Microsoft ChakraCore Scripting Engine Remote Memory Corruption Vulnerability

Microsoft Windows is a series of operating systems released by Microsoft , ChakraCore is used in one of the open source core components of the JavaScript engine can also be used as a separate JavaScript engine . A remote memory corruption vulnerability exists in the Microsoft ChakraCore Scripting...

Microsoft Internet Explorer and Edge Scripting Engine Memory Corruption Vulnerability (CNVD-2018-16175)

Internet Explorer is a web browser from Microsoft. Formerly known as Microsoft Internet Explorer prior to version 6 and Windows Internet Explorer versions 7, 8, 9, 10, and 11, or IE for short.Edge is a browser built by Microsoft for Windows 10, characterized by being fast and secure. A scripting...

Microsoft Internet Explorer and Edge Scripting Engine Memory Corruption Vulnerability (CNVD-2018-15916)

Internet Explorer is a web browser from Microsoft. Formerly known as Microsoft Internet Explorer prior to version 6 and Windows Internet Explorer versions 7, 8, 9, 10, and 11, or IE for short.Edge is a browser built by Microsoft for Windows 10, characterized by being fast and secure. A scripting...

Slackware 14.2 / current : openssl (SSA:2018-226-01)

New openssl packages are available for Slackware 14.2 and -current to fix security issues. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2018-226-01. The text itself is copyright C Slackware Linux, Inc...

Windows Shell Remote Code Execution Vulnerability

A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths. An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the current user. If the current user is logged on as an administrator, an attacker could...

Scripting Engine Memory Corruption Vulnerability

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploit...

PT-2018-1466 · Microsoft · Windows +1

Name of the Vulnerable Software and Affected Versions: Internet Explorer affected versions not specified Microsoft Windows affected versions not specified Description: The issue is caused by a buffer overflow in the JavaScript handler of Internet Explorer, allowing a remote attacker to execute...

Microsoft Windows VBScript Class_Terminate Use After Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows VBScript. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Microsoft DirectX SDK 'Xact.exe' Remote Code Execution Vulnerability

Microsoft DirectX SDK is software for DirectX programming. A remote code execution vulnerability exists in Microsoft DirectX SDK 'Xact.exe'. An attacker can exploit this vulnerability to execute arbitrary code via the Trojan horse file "xbdm.dll" in the current working directory...

Microsoft Chakra Floating Point Array Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Chakra. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

Foxit Reader PDF File Parsing Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of P...

Microsoft Windows LNK File Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling o...

Microsoft Windows LNK File Uninitialized Pointer Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

PT-2018-18567 · Microsoft · Internet Explorer

Name of the Vulnerable Software and Affected Versions: Internet Explorer affected versions not specified Description: A remote code execution issue exists due to the scripting engine's handling of objects in memory. This could lead to memory corruption, allowing an attacker to execute arbitrary...

PHP Scripts Mall Naukri/Shine/Jobsite Clone Script Denial of Service Vulnerability

PHP Scripts Mall Naukri/Shine/Jobsite Clone Script is a PHP and MySQL based job site system script by PHP Scripts Mall India. A denial of service vulnerability exists in PHP Scripts Mall Naukri/Shine/Jobsite Clone Script version 3.0.4. A remote attacker can exploit this vulnerability to cause a...

CVE-2018-15185

PHP Scripts Mall Naukri / Shine / Jobsite Clone Script 3.0.4 allows remote attackers to cause a denial of service page update outage via crafted PHP and JavaScript code in the "Current Position" field...

CVE-2018-15185

PHP Scripts Mall Naukri / Shine / Jobsite Clone Script 3.0.4 allows remote attackers to cause a denial of service page update outage via crafted PHP and JavaScript code in the "Current Position" field...

Adobe Acrobat and Reader Buffer Overflow Vulnerability (CNVD-2018-14947)

Adobe Acrobat and Reader are the United States of America Audobee Adobe company's products. The former is a set of PDF file editing and conversion tools, the latter is a set of PDF document reading software. Adobe Acrobat and Reader buffer overflow vulnerability exists. Attackers can use the...

Slackware 14.0 / 14.1 / 14.2 / current : seamonkey (SSA:2018-212-02)

New seamonkey packages are available for Slackware 14.2 and -current to fix security issues. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2018-212-02. The text itself is copyright C Slackware Linux, Inc...

ALPINE-CVE-2018-10916

It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. A remote attacker may trick a user to use reverse mirroring on an attacker controlled FTP server,...