Apache CouchDB contains an Authentication Bypass vulnerability and a OS Command Injection vulnerability, which allows attackers to gain arbitrary code execution on the affected system.
A Buffer Overflow exists in Zip-n-Go 4.9 when parsing .ZIP files. The vulnerability is caused due to a boundary error when handling a crafted .ZIP files.
Delta Industrial COMMGR is prone to a buffer overflow when handling spacially crafted packets.
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system.
Eternalromance targets were added to this module (Win 2000 to Win 2016)
The specific flaw exists within the processing of DVP files. The process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. This update adds CVE number and corrects some xml tags.
A Buffer Overflow exists when parsing .XML files by Command Import. The vulnerability is caused due to a boundary error when handling a crafted .XML files.
The specific flaw exists within the implementation of the 0x13C80 IOCTL in the BwOpcTool subsystem in VdBroadWinGetLocalDataLogEx. When parsing the NamedObject structure, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length buffer.
PhpCollab is vulnerable to an unauthenticated php remote file inclusion, allowing attackers to execute arbitrary php code in the system.
The specific flaw exists within implementation of the 0x138bd IOCTL in the webvrpcs process. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer.