7634 matches found
CVE-2017-1000033
Wordpress Plugin Vospari Forms version 1.4 is vulnerable to a reflected cross site scripting in the form submission resulting in javascript code execution in the context on the current user...
CVE-2017-1000037
RVM automatically loads environment variables from files in $PWD resulting in command execution RVM vulnerable to command injection when automatically loading environment variables from files in $PWD RVM automatically executes hooks located in $PWD resulting in code execution RVM automatically...
Microsoft Windows Explorer Remote Code Execution Vulnerability
Microsoft Windows is a series of operating systems released by Microsoft Corporation in the U.S. Explorer is one of the default browsers that comes with the Windows operating system. A remote code execution vulnerability exists in Explorer in Microsoft Windows. A remote attacker could exploit thi...
Fuji Electric V-Server VPR File Parsing Memory Corruption Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Fuji Electric V-Server. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within parsing o...
Microsoft Edge Remote Code Execution Vulnerability (CNVD-2017-14639)
Microsoft Edge is the web browser built into the Windows 10 version. Microsoft Edge fails to properly handle in-memory objects and has a remote code execution vulnerability in its implementation that could lead an attacker to execute arbitrary code in the current user context...
Microsoft Edge Remote Code Execution Vulnerability (CNVD-2017-14640)
Microsoft Edge is the web browser built into the Windows 10 version. Microsoft Edge does not properly handle memory objects and has a remote code execution vulnerability in its implementation that could be exploited by an attacker to execute arbitrary code in the current user context...
Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability (CNVD-2017-14451)
Microsoft Edge is the web browser built into the Windows 10 version. Microsoft Edge fails to properly handle in-memory objects, and a remote code execution vulnerability exists in the scripting engine presentation, where an attacker could execute arbitrary code in the current user context...
Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability (CNVD-2017-14609)
Microsoft Edge is the web browser built into the Windows 10 version. Microsoft Edge fails to properly handle memory objects and has a remote memory corruption vulnerability in its implementation that can be exploited by an attacker to execute arbitrary code in the current user context...
Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability (CNVD-2017-14607)
Microsoft Edge is the web browser built into the Windows 10 version. Microsoft Edge fails to properly handle memory objects and is implemented with a remote memory corruption vulnerability that can be exploited by an attacker to execute arbitrary code in the current user context...
Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability (CNVD-2017-14642)
Microsoft Edge is the web browser built into the Windows 10 version. Microsoft Edge fails to properly handle memory objects and is implemented with a remote memory corruption vulnerability that can be exploited by an attacker to execute arbitrary code in the current user context...
Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability (CNVD-2017-14448)
Microsoft Edge is the web browser built into the Windows 10 version. Microsoft Edge fails to properly handle memory objects and is implemented with a remote memory corruption vulnerability that allows an attacker to execute arbitrary code in the current user context...
Microsoft Office Remote Code Execution Vulnerability (CNVD-2017-16983)
Microsoft Office is a suite of office software based on the Windows operating system developed by Microsoft. A remote code execution vulnerability exists in Microsoft Office's handling of memory objects, which could allow an attacker to perform an operation in the current user security context vi...
Microsoft Office Remote Code Execution Vulnerability (CNVD-2017-16982)
Microsoft Office is a suite of office software based on the Windows operating system developed by Microsoft. A remote code execution vulnerability exists in Microsoft Office's handling of memory objects, which could allow an attacker to perform an operation in the current user security context vi...
Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability (CNVD-2017-14608)
Microsoft Edge is the web browser built into the Windows 10 version. Microsoft Edge fails to properly handle memory objects and is implemented with a remote memory corruption vulnerability that can be exploited by an attacker to execute arbitrary code in the current user context...
CVE-2017-8594
Internet Explorer on Microsoft Windows 8.1 and Windows RT 8.1, and Windows Server 2012 R2 allows an attacker to execute arbitrary code in the context of the current user when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability"...
Microsoft Chakra Array JIT Optimization Type Confusion Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling o...
Microsoft Windows PDF Library JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows PDF Library. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...
[slackware-security] irssi
New irssi packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/irssi-1.0.4-i586-1slack14.2.txz: Upgraded. This release fixes two remote crash issues as well as a few bugs. For more...
[slackware-security] php
New php packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/php-5.6.31-i586-1slack14.2.txz: Upgraded. This release fixes bugs and security issues. For more information, see:...
Foxit Reader setItem Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the setItem functio...