1332 matches found
Code injection
WebKit in Apple iOS before 9.3.3 and tvOS before 9.2.2 allows remote attackers to obtain sensitive information from uninitialized process memory via a crafted web site...
CVE-2016-4587
CVE-2016-4587 affects WebKit in Apple iOS versions before 9.3.3 and tvOS versions before 9.2.2. The described flaw enables remote attackers to obtain sensitive information from uninitialized process memory when visiting a crafted website. The issue is categorized as an information-disclosure vuln...
Adobe Flash Player Information Disclosure Vulnerability (CNVD-2016-04899)
Adobe Flash Player is a cross-platform, browser-based multimedia player product from Adobe. The product supports cross-screen and browser viewing of applications, content and videos. An information disclosure vulnerability exists in Adobe Flash Player. An attacker can exploit this vulnerability t...
CVE-2016-4232
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to obtain sensitive information from process memory via unspecified vectors...
CVE-2016-4232
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to obtain sensitive information from process memory via unspecified vectors...
CVE-2016-4232
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to obtain sensitive information from process memory via unspecified vectors...
CVE-2016-4232
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to obtain sensitive information from process memory via unspecified vectors...
Information disclosure
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to obtain sensitive information from process memory via unspecified vectors...
CVE-2016-3271
The VBScript engine in Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability."...
Information disclosure
The VBScript engine in Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability."...
CVE-2016-4232
CVE-2016-4232 is a memory leak in Adobe Flash Player affecting Windows/macOS (Flash Player before 18.0.0.366 and 19.x–22.x before 22.0.0.209) and Linux (before 11.2.202.632). The issue allows attackers to obtain sensitive information from process memory via unspecified vectors; exploitation was o...
Microsoft Scripting Engine Information Disclosure Vulnerability
Microsoft Edge is a web browser developed by Microsoft and is the default browser that comes with the Windows 10 operating system.VBScript or Visual Basic Script is one of the scripting languages and is the default programming language for ASP dynamic web pages. An information disclosure...
PT-2016-2390 · Adobe +3 · Flash Player +3
Name of the Vulnerable Software and Affected Versions: Adobe Flash Player affected versions not specified Description: The issue is related to a lack of protection for internal data in the Flash Player platform. This could allow a remote attacker to obtain confidential information from the proces...
Vulnerability of the Word Viewer program for reading DOC files; Microsoft SharePoint Server corporate application suite; Microsoft Office Web Apps software suite; Microsoft Office Compatibility Pack compatibility suite; Microsoft Word text editor; Microsoft Office software suite, which allows a perpetrator to obtain confidential information from process memory.
The vulnerability in the Word Viewer, a component of the Microsoft SharePoint Server corporate application suite, as well as the Microsoft Office Web Apps and Microsoft Office Compatibility Pack, affects text editors like Microsoft Word. These vulnerabilities stem from a lack of protection for...
Linux Kernel - ecryptfs proc$pidenviron Local Privilege Escalation
Linux Kernel - ecryptfs proc$pidenviron Local Privilege Escalation Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=836 Stacking filesystems, including ecryptfs, protect themselves against deep nesting, which would lead to kernel stack overflow, by tracking the recursion depth of...
CVE-2016-3234
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps 2010 SP2, and Office Web Apps Server 2013 SP1 allow remote attackers...
Information disclosure
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps 2010 SP2, and Office Web Apps Server 2013 SP1 allow remote attackers...
Information disclosure
Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 1511, and Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted PDF document, aka "Windows PDF Information Disclosure Vulnerability," a different vulnerability than CVE-2016-3201...
Information disclosure
Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold and 1511, and Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted PDF document, aka "Windows PDF Information Disclosure Vulnerability," a different vulnerability than...
CVE-2016-3234
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps 2010 SP2, and Office Web Apps Server 2013 SP1 allow remote attackers...