remote code execution vulnerability
Summary An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to...
Foxit PDF Reader Javascript Optional Content Group Remote Code Execution Vulnerability
Summary An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader version 9.2.0.9297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to...
Foxit PDF Reader JavaScript field object signatureGetSeedValue remote code execution vulnerability
Summary An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 9.2.0.9297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick...
Atlantis Word Processor document endnote reference code execution vulnerability
Summary An exploitable arbitrary write vulnerability exists in the Word document parser of the Atlantis word processor. A specially crafted document can prevent Atlas from adding elements to an array that is indexed by a loop. When reading from this array, the application will use an out-of-bound...
Atlantis Word Processor uninitialized TDocOleObject code execution vulnerability
Summary An exploitable uninitialized variable vulnerability exists in the RTF-parsing functionality of Atlantis Word Processor. A specially crafted RTF file can leverage an uninitialized stack address, resulting in an out-of-bounds write, which in turn could lead to code execution. Tested Version...
Atlantis Word Processor Office Open XML uninitialized TTableRow code execution vulnerability
Summary An exploitable uninitialized pointer vulnerability exists in the Office Open XML parser of Atlantis Word Processor, version 3.2.5.0. A specially crafted document can cause an uninitialized pointer representing a TTableRow to be assigned to a variable on the stack. This variable is later...
Foxit PDF Reader JavaScript getPageNumWords remote code execution vulnerability
Summary An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to...
Atlantis Word Processor JPEG length underflow code execution vulnerability
Summary An exploitable stack-based buffer overflow vulnerability exists in the JPEG parser of Atlantis Word Processor, version 3.2.5.0. A specially crafted image embedded within a document can cause a length to be miscalculated and underflow. This length is then treated as unsigned and then used ...