CVE-2016-5546

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with...

CVE-2017-3340

CVE-2017-3340 affects Oracle E-Business Suite, Oracle Marketing (UI) component. Affected versions are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, and 12.2.6. The vulnerability enables unauthenticated access over HTTP with network access, requiring some user interaction, potentially leading to...

CVE-2017-3231

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Networking. Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

CVE-2016-8318

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Security: Encryption. Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...

CVE-2017-3238

Disclaimer: This data contains information about vulnerable...

CVE-2017-3238

CVE-2017-3238 affects the MySQL Server component (Server: Optimizer). Affected MariaDB/MySQL versions include 5.5.53 and earlier, 5.6.34 and earlier, and 5.7.16 and earlier. The vulnerability is exploitable over the network via multiple protocols, with a low-privileged attacker able to cause a ha...

CVE-2017-3294

CVE-2017-3294 describes a vulnerability in the Oracle Outside In Technology (subcomponent: Outside In Filters). Connected sources confirm affected products/versions: Oracle Outside In Technology 8.5.2 and 8.5.3 are vulnerable when data is processed over a network. The issue can be triggered via H...

Out-of-bounds

An exploitable out-of-bounds read vulnerability exists in the client message-parsing functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause an out-of-bounds read resulting in disclosure of memory within the process, the same vulnerability can also be used to...

CVE-2016-8710

An exploitable heap write out of bounds vulnerability exists in the decoding of BPG images in Libbpg library. A crafted BPG image decoded by libbpg can cause an integer underflow vulnerability causing an out of bounds heap write leading to remote code execution. This vulnerability can be triggere...

CVE-2016-9050

An exploitable out-of-bounds read vulnerability exists in the client message-parsing functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause an out-of-bounds read resulting in disclosure of memory within the process, the same vulnerability can also be used to...

CVE-2016-8710

An exploitable heap write out of bounds vulnerability exists in the decoding of BPG images in Libbpg library. A crafted BPG image decoded by libbpg can cause an integer underflow vulnerability causing an out of bounds heap write leading to remote code execution. This vulnerability can be triggere...

CVE-2017-5377

A memory corruption vulnerability in Skia that can occur when using transforms to make gradients, resulting in a potentially exploitable crash. This vulnerability affects Firefox 51...

SAP ASE ODATA Server 16 Denial Of Service Vulnerability

SAP ASE ODATA Server version 16 suffers from a denial of service vulnerability. Application: SAP ASE Versions Affected: SAP ASE ODATA Server v16 Vendor URL: http://SAP.com Bugs: Denial of Service Sent: 01.02.2016 Reported: 02.02.2016 Vendor response: 02.02.2016 Date of Public Advisory: 12.10.2016...

Oracle Patches 270 Vulnerabilities With First CPU of 2017

Oracle patched 270 vulnerabilities on Tuesday, many remotely exploitable, across 45 different products–including its E-Business Suite, Financial Services software, and MySQL database–as part of its quarterly Critical Patch Update CPU. The massive update comes close breaking Oracle’s record-settin...

CVE-2016-8318

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Security: Encryption. Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...

CVE-2016-8318

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Security: Encryption. Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...

TrueOnline ZyXEL / Billion Command Injection / Default Credentials

=============== Multiple vulnerabilities in TrueOnline / ZyXEL / Billion routers Discovered by Pedro Ribeiro [email protected], Agile Information Security ========================================================================== Disclosure: 26/12/2016 / Last updated: 12/01/2017 Summary: TrueOnlin...

Memory corruption

Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability when processing a malformed cross-reference table. Successful exploitation could lead to arbitrary code execution...

Memory corruption

Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability due to a concurrency error when manipulating a display list. Successful exploitation could lead to arbitrary code execution...

Memory corruption

Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability when processing tags in TIFF images. Successful exploitation could lead to arbitrary code execution...