A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory.
An issue was discovered in MalwareFox AntiMalware. Improper access control in zam32.sys and zam64.sys allows a non-privileged process to register itself with the driver by sending IOCTL 0x80002010 and then using IOCTL 0x8000204C to \\.\ZemanaAntiMalware to elevate privileges.
A Buffer Overflow exist in ASX to MP3 when parsing .ASX files. The vulnerability is caused due to a boundary error when handling a crafted .ASX files.
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Kingsoft Internet Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaws exists within the processing of IOCTL 0x80030004 or 0x80030008 by the KWatch3.sys (internet security) kernel driver. The issue lies in the failure to properly validate user-supplied data which can result in a kernel stack buffer overflow. An attacker can leverage this vulnerability to execute arbitrary code under the context of kernel.
A Buffer Overflow exists in Sync Breeze Enterprise 10.4.18 when parsing .XML files by Command Import. The vulnerability is caused due to a boundary error when handling a crafted .XML files.
Unauthenticated remote attackers that can connect to the "CloudMe Sync" client application listening on port 8888, can send a malicious payload causing
a Buffer Overflow condition. This will result in an attacker controlling the programs execution flow and allowing arbitrary code execution on the victims PC.
a Buffer Overflow condition. This will result in an attacker controlling the programs execution flow and allowing arbitrary code execution on the victims PC.
Spectre breaks the isolation between different applications. It allows an attacker to trick error-free programs, which follow best practices, into leaking their secrets. In fact, the safety checks of said best practices actually increase the attack surface and may make applications more susceptible to Spectre
This module performs a local check in order to detect if the target is vulnerable to CVE 2017-5154 (aka Meltdown).
This update adds Windows support.
This update adds Windows support.
The vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory.
HPE Intelligent Management Center is prone to a remote vulnerability that allows attackers to take advantage of an improper validation of user-supplied data, which can result in deserialization of untrusted data in WebDMDebugServlet.
An attacker can leverage this vulnerability to execute arbitrary code in the context of SYSTEM.
An attacker can leverage this vulnerability to execute arbitrary code in the context of SYSTEM.