Code42 Enterprise and Crashplan for Small Business Client version 6.7 before 6.7.5, 6.8 before 6.8.8, and 6.9 before 6.9.4 allows eval injection. A proxy auto-configuration file, crafted by a lesser privileged user, may be used to execute arbitrary code at a higher privilege as the service user.
An issue was discovered in Schneider Electric Unity PRO prior to V11.1. Unity projects can be compiled as x86 instructions and loaded onto the PLC Simulator delivered with Unity PRO. These x86 instruc...
Norton Remove & Reinstall can be susceptible to a DLL preloading vulnerability. These types of issues occur when an application looks to call a DLL for execution and an attacker provides a malicious D...
NTP before 4.2.8p10 and 4.3.x before 4.3.94, when using PPSAPI, allows local users to gain privileges via a DLL in the PPSAPI_DLLS environment variable.
The disas_insn function in target/i386/translate.c in QEMU before 2.9.0, when TCG mode without hardware acceleration is used, does not limit the instruction size, which allows local users to gain priv...
A flaw was found in the GTK library. Under certain conditions, it is possible for a library to be injected into a GTK application from the current working directory.
PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 might allow remote authenticated users with the CREATEDB or CREATEROLE role to gain super...