DEBIAN-CVE-2015-5260

Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to cause a denial of service heap-based memory corruption and QEMU-KVM crash or possibly execute arbitrary code on the host via QXL commands related to the surfaceid parameter...

Multiple vulnerabilities in HPE Matrix Operating Environment and Systems Insight Manager (CNVD-2016-03741)

HPE Matrix Operating Environment is a set of cloud management software designed for infrastructure services.HPE Systems Insight Manager is a set of management software for HP servers and storage devices, which provides multi-system management, fault management and event handling, and rights...

Apple iOS Accessibility Buffer Overflow Vulnerability

Apple iOS is an operating system on Apple phones. A buffer overflow vulnerability exists in Accessibility in Apple iOS, which allows an attacker to exploit the vulnerability to execute arbitrary code with system privileges...

Apple OS X El Capitan Intel Graphics Driver Buffer Overflow Vulnerability

Apple OS X El Capitan is an operating system on Apple devices. A buffer overflow vulnerability in Intel Graphics Driver in Apple OS X El Capitan allows attackers to exploit the vulnerability to execute arbitrary code with kernel privileges...

IBM Domino Authentication Bypass Vulnerability

IBM Domino is a suite of platforms for hosting social business applications from IBM in the United States. An unspecified security vulnerability exists in IBM Domino, which allows remote attackers to bypass the authentication process and execute arbitrary code with system privileges...

CVE-2016-4090

Technical details about CVE-2016-4090 are not publicly available in the provided connected documents. Monitor for updates from the sources referenced in the Initial Description; no explicit vulnerability specifics (exploit vectors, impacted versions, or fixes) are given here.

CVE-2016-1125

Technical details about CVE-2016-1125 are not publicly available in the provided Connected documents; no affected products, versions, impact details, or remediation are disclosed here. Monitor for updates.

Microsoft Edge Memory Corruption (MS16-052: CVE-2016-0191)

A remote code execution vulnerability has been reported in Microsoft Edge. The vulnerability is due to a use of uninitialized pointer. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page that could cause memory corruption in a way that would...

Google Chrome suffers from an unspecified vulnerability (CNVD-2016-02823)

Google Chrome is a popular web browser. An unspecified security vulnerability exists in Google Chrome, which allows remote attackers to exploit the vulnerability to build malicious web pages and trick users into parsing them, which could cause the application to crash or execute arbitrary code...

The use of PHP 7 is due to the OPcache execute PHP code-bug warning-the black bar safety net

from:http://blog. gosecure. ca/2 0 1 6/0 4/2 7/binary-webshell-through-opcache-in-php-7/ In the PHP 7.0 release at the beginning, there are a lot of PHP developers for its performance improvement is very attention. In the introduction of OPcache, PHP performance has been greatly improved, many...

Microsoft Edge Memory Corruption (MS16-038: CVE-2016-0155)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to a type confusion when handling certain objects in JavaScript. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page that could...

Pixman Integer Overflow Vulnerability

Pixman is an underlying software library for pixel manipulation. An integer overflow vulnerability exists in Pixman, which can be exploited by a remote attacker to cause a denial of service application crash or execute arbitrary code with user privileges...

Mozilla Firefox and Firefox ESR Graphite 2 Denial of Service Vulnerability (CNVD-2016-01650)

Firefox is an open source Web browser ; Firefox ESR is an extended support version of Firefox.Graphite is a set of Python language , written using the Django framework for enterprise-class open source system monitoring tools . A security vulnerability exists in Mozilla Firefox and Firefox ESR...

Mozilla Network Security Services Memory Misreference Vulnerability

Firefox is an open source web browser. A memory misreference vulnerability in the handling of DER-encoded keys by Mozilla Network Security Services allows remote attackers to exploit the vulnerability to construct a malicious web page that can be tricked into parsing by a user, which can crash th...

Microsoft Internet Explorer Memory Error Reference Remote Code Execution Vulnerability (CNVD-2016-01536)

Internet Explorer is a web browser from Microsoft. A vulnerability in the handling of "range" type HTML input elements in some versions of Internet Explorer can be exploited by an attacker with a malicious web page or file to reuse a freed memory structure to execute arbitrary code in the context...

Google Nexus Conscrypt Man-in-the-Middle Attack Vulnerability

Google Nexus is a series of smart devices based on the Android operating system developed by the U.S. company Google Google, including cell phones and tablet computers. The smart device by Google to provide technology and authorize the cooperation of hardware manufacturers for production and...

USN-2906-1: GNU cpio vulnerabilities

Alexander Cherepanov discovered that GNU cpio incorrectly handled symbolic links when used with the --no-absolute-filenames option. If a user or automated system were tricked into extracting a specially-crafted cpio archive, a remote attacker could possibly use this issue to write arbitrary files...

Core FTP Server 1.2 - Buffer Overflow (PoC)

Exploit for windows platform in category local exploits -- coding: utf-8 -- Exploit Title : Core FTP Server v1.2 - BufferOverflow POC Date: 2016-02-22 Author: INSECT.B Facebook : https://www.facebook.com/B.INSECT00 GitHub : binsect00 Blog : http://binsect00.tistory.com Vendor Homepage :...

glibc vulnerable to stack buffer overflow in DNS resolver

Overview GNU glibc contains a buffer overflow vulnerability in the DNS resolver, which may allow a remote attacker to execute arbitrary code. Description CWE-121: Stack-based Buffer Overflow - CVE-2015-7547According to a Google security blog post: "The glibc DNS client side resolver is vulnerable...

Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability

A vulnerability in the Internet Key Exchange IKE version 1 v1 and IKE version 2 v2 code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. The vulnerability is due to a buffer overflow in the affected code...