Apple iOS APPLE-SA-2016-12-12-1 has multiple vulnerabilities (CNVD-2016-12705)

Apple iOS is an operating system developed for mobile devices. Apple iOS has multiple vulnerabilities. An attacker can exploit the vulnerabilities to bypass security restrictions, execute arbitrary code or perform unauthorized actions, and obtain sensitive information...

Microsoft Edge Memory Corruption (MS16-145: CVE-2016-7286)

A remote code execution vulnerability exists in Microsoft Edge. The vulnerability is due to a memory corruption when handling certain objects in JavaScript. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page that could cause memory corruption...

KLA10921 Multiple vulnerabilities in Microsoft Office

Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, cause denial of service, gain priveleges. Below is a complete list of vulnerabilities: 1. Memory corruption vulnerabilit...

CVE-2016-9428

An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Heap-based buffer overflow in the addMultirowsForm function in w3m allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted HTML page...

Microsoft Edge browser vulnerability, which allows a hacker to trigger a service failure or execute arbitrary code

Microsoft Edge browser vulnerability, which allows a hacker to trigger a service failure or execute arbitrary code...

USN-3143-1 c-ares vulnerability

Gzob Qq discovered that c-ares incorrectly handled certain hostnames. A remote attacker could use this issue to cause applications using c-ares to crash, resulting in a denial of service, or possibly execute arbitrary code...

CVE-2016-7196

Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."...

UBUNTU-CVE-2016-9187

Unrestricted file upload vulnerability in the double extension support in the "image" module in Moodle 3.1.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, and then accessing it via unspecified vectors...

The vulnerability of the libaudiofile library, which allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the msadpcm.c file in the libaudiofile library arises due to an overflow in the buffer in the dynamic memory. Exploiting this vulnerability can allow a local attacker to cause a service failure application termination or execute arbitrary code using a specially crafted WAV fi...

Cisco ASR 900 Series Aggregation Services Routers Buffer Overflow Vulnerability

A vulnerability in the Transaction Language 1 TL1 code of Cisco ASR 900 Series routers could allow an unauthenticated, remote attacker to cause a reload of, or remotely execute code on, the affected system. The vulnerability exists because the affected software performs incomplete bounds checks o...

Silicon Graphics LibTIFF Remote Code Execution Vulnerability

Silicon Graphics LibTIFF is a library for reading and writing TIFF files. A security vulnerability in Silicon Graphics LibTIFF can be exploited by remote attackers to construct malicious TIFF files that can be parsed by the user, which can crash an application or execute arbitrary code...

Adobe Flash Player Memory Corruption Vulnerability (CNVD-2016-09451)

Adobe Flash Player is a cross-platform, browser-based multimedia player product. A memory corruption vulnerability exists in Adobe Flash Player, which can be exploited by remote attackers to construct malicious SWF files that can be parsed by the user to crash the application or execute arbitrary...

Design/Logic Flaw

Virtual servers in F5 BIG-IP systems 11.5.0, 11.5.1 before HF11, 11.5.2, 11.5.3, 11.5.4 before HF2, 11.6.0 before HF8, 11.6.1 before HF1, 12.0.0 before HF4, and 12.1.0 before HF2, when configured with the HTTP Explicit Proxy functionality or SOCKS profile, allow remote attackers to modify the...

PT-2016-6204 · Apache · Apache Activemq Artemis

Name of the Vulnerable Software and Affected Versions: Apache ActiveMQ Artemis versions prior to 1.4.0 Description: The issue allows remote authenticated users with permission to send messages to the Artemis broker to deserialize arbitrary objects and execute arbitrary code by leveraging gadget...

CVE-2016-0917

The SMB service in EMC VNXe VNXe3200 Operating Environment prior to 3.1.5.8711957 and VNXe3100/3150/3300 Operating Environment prior to 2.4.4.22638, VNX1 File OE before 7.1.80.3, VNX2 File OE before 8.1.9.155, and Celerra all supported versions does not prevent duplicate NTLM challenge-response...

Microsoft Office Memory Corruption Vulnerability (CNVD-2016-07684)

Microsoft Office is an office software suite product developed by Microsoft. Commonly used components are Word, Excel, Access, Powerpoint, FrontPage and so on. Microsoft Office processing office files fails to properly handle objects in memory, allowing remote attackers to exploit the vulnerabili...

CVE-2016-6351

The espdodma function in hw/scsi/esp.c in QEMU aka Quick Emulator, when built with ESP/NCR53C9x controller emulation support, allows local guest OS administrators to cause a denial of service out-of-bounds write and QEMU process crash or execute arbitrary code on the QEMU host via vectors involvi...

CVE-2016-5423

A flaw was found in the way PostgreSQL server handled certain SQL statements containing CASE/WHEN commands. A remote, authenticated attacker could use a specially crafted SQL statement to cause PostgreSQL to crash or disclose a few bytes of server memory or possibly execute arbitrary code...

The vulnerability of the Flash Player software, which allows a violator to execute arbitrary code

The vulnerability of the Flash Player software is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Flash Player software, which allows a violator to execute arbitrary code

The vulnerability of the Flash Player software arises from an overflow in the buffer of dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...