Foxit Reader print Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the print function...

The vulnerability in the JavaScript kernel of Microsoft Edge allows a hacker to execute arbitrary code.

The vulnerability in the Microsoft Edge JavaScript kernel relates to improper access to objects in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code with the privileges of the current user...

The vulnerability in the JavaScript kernel of Microsoft Edge allows a hacker to execute arbitrary code.

The vulnerability in the Microsoft Edge JavaScript kernel relates to improper access to objects in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code with the privileges of the current user...

CVE-2017-8522

Microsoft browsers in Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engines fail to render when handli...

CVE-2017-8519

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, and Windows Server 2012 and R2 allow an attacker to execute arbitrary code in the context of the current user when Internet Explorer improperly accesses objects in memory, aka "Internet...

Foxit Reader JPXDecode stream Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

Microsoft Internet Explorer and Microsoft Edge Remote Memory Corruption Vulnerability

Microsoft Internet Explorer IE and Microsoft Edge are both web browsers developed by the American company Microsoft. The former is the default browser that came with operating systems before Windows 10, and the latter is the default browser that comes with the latest operating system, Windows 10....

Microsoft Edge Remote Memory Corruption Vulnerability (CNVD-2017-12098)

Microsoft Edge is a web browser developed by Microsoft USA and is the default browser that comes with the Windows 10 operating system. A remote memory corruption vulnerability exists in Microsoft Edge. A remote attacker can exploit this vulnerability to execute arbitrary code or cause a denial of...

Microsoft Windows Remote Code Execution Vulnerability (CNVD-2017-12780)

Microsoft Windows is a series of operating systems released by the American company Microsoft. A remote code execution vulnerability exists in Microsoft Windows. An attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service in the current user context...

Microsoft Office 2010 Service Pack 2 Multiple Vulnerabilities (KB3203460)

This host is missing an important security update according to Microsoft KB3203460 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

Adobe Flash AuditudeSettings clone Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

Adobe Flash XML load Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the XML load method...

Adobe Digital Editions PDF FlateDecode Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Digital Editions. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

The vulnerabilities in the Skype instant messaging program allow a hacker to execute arbitrary code.

The numerous vulnerabilities in the Skype instant messaging program are related to deficiencies in access control. Exploiting these vulnerabilities allows a malicious actor, operating locally, to execute arbitrary code using Trojan programs and files such as msi.dll, dpapi.dll, or cryptui.dll,...

Windows 10 Mitigations Make Future EternalBlue Attacks Difficult

The emergence of a port of the EternalBlue exploit to Windows 10 signals that white-hat researchers have likely done what the NSA has already long ago accomplished. The leaked version of the powerful Windows SMB attack shared by the ShadowBrokers in April was built only to attack Windows XP and...

Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / 14.2 / current : sudo (SSA:2017-150-01)

New sudo packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2017-150-01. The tex...

(Pwn2Own) Apple Safari WebSQL snippet Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

(Pwn2Own) Apple Safari WebSQL offsets Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

Microsoft Windows JavaScript Array Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling o...

Multiple Schneider Electric Modicon Product Session Fixation Vulnerabilities

Schneider-Electric Modicon M251 and others are programmable controller products of Schneider Electric France. A security vulnerability exists in multiple Schneider Electric Modicon products. An attacker could exploit the vulnerability to take control of the current session...