Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CNVD-2017-03375)

Microsoft Edge is a web browser developed by Microsoft and is the default browser that comes with the Windows 10 operating system.Scripting Engine is one of the JavaScript engine components. A memory corruption vulnerability exists in the Scripting Engine component in Microsoft Edge. A remote...

Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CNVD-2017-03369)

Microsoft Edge is a web browser developed by Microsoft and is the default browser that comes with the Windows 10 operating system.Scripting Engine is one of the JavaScript engine components. A memory corruption vulnerability exists in the Scripting Engine component in Microsoft Edge. A remote...

The vulnerability of the Android operating system, which allows a hacker to execute an application with privileges of the current user

The vulnerability of the NVIDIA GPU operating system for Android is related to deficiencies in access control for certain functions. Exploiting this vulnerability allows a malicious actor to execute an application with privileges of the current user...

The vulnerability of the Android operating system, which allows a hacker to execute an application with privileges of the current user

The vulnerability of the NVIDIA GPU operating system for Android is related to deficiencies in access control for certain functions. Exploiting this vulnerability allows a malicious actor to execute an application with privileges of the current user...

The vulnerability of the Android operating system, which allows a hacker to execute an application with privileges of the current user

The vulnerability of the Qualcomm Wi-Fi operating system for Android is related to deficiencies in access control for certain functions. Exploiting this vulnerability could allow a malicious actor to execute an application with privileges of the current user...

The vulnerability of the Android operating system, which allows a hacker to execute an application with privileges of the current user

The vulnerability of the NVIDIA GPU operating system for Android is related to deficiencies in access control for certain functions. Exploiting this vulnerability allows a malicious actor to execute an application with privileges of the current user...

Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CNVD-2017-03368)

Microsoft Edge is a web browser developed by Microsoft and is the default browser that comes with the Windows 10 operating system.Scripting Engine is one of the JavaScript engine components. A memory corruption vulnerability exists in the Scripting Engine component in Microsoft Edge. A remote...

Foxit Reader Pattern Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

Foxit Reader execMenuItem Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the execMenuItem...

Foxit Reader Field buttonGetIcon Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Field object's...

Foxit Reader execMenuItem Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the execMenuItem...

Foxit Reader ConvertToPDF TIFF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

Foxit Reader PDB Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF...

Foxit Reader ePub Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ePub...

Foxit Reader ePub Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ePub...

CVE-2017-5233

Rapid7 AppSpider Pro installers prior to version 6.14.053 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer...

CVE-2017-5234

Rapid7 Insight Collector installers prior to version 1.0.16 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer...

CVE-2017-5235

Rapid7 Metasploit Pro installers prior to version 4.13.0-2017022101 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer...

CVE-2017-5232

All editions of Rapid7 Nexpose installers prior to version 6.4.24 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer...

Microsoft Edge Memory Corruption Vulnerability (CNVD-2017-01981)

Microsoft Edge is a web browser developed by Microsoft USA and is the default browser that comes with the Windows 10 operating system. A memory corruption vulnerability exists in Microsoft Edge that stems from the program failing to properly handle objects in memory. An attacker can exploit the...