CVE-2017-0137

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An...

CVE-2017-0034

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability...

CVE-2017-0094

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An...

CVE-2017-0071

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An...

Cisco Meshed Wireless LAN Controller Impersonation Vulnerability

A vulnerability in the mesh code of Cisco Wireless LAN Controller WLC software could allow an unauthenticated, remote attacker to impersonate a WLC in a meshed topology. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright...

CVE-2017-0070

CVE-2017-0134 (Microsoft Edge Scripting Engine) is a remote code execution vulnerability caused by memory corruption when handling objects in memory in the scripting engine. The issue allows a remote attacker to entice a user to open a crafted page, potentially gaining the same user rights as the...

CVE-2017-3854

The CVE-2017-3854 entry addresses a Cisco WLC mesh-impersonation vulnerability. Affected products run Cisco Wireless LAN Controller software in meshed mode (e.g., 8500/5500/2500 series, Flex 7500, vWLC, WiSM2). Root cause: insufficient authentication of the parent AP in a mesh configuration, enab...

Cisco Releases Security Updates

Cisco has released several updates to address vulnerabilities affecting multiple products. A remote attacker could exploit these vulnerabilities to take control of an affected system. Users and administrators are encouraged to review the following Cisco Security Advisories and apply the necessary...

Windows Uniscribe Remote Code Execution Vulnerability

A remote code execution vulnerability exists due to the way Windows Uniscribe handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accoun...

Windows Uniscribe Remote Code Execution Vulnerability

A remote code execution vulnerability exists due to the way Windows Uniscribe handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accoun...

Windows Uniscribe Remote Code Execution Vulnerability

A remote code execution vulnerability exists due to the way Windows Uniscribe handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accoun...

Adobe Releases Security Updates

Adobe has released security updates to address vulnerabilities in Adobe Flash Player and Shockwave Player. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Adobe Security Bulletin...

Apache Software Foundation Releases Security Updates

The Apache Software Foundation has released security updates to address a vulnerability in Struts 2. A remote attacker could exploit this vulnerability to take control of an affected system. Users and administrators are encouraged to review the Apache Security Bulletin and upgrade to Struts 2.3.3...

Apple Releases Security Update

Apple has released a security update to address a vulnerability in Logic Pro X. Exploitation of this vulnerability may allow an attacker to take control of an affected system. US-CERT encourages users and administrators to review the Apple security page for Logic Pro X and apply the necessary...

CVE-2014-8362

Vivint Sky Control Panel 1.1.1.9926 allows remote attackers to enable and disable the alarm system and modify other security settings via the Web-enabled interface...

MS15-011: Vulnerability in Group Policy could allow remote code execution: February 10, 2015

MS15-011: Vulnerability in Group Policy could allow remote code execution: February 10, 2015 Summary This security update resolves a privately reported vulnerability in Microsoft Windows. A remote code execution vulnerability exists in how Group Policy receives and applies connection data when a...

Mozilla Releases Security Updates

Mozilla has released security updates to address multiple vulnerabilities in Firefox and Firefox ESR. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Available updates include: Firefox 50.1 Firefox ESR 45.6 Users and administrators...

Adobe Experience Manager Cross-Site Scripting Vulnerability (CNVD-2016-12345)

Adobe Experience Manager is a free image reading and conversion tool from Adobe. A cross-site scripting vulnerability exists in Adobe Experience Manager, which can be exploited by an attacker to compromise system control...

Adobe Experience Manager Cross-Site Scripting Vulnerability (CNVD-2016-12344)

Adobe Experience Manager is a free image reading and conversion tool from Adobe. A cross-site scripting vulnerability exists in Adobe Experience Manager, which can be exploited by an attacker to compromise system control...

Windows Graphics Component Remote Code Execution Vulnerability

A remote code execution vulnerability exists due to the way the Windows Graphics Component handles objects in memory. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or creat...