721 matches found
CVE-2016-9037
An exploitable out-of-bounds array access vulnerability exists in the xrowheaderdecode function of Tarantool 1.7.2.0-g8e92715. A specially crafted packet can cause the function to access an element outside the bounds of a global array that is used to determine the type of the specified key's valu...
CVE-2016-7879
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the NetConnection class when handling an attached script object. Successful exploitation could lead to arbitrary code execution...
UBUNTU-CVE-2016-5292
During URL parsing, a maliciously crafted URL can cause a potentially exploitable crash. This vulnerability affects Firefox 50...
CVE-2016-7858
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution...
Type confusion
An exploitable remote code execution vulnerability exists in the handling of TIFF images in LibTIFF version 4.0.6. A crafted TIFF document can lead to a type confusion vulnerability resulting in remote code execution. This vulnerability can be triggered via a TIFF file delivered to the applicatio...
freeimage -- code execution vulnerability
TALOS reports: An exploitable out-of-bounds write vulnerability exists in the XMP image handling functionality of the FreeImage library...
CVE-2016-2374
An exploitable memory corruption vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT MultiMX message sent via the server can result in an out-of-bounds write leading to memory disclosure and code execution...
PT-2016-2253 · Adobe +3 · Flash Player +3
Name of the Vulnerable Software and Affected Versions: Adobe Flash Player versions 21.0.0.242 and earlier Description: The issue is related to errors in the code of Adobe Flash Player, which can be exploited by a remote attacker to impact the integrity, availability, and confidentiality of...
Debian Security Advisory DSA 3597-1 (expat - security update)
Two related issues have been discovered in Expat, a C library for parsing XML. CVE-2012-6702It was introduced when CVE-2012-0876 was addressed. Stefan Srensen discovered that the use of the function XMLParse seeds the random number generator generating repeated outputs for rand calls...
CVE-2016-4558
The BPF subsystem in the Linux kernel before 4.5.5 mishandles reference counts, which allows local users to cause a denial of service use-after-free or possibly have unspecified other impact via a crafted application on 1 a system with more than 32 Gb of memory, related to the program reference...
CVE-2016-1550
An exploitable vulnerability exists in the message authentication functionality of libntp in ntp 4.2.8p4 and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92. An attacker can send a series of crafted messages to attempt to recover the message digest key...
Linux Kernel (x86) - Disable ASLR by Setting the RLIMIT_STACK Resource to Unlimited
Linux Kernel x86 - Disable ASLR by Setting the RLIMITSTACK Resource to Unlimited Source: http://hmarco.org/bugs/CVE-2016-3672-Unlimiting-the-stack-not-longer-disables-ASLR.html CVE-2016-3672 - Unlimiting the stack not longer disables ASLR Authors: Hector Marco & Ismael Ripoll CVE: CVE-2016-3672...
CVE-2015-7889
creationtimestamp| type| source ---|---|--- 2015-10-28 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/38558...
Square: Invitation threshold
Hello sir, I found a that the web application does not have proper rate limitation on the web application to prevent flooding to the victim's email with invitation emails. the attacker can send thousand of unwanted and unknown email saying: "You're invited to use Square Appointments Hi, Please se...
CamShot WebCam 2.6 Trial - Remote Buffer Overflow
No description provided by source. source: http://www.securityfocus.com/bid/1685/info CamShot is a Windows 95/98/2000/NT web server that serves up web pages containing time stamped images captured from a video camera. The images can be viewed from anywhere on the network with a web browser. CamSh...
MW6 Technologies DataMatrix ActiveX (Data param) - Buffer Overflow
No description provided by source. !-- =========================================================================== Problem: The Data parameter is subject to a buffer overflow PROBABLY leading to arbitrary code execution. COM Object - DE7DA0B5-7D7B-4CEA-8739-65CF600D511E MW6DataMatrix Class File...
Microsoft Windows XP/2000/2003 Graphical Device Interface Plus Library Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/19221/info Reportedly, the Microsoft Windows GDI+ library 'gdiplus.dll' is prone to a denial-of-service vulnerability because the software fails to handle malformed image files properly. An attacker may leverage this issu...
Proxy-Pro Professional GateKeeper 4.7 Web Proxy Buffer Overrun Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9716/info Proxy-Pro Professional GateKeeper is prone to a remotely exploitable buffer overrun that may be triggered by passing HTTP GET requests of excessive length through the web proxy component. This could be exploited...
$100 Million Worth of Bitcoins Stolen
UPDATE: As if Bitcoin malware and Bitcoin mining malware weren’t enough to worry about, there was more trouble for the users of the digital crypto-currency last week as 96,000 Bitcoins disappeared from the Sheep Marketplace. Bicoin’s value has surged in recent weeks, peaking at an astonishing...
InduSoft ISSymbol ActiveX Control Buffer Overflow (Update A)
Overview Security researcher Dmitriy Pletnevo of Secunia ResearchSecunia Research, http://secunia.com/secuniaresearch/2011-36/, website last accessed June 16, 2011. has released details of multiple overflow vulnerabilities affecting the InduSoft ISSymbol ActiveX control. The researcher identified...