Cisco WebEx Cross-Site Scripting Vulnerability (CNVD-2018-11321)

Cisco WebEx is the United States Cisco Cisco company's set of Web conferencing tools, the tool can assist off-site office workers to coordinate and collaborate.WebEx services include Web conferencing, telepresence video conferencing and enterprise instant messaging IM. A cross-site scripting...

Trend Micro Email Encryption Gateway Arbitrary Command Execution Vulnerability

Trend Micro Email Encryption is a suite of identity-based email encryption solutions from Trend Micro, Inc. The Trend Micro Email Encryption Gateway TMEEG is one of the gateway products that provides data protection. An arbitrary command execution vulnerability exists in Trend Micro Email...

CVE-2017-5132

Inappropriate implementation in V8 in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka incorrect WebAssembly stack manipulation...

CVE-2017-2722

DP300 V500R002C00,TE60 with software V100R001C01, V100R001C10, V100R003C00, V500R002C00 and V600R006C00,TP3106 with software V100R001C06 and V100R002C00,ViewPoint 9030 with software V100R011C02, V100R011C03,eCNS210TD with software V100R004C10,eSpace 7950 with software V200R003C00 and...

Panasonic Home Unit KX-HJB1000 SQL Injection Vulnerability

The Panasonic KX-HJB1000 Home unit devices is a webcam from Panasonic Japan. A SQL injection vulnerability exists in Home unit KX-HJB1000. A remote attacker can exploit this vulnerability to execute arbitrary SQL commands...

Joomla! cross-site scripting vulnerability (CNVD-2017-26330)

Joomla! is the U.S. Open Source Matters team of a set of PHP and MySQL development using open source , cross-platform content management system CMS. A cross-site scripting vulnerability exists in versions of Joomla! prior to 3.7.4. The vulnerability stems from the program's failure to adequately...

Adobe Flash Player Memory Corruption (APSB17-10: CVE-2017-3064)

A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

CVE-2017-5023

Type confusion in Histogram in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to potentially exploit a near null dereference via a crafted HTML page...

The vulnerability of Google Chrome browser allows a perpetrator to trigger a service failure.

The vulnerability of the V8 component in Google Chrome browsers arises from an operation that occurs outside the buffer in memory. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause a service failure through a specially created HTML page...

PHP 5.6.x < 5.6.22 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.22. It is, therefore, affected by multiple vulnerabilities : - An out-of-bounds read error exists in the gdContributionsCalc function within file ext/gd/libgd/gdinterpolation.c. An unauthenticated,...

Adobe Flash Player Heap Buffer Overflow (APSB15-32: CVE-2015-8446)

A heap buffer overflow vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file...

Adobe Flash Player Same Origin Policy Bypass (APSB15-16: CVE-2015-3116; CVE-2015-3115)

A security bypass vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

IBM Security QRadar Incident Forensics Cross-Site Scripting Vulnerability

IBM Security QRadar Incident Forensics is a suite of security forensic investigation software. A cross-site scripting vulnerability in IBM Security QRadar Incident Forensics allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, which can be used to gain...

Adobe Flash Player Memory Corruption (APSB15-06: CVE-2015-0355)

A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted MPEG-2 TS file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted MPEG-2 TS file...

Adobe Flash Player Memory Corruption (APSB15-06: CVE-2015-0352)

A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted MP4 file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted MP4 file...

Adobe Flash Player Buffer Overflow (APSB15-04: CVE-2015-0324)

A heap buffer overflow vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a buffer overflow while handling specially crafted SWF files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

MGASA-2014-0465 Updated srtp package fixes security vulnerability

Fernando Russ from Groundworks Technologies reported a buffer overflow flaw in srtp, Cisco's reference implementation of the Secure Real-time Transport Protocol SRTP, in how the cryptopolicysetfromprofileforrtp function applies cryptographic profiles to an srtppolicy. A remote attacker could...

Digium Asterisk File Descriptor Invalid Headers Syntax Denial of Service (CVE-2014-2287)

A denial of service condition has been reported in Digium Asterisk. The vulnerability is due to file descriptor exhaustion from a large number of invalid SIP INVITE requests. A remote attacker can exploit this vulnerability to cause a denial of service condition...

Adobe Flash Player Same Origin Security Bypass (APSB14-08; CVE-2014-0503)

A security bypass vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in the way Adobe Flash Player handles URLs within HTML files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted HTML file...

Adobe Flash Player Memory Corruption (APSB13-26; CVE-2013-5330)

A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing specially crafted SWF files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...