The snd_msndmidi_input_read function in sound/isa/msnd/msnd_midi.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service (over-boundary access) or possibly have unspecified other impact by changing the value of a...
The snd_msnd_interrupt function in sound/isa/msnd/msnd_pinnacle.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service (over-boundary access) or possibly have unspecified other impact by changing the value of a...
In systemd through 233, certain sizes passed to dns_packet_new in systemd-resolved can cause it to allocate a buffer that’s too small. A malicious DNS server can exploit this via a response with a specially...
Apache Ignite 1.0.0-RC3 to 2.0 uses an update notifier component to update the users about new project releases that include additional functionality, bug fixes and performance improvements. To do that the component communicates to...
Biscom Secure File Transfer versions 5.0.0.0 trough 5.1.1024 are vulnerable to post-authentication persistent cross-site scripting (XSS) in the "Name" and "Description" fields of a Workspace, as well as the "Description" field of a File...
IBM Curam Social Program Management 5.2, 6.0, and 7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading...
In index.php in Zen Cart 1.6.0, the products_id parameter can cause XSS. Date published : 2017-06-28 https://github.com/zencart/zencart/issues/1443 https://github.com/zhonghaozhao/zencart/issues/1
Ebuild in Gentoo may change directory and file permissions depending on the order of installed packages, which allows local users to read or write to restricted directories or execute restricted commands via navigating to...
ASA 5515-X Adaptive Security Appliance Adaptive Security Appliance (ASA) Software 9.4.x before 9.4.1 Interim, 9.2.x before 9.2.4 Interim, ASA 5510 Adaptive Security Appliance Adaptive Security Appliance (ASA) Software 8.4.x before 8.4.7 Interim, 8.2.x before...
OpenDaylight defense4all 1.1.0 and earlier allows remote authenticated users to write report data to arbitrary files. Date published : 2017-06-27 http://www.securityfocus.com/bid/72280 https://git.opendaylight.org/gerrit/#/c/13972/
Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, Internet Explorer 10, and Internet Explorer 11 allows remote attackers to execute arbitrary code. Date published : 2017-06-27 http://www.zerodayinitiative.com/advisories/ZDI-15-032 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-051
stalin 0.11-5 allows local users to write to arbitrary files. Date published : 2017-06-27 http://www.securityfocus.com/bid/79713/references https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=808730
Samsung Gallery in the Samsung Galaxy S6 allows local users to cause a denial of service (process crash). Date published : 2017-06-27 http://www.securityfocus.com/bid/77430 https://bugs.chromium.org/p/project-zero/issues/detail?id=500&redir=1
Samsung Gallery on the Samsung Galaxy S6 allows local users to cause a denial of service (process crash). Date published : 2017-06-27 http://www.securityfocus.com/bid/77429 https://bugs.chromium.org/p/project-zero/issues/detail?id=497&redir=1