Lucene search
K

721 matches found

UbuntuCve
UbuntuCve
added 2016/12/23 10:59 p.m.20 views

CVE-2016-9037

An exploitable out-of-bounds array access vulnerability exists in the xrowheaderdecode function of Tarantool 1.7.2.0-g8e92715. A specially crafted packet can cause the function to access an element outside the bounds of a global array that is used to determine the type of the specified key's valu...

7.8CVSS7.1AI score0.03675EPSS
Exploits2References3
RedhatCVE
RedhatCVE
added 2016/12/13 3:29 p.m.22 views

CVE-2016-7879

Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the NetConnection class when handling an attached script object. Successful exploitation could lead to arbitrary code execution...

8.8CVSS3.6AI score0.07679EPSS
Exploits0References2
OSV
OSV
added 2016/11/17 12:0 a.m.5 views

UBUNTU-CVE-2016-5292

During URL parsing, a maliciously crafted URL can cause a potentially exploitable crash. This vulnerability affects Firefox 50...

6.5CVSS6.9AI score0.01509EPSS
Exploits0References4
OSV
OSV
added 2016/11/08 5:59 p.m.2 views

CVE-2016-7858

Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution...

8.8CVSS6AI score0.07041EPSS
Exploits0References7
Prion
Prion
added 2016/10/28 8:59 p.m.26 views

Type confusion

An exploitable remote code execution vulnerability exists in the handling of TIFF images in LibTIFF version 4.0.6. A crafted TIFF document can lead to a type confusion vulnerability resulting in remote code execution. This vulnerability can be triggered via a TIFF file delivered to the applicatio...

6.8CVSS8AI score0.06593EPSS
Exploits2References3Affected Software1
FreeBSD
FreeBSD
added 2016/10/03 12:0 a.m.35 views

freeimage -- code execution vulnerability

TALOS reports: An exploitable out-of-bounds write vulnerability exists in the XMP image handling functionality of the FreeImage library...

7.8CVSS1.6AI score0.0183EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2016/06/22 9:18 a.m.21 views

CVE-2016-2374

An exploitable memory corruption vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT MultiMX message sent via the server can result in an out-of-bounds write leading to memory disclosure and code execution...

8.1CVSS2.9AI score0.03228EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2016/06/16 12:0 a.m.3 views

PT-2016-2253 · Adobe +3 · Flash Player +3

Name of the Vulnerable Software and Affected Versions: Adobe Flash Player versions 21.0.0.242 and earlier Description: The issue is related to errors in the code of Adobe Flash Player, which can be exploited by a remote attacker to impact the integrity, availability, and confidentiality of...

10CVSS8.9AI score0.25419EPSS
Exploits8References206
OpenVAS
OpenVAS
added 2016/06/07 12:0 a.m.43 views

Debian Security Advisory DSA 3597-1 (expat - security update)

Two related issues have been discovered in Expat, a C library for parsing XML. CVE-2012-6702It was introduced when CVE-2012-0876 was addressed. Stefan Srensen discovered that the use of the function XMLParse seeds the random number generator generating repeated outputs for rand calls...

7.8CVSS0.4AI score0.06539EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2016/05/23 12:0 a.m.44 views

CVE-2016-4558

The BPF subsystem in the Linux kernel before 4.5.5 mishandles reference counts, which allows local users to cause a denial of service use-after-free or possibly have unspecified other impact via a crafted application on 1 a system with more than 32 Gb of memory, related to the program reference...

7CVSS6.8AI score0.00865EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2016/04/29 12:0 a.m.24 views

CVE-2016-1550

An exploitable vulnerability exists in the message authentication functionality of libntp in ntp 4.2.8p4 and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92. An attacker can send a series of crafted messages to attempt to recover the message digest key...

5.3CVSS6.8AI score0.03634EPSS
Exploits1References4
exploitpack
exploitpack
added 2016/04/06 12:0 a.m.70 views

Linux Kernel (x86) - Disable ASLR by Setting the RLIMIT_STACK Resource to Unlimited

Linux Kernel x86 - Disable ASLR by Setting the RLIMITSTACK Resource to Unlimited Source: http://hmarco.org/bugs/CVE-2016-3672-Unlimiting-the-stack-not-longer-disables-ASLR.html CVE-2016-3672 - Unlimiting the stack not longer disables ASLR Authors: Hector Marco & Ismael Ripoll CVE: CVE-2016-3672...

4.6CVSS7.6AI score0.0117EPSS
Exploits12
Circl
Circl
added 2015/10/28 12:0 a.m.30 views

CVE-2015-7889

creationtimestamp| type| source ---|---|--- 2015-10-28 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/38558...

5.5CVSS6.9AI score0.02239EPSS
Exploits1References1
Hacker One
Hacker One
added 2015/03/05 10:21 a.m.16 views

Square: Invitation threshold

Hello sir, I found a that the web application does not have proper rate limitation on the web application to prevent flooding to the victim's email with invitation emails. the attacker can send thousand of unwanted and unknown email saying: "You're invited to use Square Appointments Hi, Please se...

6.6AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.33 views

CamShot WebCam 2.6 Trial - Remote Buffer Overflow

No description provided by source. source: http://www.securityfocus.com/bid/1685/info CamShot is a Windows 95/98/2000/NT web server that serves up web pages containing time stamped images captured from a video camera. The images can be viewed from anywhere on the network with a web browser. CamSh...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

MW6 Technologies DataMatrix ActiveX (Data param) - Buffer Overflow

No description provided by source. !-- =========================================================================== Problem: The Data parameter is subject to a buffer overflow PROBABLY leading to arbitrary code execution. COM Object - DE7DA0B5-7D7B-4CEA-8739-65CF600D511E MW6DataMatrix Class File...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.29 views

Microsoft Windows XP/2000/2003 Graphical Device Interface Plus Library Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19221/info Reportedly, the Microsoft Windows GDI+ library 'gdiplus.dll' is prone to a denial-of-service vulnerability because the software fails to handle malformed image files properly. An attacker may leverage this issu...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

Proxy-Pro Professional GateKeeper 4.7 Web Proxy Buffer Overrun Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9716/info Proxy-Pro Professional GateKeeper is prone to a remotely exploitable buffer overrun that may be triggered by passing HTTP GET requests of excessive length through the web proxy component. This could be exploited...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2013/12/03 4:44 p.m.13 views

$100 Million Worth of Bitcoins Stolen

UPDATE: As if Bitcoin malware and Bitcoin mining malware weren’t enough to worry about, there was more trouble for the users of the digital crypto-currency last week as 96,000 Bitcoins disappeared from the Sheep Marketplace. Bicoin’s value has surged in recent weeks, peaking at an astonishing...

7.2AI score
Exploits0References10
ICS
ICS
added 2013/10/28 12:0 p.m.18 views

InduSoft ISSymbol ActiveX Control Buffer Overflow (Update A)

Overview Security researcher Dmitriy Pletnevo of Secunia ResearchSecunia Research, http://secunia.com/secuniaresearch/2011-36/, website last accessed June 16, 2011. has released details of multiple overflow vulnerabilities affecting the InduSoft ISSymbol ActiveX control. The researcher identified...

8.8AI score
Exploits0References18
Rows per page
Query Builder