1329 matches found
CVE-2016-7420
Crypto++ aka cryptopp through 5.6.4 does not document the requirement for a compile-time NDEBUG definition disabling the many assert calls that are unintended in production use, which might allow context-dependent attackers to obtain sensitive information by leveraging access to process memory...
Design/Logic Flaw
Crypto++ aka cryptopp through 5.6.4 does not document the requirement for a compile-time NDEBUG definition disabling the many assert calls that are unintended in production use, which might allow context-dependent attackers to obtain sensitive information by leveraging access to process memory...
CVE-2016-7420
Crypto++ aka cryptopp through 5.6.4 does not document the requirement for a compile-time NDEBUG definition disabling the many assert calls that are unintended in production use, which might allow context-dependent attackers to obtain sensitive information by leveraging access to process memory...
CVE-2016-7420
Crypto++ aka cryptopp through 5.6.4 does not document the requirement for a compile-time NDEBUG definition disabling the many assert calls that are unintended in production use, which might allow context-dependent attackers to obtain sensitive information by leveraging access to process memory...
CVE-2016-7420
Crypto++ aka cryptopp through 5.6.4 does not document the requirement for a compile-time NDEBUG definition disabling the many assert calls that are unintended in production use, which might allow context-dependent attackers to obtain sensitive information by leveraging access to process memory...
CVE-2016-7128
The exifprocessIFDinTIFF function in ext/exif/exif.c in PHP before 5.6.25 and 7.x before 7.0.10 mishandles the case of a thumbnail offset that exceeds the file size, which allows remote attackers to obtain sensitive information from process memory via a crafted TIFF image...
CVE-2016-7128
The exifprocessIFDinTIFF function in ext/exif/exif.c in PHP before 5.6.25 and 7.x before 7.0.10 mishandles the case of a thumbnail offset that exceeds the file size, which allows remote attackers to obtain sensitive information from process memory via a crafted TIFF image...
TeamViewer 11.0.65452 (x64) - Local Credentials Disclosure
Exploit for windows platform in category local exploits TeamViewer 11.0.65452 64 bit Local Credentials Disclosure Tested on Windows 7 64bit, English Vendor Homepage @ https://www.teamviewer.com/ Date 07/09/2016 Bug Discovered by Alexander Korznikov https://www.linkedin.com/in/nopernik...
Navicat Premium 11.2.11 (x64) - Local Database Password Disclosure
Navicat Premium 11.2.11 x64 - Local Database Password Disclosure Navicat Premium 11.2.11 64bit Local Password Disclosure Tested on Windows Windows Server 2012 R2 64bit, English Vendor Homepage @ https://www.navicat.com/ Date 05/09/2016 Bug Discovered by Yakir Wizman...
FortiClient SSLVPN 5.4 - Credentials Disclosure
''' Title : Extracting clear text passwords from running processesFortiClient CVE-ID : none Product : FortiClient SSLVPN Service : FortiTray.exe Affected : =5.4 Impact : Critical Remote : No Website link : http://forticlient.com/ Reported : 31/08/2016 Authors : Viktor Minin https://1-33-7.com...
FortiClient SSLVPN 5.4 - Credentials Disclosure
FortiClient SSLVPN 5.4 - Credentials Disclosure ''' Title : Extracting clear text passwords from running processesFortiClient CVE-ID : none Product : FortiClient SSLVPN Service : FortiTray.exe Affected : =5.4 Impact : Critical Remote : No Website link : http://forticlient.com/ Reported : 31/08/20...
FortiClient SSL-VPN 5.4 Clear Text Password Extraction
Title : Extracting clear text passwords from running processesFortiClient CVE-ID : none Product : FortiClient SSLVPN Service : FortiTray.exe Affected : =5.4 Impact : Critical Remote : No Website link : http://forticlient.com/ Reported : 31/08/2016 Authors : Viktor Minin https://1-33-7.com Alexand...
FortiClient SSLVPN 5.4 - Credentials Disclosure
Exploit for windows platform in category local exploits ''' Title : Extracting clear text passwords from running processesFortiClient CVE-ID : none Product : FortiClient SSLVPN Service : FortiTray.exe Affected : =5.4 Impact : Critical Remote : No Website link : http://forticlient.com/ Reported :...
Design/Logic Flaw
sapi/fpm/fpm/fpmlog.c in PHP before 5.5.31, 5.6.x before 5.6.17, and 7.x before 7.0.2 misinterprets the semantics of the snprintf return value, which allows attackers to obtain sensitive information from process memory or cause a denial of service out-of-bounds read and buffer overflow via a long...
openSUSE: Security Advisory for dropbear (openSUSE-SU-2016:1917-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : dropbear (openSUSE-2016-918)
This update for dropbear fixes four security issues bnc990363 : - A format string injection vulnerability allowed remotes attacker to run arbitrary code as root if specific usernames including '%' symbols could be created on the target system. If a dbclient user can control usernames or host...
CVE-2016-4587
WebKit in Apple iOS before 9.3.3 and tvOS before 9.2.2 allows remote attackers to obtain sensitive information from uninitialized process memory via a crafted web site...
Code injection
WebKit in Apple iOS before 9.3.3 and tvOS before 9.2.2 allows remote attackers to obtain sensitive information from uninitialized process memory via a crafted web site...
CVE-2016-4587
CVE-2016-4587 affects WebKit in Apple iOS versions before 9.3.3 and tvOS versions before 9.2.2. The described flaw enables remote attackers to obtain sensitive information from uninitialized process memory when visiting a crafted website. The issue is categorized as an information-disclosure vuln...
Adobe Flash Player Information Disclosure Vulnerability (CNVD-2016-04899)
Adobe Flash Player is a cross-platform, browser-based multimedia player product from Adobe. The product supports cross-screen and browser viewing of applications, content and videos. An information disclosure vulnerability exists in Adobe Flash Player. An attacker can exploit this vulnerability t...