CVE-2016-3354

The Graphics Device Interface GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows local users to bypass the ASLR protection mechanism via a crafted...

CVE-2016-0137

The Click-to-Run C2R implementation in Microsoft Office 2013 SP1 and 2016 allows local users to bypass the ASLR protection mechanism via a crafted application, aka "Microsoft APP-V ASLR Bypass."...

Microsoft Windows GDI Information Disclosure Vulnerability

Microsoft Windows is a family of operating systems released by Microsoft Corporation in the United States. Graphics Device Interface GDI is one of the graphics device interface components. An information disclosure vulnerability exists in the Graphics Device Interface in Microsoft Windows that...

Security update for the Linux Kernel (important)

The openSUSE 13.1 kernel was updated to 3.12.62 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2014-9904: The sndcompresscheckinput function in sound/core/compressoffload.c in the ALSA subsystem in the Linux kernel did not properly check for an integer...

Address Sanitizer in macOS-vulnerability warning-the black bar safety net

A few days ago, the Keen Team@marcograss on their blog released a using Address Sanitizeraka asan found a heap overflow vulnerability. Discuss here about asan implementation. This article relates to the environment macOS 10.11.6 Xcode 7.3.1 make sure to use the official Apple's clang, with the op...

Apple OS X Audio Out-of-Bounds Read Vulnerability

Apple OS X is a specialized operating system developed by Apple for Mac computers.Audio is one of the audio components. A security vulnerability exists in Audio in Apple OS X versions prior to 10.11.6. A local attacker could exploit this vulnerability to obtain sensitive kernel memory-layout...

CVE-2016-4648

Audio in Apple OS X before 10.11.6 allows local users to obtain sensitive kernel memory-layout information or cause a denial of service out-of-bounds read via unspecified vectors...

CVE-2016-4648

Audio in Apple OS X before 10.11.6 allows local users to obtain sensitive kernel memory-layout information or cause a denial of service out-of-bounds read via unspecified vectors...

Out-of-bounds

Audio in Apple OS X before 10.11.6 allows local users to obtain sensitive kernel memory-layout information or cause a denial of service out-of-bounds read via unspecified vectors...

HarfBuzz Denial of Service Vulnerability

HarfBuzz is a text engine for OpenType fonts. A security vulnerability exists in the hb-ot-layout-gpos-table.hh file in HarfBuzz 1.0.4 and earlier versions. A remote attacker can exploit this vulnerability to cause a denial of service with specially crafted data...

WordPress Page Layout Builder Plugin <= 1.9.3 - Reflected XSS

This plugin is prone to a cross site scripting vulnerability. Solution Update the plugin...

ICU: missing boundary checks in layout engine (OpenJDK 2D, 8132042)

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D...

Microsoft Edge Security Feature Bypass Vulnerability (CNVD-2016-04787)

Microsoft Edge is a web browser developed by Microsoft USA and is the default browser that comes with the Windows 10 operating system. A security bypass vulnerability exists in Microsoft Edge that originates from a program incorrectly implementing Address Space Layout Randomization ASLR. A remote...

MS16-085: Cumulative Security Update for Microsoft Edge (3169999)

The version of Microsoft Edge installed on the remote Windows host is missing Cumulative Security Update 3169999. It is, therefore, affected by multiple vulnerabilities : - A security feature bypass vulnerability exists due to a failure to properly implement Address Space Layout Randomization ASL...

Vulnerability of Adobe AIR software, which allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information

Vulnerability exists in Adobe AIR due to the possibility of accessing information related to memory addresses. Exploiting this vulnerability allows an attacker to bypass the ASLR Address Space Layout Randomization protection mechanism...

Vulnerability of Adobe AIR software, which allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information

Vulnerability exists in Adobe AIR due to the possibility of accessing information related to memory addresses. Exploiting this vulnerability allows an attacker to bypass the ASLR Address Space Layout Randomization protection mechanism...

The vulnerability of Adobe Pepper Flash software for Google Chrome allows a malicious intruder to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability exists in Adobe Pepper Flash for Google Chrome, due to the possibility of accessing information related to memory addresses. Exploiting this vulnerability allows an attacker to bypass the ASLR Address Space Layout Randomization protection mechanism...

The vulnerability of the Flash Player software allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability exists in the Adobe Flash Player due to the possibility of accessing information related to memory addresses. Exploiting this vulnerability allows an attacker to bypass the ASLR Address Space Layout Randomization protection mechanism...

The vulnerability of the Flash Player software allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability exists in the Adobe Flash Player due to the possibility of accessing information related to memory addresses. Exploiting this vulnerability allows attackers to bypass the ASLR Address Space Layout Randomization protection mechanism...

Vulnerability of Adobe AIR software, which allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information

Vulnerability exists in Adobe AIR due to the possibility of accessing information related to memory addresses. Exploiting this vulnerability allows an attacker to bypass the ASLR Address Space Layout Randomization protection mechanism...