118 matches found
CVE-2018-2811
Vulnerability in the Java SE component of Oracle Java SE subcomponent: Install. Supported versions that are affected are Java SE: 8u162 and 10. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE executes to compromise Java SE...
Cisco IOS SNMP Remote Code Execution
!/usr/bin/env python if False: ''' CVE-2017-6736 / cisco-sa-20170629-snmp Cisco IOS remote code execution =================== This repository contains Proof-Of-Concept code for exploiting remote code execution vulnerability in SNMP service disclosed by Cisco Systems on June 29th 2017 - Descriptio...
Kakadu SDK JPEG 2000 Unknown Marker Code Execution Vulnerability(CVE-2017-2811)
Summary A code execution vulnerability exists in the Kakadu SDK 7.9's parsing of compressed JPEG 2000 images. A specially crafted JPEG 2000 file can be read by the program, and can lead to an out of bounds write causing an exploitable condition to arise. Tested Versions Kakadu SDK 7.9 - OSX & Lin...
openSUSE: Security Advisory for Security (openSUSE-SU-2016:1211-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-2936-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 12.04 LTS : oxygen-gtk3 update (USN-2936-2)
USN-2936-1 fixed vulnerabilities in Firefox. The update caused Firefox to crash on startup with the Oxygen GTK theme due to a pre-existing bug in the Oxygen-GTK3 theme engine. This update fixes the problem. We apologize for the inconvenience. Christian Holler, Tyson Smith, Phil Ringalda, Gary...
USN-2936-2: Oxygen-GTK3 update
USN-2936-1 fixed vulnerabilities in Firefox. The update caused Firefox to crash on startup with the Oxygen GTK theme due to a pre-existing bug in the Oxygen-GTK3 theme engine. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Christian Holler, Tyson...
CVE-2016-2811
Use-after-free vulnerability in the ServiceWorkerInfo class in the Service Worker subsystem in Mozilla Firefox before 46.0 allows remote attackers to execute arbitrary code via vectors related to the BeginReading method...
CVE-2016-2811
CVE-2016-2811 is a Use-After-Free in Firefox’s ServiceWorkerInfo (Service Worker) that allows remote code execution via BeginReading in Firefox before 46.0. Connected advisories show this CVE fixed in Firefox 46.0 (e.g., openSUSE-2016-541/566, Ubuntu USN-2936, Debian security tracker). Affected p...
Ubuntu: Security Advisory (USN-2811-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS : strongSwan vulnerability (USN-2811-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2811-1 advisory. It was discovered that the strongSwan eap-mschapv2 plugin incorrectly handled state. A remote attacker could use this issue to bypass authentication. Tenable has...
CVE-2015-2811
CVE-2015-2811 describes an XXE vulnerability in SAP NetWeaver Portal’s ReportXmlViewer (SAP NetWeaver Portal 7.31.201109172004). The underlying issue is that the SAP XML parser validates all incoming XML requests with a user-specified DTD, enabling external entities to be processed. This can lead...
Microsoft Internet Explorer Multiple Vulnerabilities (2976627)
This host is missing a critical security update according to Microsoft Bulletin MS14-051. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2014-2811
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2810, CVE-2014-2822, CVE-2014-2823, and...
Memory corruption
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2810, CVE-2014-2811, CVE-2014-2822, and...
CVE-2014-2811
CVE-2014-2811 and related CVEs describe a memory corruption vulnerability in Microsoft Internet Explorer (IE) affecting IE versions 6–11, including IE 11.根本原因 involves memory corruption triggered by processing crafted web content, allowing remote code execution or denial of service as described i...
Microsoft Internet Explorer CVE-2014-2811 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successfully exploiting this issue may allow attackers to execute arbitrary code in the context of the application. Failed exploit attempts will result in denial-of-service conditions. Internet Explorer ...
SAP NetWeaver Portal ReportXmlViewer - XXE
Application: SAP NetWeaver Portal 7.31.201109172004 Vendor URL: http://www.sap.com Bugs: XML External Entity Reported: 06.11.2014 Vendor response: 07.11.2014 Date of Public Advisory: 15.03.2015 Reference: SAP Security Note 2111939 Authors: Vahagn Vardanyan ERPScan VULNERABILITY INFORMATION Class:...
Debian DSA-2811-1 : chromium-browser - several vulnerabilities
Several vulnerabilities have been discovered in the chromium web browser. - CVE-2013-6634 Andrey Labunets discovered that the wrong URL was used during validation in the one-click sign on helper. - CVE-2013-6635 cloudfuzzer discovered use-after-free issues in the InsertHTML and Indent DOM editing...
Debian Security Advisory DSA 2811-1 (chromium-browser - several vulnerabilities)
Several vulnerabilities have been discovered in the chromium web browser. CVE-2013-6634 Andrey Labunets discovered that the wrong URL was used during validation in the one-click sign on helper. CVE-2013-6635 cloudfuzzer discovered use-after-free issues in the InsertHTML and Indent DOM editing...