Microsoft .NET Framework Elevation of Privilege Vulnerability (CNVD-2015-05325)

Microsoft .NET Framework is a comprehensive and consistent programming model developed by Microsoft Corporation USA and a development platform for building Windows, Windows Store, Windows Phone, Windows Server and Microsoft Azure Windows Store, Windows Phone, Windows Server, and Microsoft Azure...

Microsoft Windows OpenType Font Remote Code Execution Vulnerability (CNVD-2015-05364)

Microsoft Windows is a series of operating systems released by the American company Microsoft. A font remote code execution vulnerability exists in Microsoft Windows OpenType, which can be exploited by an attacker to take full control of an affected system...

Microsoft Windows OpenType Font Remote Code Execution Vulnerability (CNVD-2015-05365)

Microsoft Windows is a series of operating systems released by the American company Microsoft. A font remote code execution vulnerability exists in Microsoft Windows OpenType, which can be exploited by an attacker to take full control of an affected system...

Mozilla Releases Security Updates for Firefox, Firefox ESR, and Firefox OS

The Mozilla Foundation has released security updates to address critical vulnerabilities in Firefox, Firefox ESR, and Firefox OS. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Available updates include: Firefox 40 Firefox ESR 38.2...

Adobe Flash Player Type Confusion (APSB15-16: CVE-2015-3122)

A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a type confusion condition while handling a malformed SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file. Successful...

Finecms v1.9.3 Arbitrary File Upload Vulnerability

FineCMS is a small and medium-sized content management system based on PHP+MySql+CI framework. An upload vulnerability exists in finecms 1.9.3, which allows attackers to upload a php-type webshell, which in turn controls the entire system...

Microsoft released an emergency update: serious remote code execution vulnerability, affecting all versions of Windows-vulnerability warning-the black bar safety net

! Microsoft today released an emergency update that fixes the relates to all versions of Windows in high-risk remote code execution vulnerability. Whether you are using what version of Windows System, we recommend that you have to update it-this one high-risk vulnerability could allow an attacker...

Microsoft Windows OpenType Font Driver Remote Code Execution Vulnerability

Windows is an operating system developed by Microsoft Corporation. A remote code execution vulnerability exists within Windows when OpenType fonts constructed by the Windows Adobe Type Manager Library are handled incorrectly, successful exploitation of this vulnerability could allow an attacker t...

MGASA-2015-0275 Updated flash-player-plugin package fixes security vulnerabilities

Adobe Flash Player 11.2.202.491 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system. Adobe is aware of reports that exploits targeting these vulnerabilities have been published publicly. This...

Microsoft SQL Server CVE-2015-1762 Remote Code Execution Vulnerability

Description Microsoft SQL Server is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Failed exploit attempts may result in a denial-of-service condition; this can result in the attacker gaining...

Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird

Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. Exploitation of one of these vulnerabilities may allow an attacker to take control of an affected system. Available updates include: Firefox 39 Firefox ESR 38.1 Thunderbird 38.1 US-CERT...

Linux glibc 缓冲区溢出 (幽灵(Ghost))

近日国外安全研究人员披露一个在 Linux Glibc 库上发现的严重的安全问题，它可以让攻击者在本地或者远程获取操作系统的控制权限，编号为CVE-2015-0235，命名为幽灵（GHOST）漏洞。什么是GHOST?为什么命名为GHOST？漏洞最早起源于:The first vulnerable version of the GNU C Library is glibc-2.2, released on November 10, 2000.“During a code audit performed internally at Qualys, we discovered a buffer...

Adobe Photoshop CC Multiple Vulnerabilities - Windows

Adobe Photoshop CC is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Adobe Releases Security Updates for Multiple Products

Adobe has released security updates for Adobe Photoshop Creative Cloud CC and Bridge CC to address multiple vulnerabilities. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Adobe...

APSB15-12 Security update available for Adobe Photoshop CC

Adobe has released an update for Photoshop CC for Windows and Macintosh. This update addresses vulnerabilities that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system...

The vulnerability of the Flash Player software allows a perpetrator to trigger a service failure or gain control over the system.

The vulnerability of the Flash Player software allows a remote attacker to cause a service failure or gain control over the system...

CUPS Localized String Elevation of Privilege Vulnerability

CUPS is a universal Unix printing system , is a cross-platform printing solution for the Unix environment , based on the Internet Printing Protocol , to provide most of the PostScript and raster printer services. CUPS has a security vulnerability that allows remote users to send special localized...

XDB buffer overflow vulnerability turned out to be subversive of the entire database? - Vulnerability warning-the black bar safety net

This article will show you a hacked database approach, hoping to arouse the vigilance. Want to know hacking the database of the method of the first to delve into hacking the database of the object. After an investigation found the hacker the intruder the intrusion database the ultimate goal of...

Microsoft Windows File and Directory Name Command Injection (MS12-048) - Ver2 (CVE-2012-0175)

A remote code execution vulnerability has been reported in Microsoft Windows. The vulnerability is due to an error in the way Windows handles specially crafted file and directory names. A remote attacker can exploit this issue by enticing a user to open a file or a directory with a specially...

Adobe Releases Security Updates for Flash Player, Reader, and Acrobat

Adobe has released security updates to address multiple vulnerabilities in Flash Player, Reader, and Acrobat. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Adobe Security Bulletins...