Vulnerability & Exploit Database

Displaying entries 191 - 200 of 128560 in total

Microsoft CVE-2018-0986: Malware Protection Engine Remote Code Execution Vulnerability Vulnerability

  • Severity: 9
  • Published: April 03, 2018

A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file leading to memory corruption.

An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSystem account and...

Alpine Linux: CVE-2018-8778: Ruby 2.2.9, 2.3.6, 2.4.3, 2.5.0 Multiple Vulnerabilitie Vulnerability

  • Severity: 4
  • Published: April 03, 2018

In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, an attacker controlling the unpacking format (similar to format string vulnerabilities) can trigger a buffer under-read in the String#unpack method, resulting in a massive and controlled information disclosure.

Alpine Linux: CVE-2018-6914: Ruby 2.2.9, 2.3.6, 2.4.3, 2.5.0 Multiple Vulnerabilitie Vulnerability

  • Severity: 4
  • Published: April 03, 2018

Directory traversal vulnerability in the Dir.mktmpdir method in the tmpdir library in Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1 might allow attackers to create arbitrary directories or files via a .. (dot dot) in the prefix argument.

Debian: CVE-2018-0492: beep -- security update Vulnerability

  • Severity: 4
  • Published: April 02, 2018

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From DSA-4163:

It was discovered that a race condition in beep (if configured as setuid

via debconf) allows local privilege escalation.

Apple Safari security update for CVE-2018-4165 Vulnerability

  • Severity: 4
  • Published: April 02, 2018

An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a den...

Apple Safari security update for CVE-2018-4163 Vulnerability

  • Severity: 4
  • Published: April 02, 2018

An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execu...