Cisco IOS XR 5.1.x < 5.1.3 / 5.2.x < 5.2.4 / 5.3.x < 5.3.2 Fragmented Packet DoS (cisco-sa-20160810-iosxr)

The remote Cisco device is running a version of Cisco IOS XR that is 5.1.x prior to 5.1.3, 5.2.x prior to 5.2.4, or 5.3.x prior to 5.3.2. It is, therefore, affected by a denial of service vulnerability in the driver processing functions due to improper processing of fragmented packets. An...

The vulnerability of the WebSphere Application Server software allows a malicious intruder to compromise the confidentiality of protected information.

The vulnerability in Proxy and ODR servers of IBM WebSphere Application Server allows a malicious actor in the network to access confidential information. This vulnerability is related to the improper processing of requests...

Cisco IOS XE Software Overlay Transport Virtualization (OTV) DoS

The remote Cisco device is affected by a denial of service vulnerability due to improper processing of oversized Overlay Transport Virtualization OTV frames. An unauthenticated, adjacent attacker can exploit this, by sending a large number of oversized OTV frames requiring fragmentation and...

Microsoft Windows EMF Handling Remote Code Execution Vulnerability

Windows is a windowed operating system developed by Microsoft Corporation in the U.S. EMF is a Windows vector graphics file. Microsoft Windows EMF has a security vulnerability. Due to Windows failing to properly handle certain constructs of EMF graphics format files. The vulnerability allows an...

Cisco IOS XE Common Flow Table DoS

The Cisco IOS XE software running on the remote device is affected by a denial of service vulnerability in the Common Flow Table CFT feature due to improper processing of IPv6 packets encapsulated inside IPv4 UDP packets. An unauthenticated, remote attacker, using malformed packets, can exploit...

Apple Quicktime MJPEG Frame stsd Atom Heap Overflow - Ver2 (CVE-2013-1020)

A buffer overflow vulnerability has been reported in Apple Quicktime. The vulnerability is due to improper processing of mjpeg movies with an improper jpeg frame size in the stsd atom. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the...

OpenSSL < 0.9.8zf / 1.0.0r / 1.0.1m / 1.0.2a Multiple Vulnerabilities

Binary data 801937.prm...

IBM Rational ClearQuest 7.1.1.x < 7.1.1.4 / 7.1.2.x < 7.1.2.1 Multiple Vulnerabilities (credentialed check)

The remote host is running a version of IBM Rational ClearQuest 7.1.1.x prior to 7.1.1.4 / 7.1.2.x prior to 7.1.2.1 installed. It is, therefore, affected by the following vulnerabilities : - An information disclosure vulnerability exists in the Dojo Toolkit that allows a remote attacker to read...

Cisco IOS Shell Denial of Service Vulnerability

A vulnerability in the Cisco IOS Shell could allow an authenticated, but unprivileged, local user to crash the device. The vulnerability is due to improper processing of IOS Shell commands. An attacker could repeatedly exploit this vulnerability to cause an extended denial of service. Cisco has...

Cisco Identity Services Engine Periodic Backup Password Disclosure Vulnerability

A vulnerability in the periodic backup functionality of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to discover the password used to encrypt the backup on the system. The vulnerability is due to improper processing of certain client requests by the affected...

Microsoft Windows SChannel Buffer Overflow (MS14-066; CVE-2014-6321)

A remote code execution vulnerability exists in Microsoft SChannel. The vulnerability is due to improper processing of specially crafted packets that leads to a buffer overflow. A remote, unauthenticated attacker can exploit this vulnerability by sending specially crafted packets to the target...

Microsoft Windows SChannel Denial Of Service (MS14-066; CVE-2014-6321)

A denial of service vulnerability exists in Microsoft SChannel. The vulnerability is due to improper processing of specially crafted packets that leads to a denial of service. A remote, unauthenticated attacker can exploit this vulnerability by sending specially crafted packets to the target...

Memory corruption

Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site that triggers improper processing of CElement objects, aka "Internet Explorer Memory Corruption Vulnerability," a...

Cisco IOS XE Software PPPoE Denial of Service Vulnerability

A vulnerability in the PPP over Ethernet PPPoE processing code of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a reload of the affected device, which could lead to a denial of service DoS condition. The vulnerability is due to improper processing of certain...

Cisco TelePresence Video Communication Server Policy Services Security Bypass Vulnerability

Cisco TelePresence Video Communication Server VCS contains a vulnerability that could allow an unauthenticated, remote attacker to bypass security restrictions on a targeted system. The vulnerability is due to improper processing of certain search rules processed by the affected software. An...

JVN#18397171: FeedDemon vulnerable to arbitrary script execution

FeedDemon is an RSS/Atom feed reader. FeedDemon is vulnerable to arbitrary script execution due to the improper processing during HTML page output based on feed information when using the "feed preview" option. Impact An arbitrary script embedded in an RSS/Atom feed may be executed on the user's...

JVN#99203127: Sage vulnerable to arbitrary script execution

Sage is an addon for Mozilla Firefox that adds an RSS/Atom feed reader. Sage is vulnerable to arbitrary script execution due to the improper processing during HTML page output based on feed information. Impact An arbitrary script embedded in an RSS/Atom feed may be executed on the user's Mozilla...

CVE-2010-1450

Multiple buffer overflows in the RLE decoder in the rgbimg module in Python 2.5 allow remote attackers to have an unspecified impact via an image file containing crafted data that triggers improper processing within the 1 longimagedata or 2 expandrow function...

Buffer overflow

Multiple buffer overflows in the RLE decoder in the rgbimg module in Python 2.5 allow remote attackers to have an unspecified impact via an image file containing crafted data that triggers improper processing within the 1 longimagedata or 2 expandrow function...

CVE-2010-1450

Multiple buffer overflows in the RLE decoder in the rgbimg module in Python 2.5 allow remote attackers to have an unspecified impact via an image file containing crafted data that triggers improper processing within the 1 longimagedata or 2 expandrow function...