Windows Uniscribe Remote Code Execution Vulnerability

A remote code execution vulnerability exists due to the way Windows Uniscribe handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accoun...

Win32k Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or...

VMware Releases Security Updates

VMware has released security updates to address vulnerabilities in vSphere Data Protection. Exploitation of these vulnerabilities could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review VMware Security Advisory VMSA-2017-0010 and...

Microsoft Malware Protection Engine Remote Code Execution Vulnerability

A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSyste...

Subtitle Hack Leaves 200 Million Vulnerable to Remote Code Execution

A proof of concept attack using malicious video subtitle files reveals how adversaries can execute remote code on PCs, Smart TVs and mobile devices using popular video players and services such as VLC Media Player, Kodi, Stremio and Popcorn Time. “This is a brand new attack vector. We haven’t see...

Juniper Networks NorthStar Controller Application Information Disclosure Vulnerability

Juniper Networks NorthStar Controller Application is a traffic planning controller from Juniper Networks, Inc. The controller optimizes service provider transport networks by establishing open industry standard protocols. An information disclosure vulnerability exists in Juniper Networks NorthSta...

Microsoft Edge Memory Corruption Vulnerability

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the...

Microsoft Releases May 2017 Security Updates

Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of a system. US-CERT encourages users and administrators to review Microsoft's May 2017 Security Update Summary and Deployment Information...

Cisco Releases Security Updates

Cisco has released security updates to address vulnerabilities in its IOS and IOS XE Software. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. Users and administrators are encouraged to review the Cisco Security Advisory and apply the necessary...

VMware Releases Security Updates

VMware has released security updates to address vulnerabilities in Unified Access Gateway, Horizon View, and Workstation. Exploitation of these vulnerabilities could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review VMware Securit...

Microsoft .NET Framework Remote Code Execution Vulnerability (KB4014984)

This host is missing a critical security update according to Microsoft Security Updates KB4014984 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...

Microsoft Releases April 2017 Security Updates

Microsoft has released 61 updates to address vulnerabilities in Microsoft software. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of a system. This Security Update addresses a Microsoft Office vulnerability that is actively being exploited to spread...

Microsoft Outlook Remote Code Execution (CVE-2017-0199)

A remote code execution vulnerability exists in Microsoft Outlook. The vulnerability is due to the way that Microsoft Outlook parses specially crafted email messages. Successful exploitation of this vulnerability may result to take control of an affected system...

Microsoft Edge browser vulnerability, allowing a hacker to execute arbitrary code

The vulnerability of Microsoft Edge arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to cause memory corruption in such a way that they can execute arbitrary code within the context of the current user. A successful...

Multiple Trend Micro Product DLL Load Local Code Injection Vulnerabilities

Trend Micro Maximum Security and others are antivirus programs from Trend Micro. A local code injection vulnerability exists in multiple Trend Micro products. A local attacker can exploit this vulnerability to execute arbitrary code in the context of a system running in an affected program to gai...

Adobe Flash Player Within Google Chrome Security Update (APSB17-07) - Linux

Adobe Flash Player is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:flashplayerchrome"...

CVE-2017-0138

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An...

CVE-2017-0034

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability...

Remote code execution

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An...

Remote code execution

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An...