7634 matches found
Adobe Flash URL Redirect Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling...
Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...
Adobe Reader DC XFA topInset Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within XFA's topInset...
Microsoft Windows PDF Library JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows PDF Library. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...
Adobe Reader DC XFA exportAsXFAStr Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within XFA's...
Adobe Acrobat Pro DC JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...
Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...
Legal Robot: Code injection
A security researcher discovered that they were able to inject potentially malicious code into Legal Robot's newly created Roadmap page through improper input sanitization when submitting a new Idea for consideration by the community. A limited-scope attack was possible since the input sanitizati...
The vulnerability of JavaScript handlers in the Microsoft Edge browser for the Windows operating system, allowing a perpetrator to execute arbitrary code
The vulnerability of Microsoft Edge’s JavaScript handlers arises from an operation going beyond the buffer boundaries due to a memory object processing error. Exploiting this vulnerability allows a remote attacker to execute arbitrary code in the context of the current user...
The vulnerability of JavaScript handlers in the Microsoft Edge browser for the Windows operating system, allowing a perpetrator to execute arbitrary code
The vulnerability of Microsoft Edge’s JavaScript handlers arises from an operation going beyond the buffer boundaries due to a memory object processing error. Exploiting this vulnerability allows a remote attacker to execute arbitrary code in the context of the current user...
The vulnerability of the Internet Explorer browser’s memory handler on the Windows operating system, allowing a hacker to execute arbitrary code
The vulnerability of the Internet Explorer browser’s memory handler in the Windows operating system arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user...
The vulnerability of JavaScript handlers in the Microsoft Edge browser for the Windows operating system, allowing a perpetrator to execute arbitrary code
The vulnerability of Microsoft Edge’s JavaScript handlers arises from an operation going beyond the buffer boundaries due to a memory object processing error. Exploiting this vulnerability allows a remote attacker to execute arbitrary code in the context of the current user...
[slackware-security] gnupg
New gnupg packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/gnupg-1.4.22-i586-1slack14.2.txz: Upgraded. Mitigate a flush+reload side-channel attack on RSA secret...
Fedora 26 : 2:freerdp / remmina (2017-4bc09c2364)
Update to latest snapshot that contains fixes for the latest Talos discovered CVEs. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible witho...
Slackware 14.2 / current : squashfs-tools (SSA:2017-209-01)
New squashfs-tools packages are available for Slackware 14.2 and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2017-209-01. The text itself is copyright C...
[slackware-security] squashfs-tools
New squashfs-tools packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/squashfs-tools-4.3-i586-2slack14.2.txz: Rebuilt. Patched a couple of denial of service issues and other bugs. For more...
Microsoft Edge browser vulnerability, allowing a hacker to execute arbitrary code in the context of the current user
The vulnerability of Microsoft Edge arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user...
Microsoft Edge browser vulnerability, allowing a hacker to execute arbitrary code in the context of the current user
The vulnerability of Microsoft Edge arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user...
Microsoft Edge browser vulnerability, allowing a hacker to execute arbitrary code in the context of the current user
The vulnerability of Microsoft Edge arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user...
Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / 14.2 / current : expat (SSA:2017-199-01)
New expat packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2017-199-01. The tex...