8202 matches found
Low: Red Hat Security Advisory: libunwind security update
Updated libunwind packages that fix a security flaw are now available for Red Hat Enterprise Linux OpenStack Platform 6.0. Red Hat Product Security has rated this update as having Low security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
EMC Documentum Content Server: arbitrary code execution (incomplete fix in CVE-2015-4532)
Product: EMC Documentum Content Server Vendor: EMC Version: ANY CVE: N/A Risk: High Status: public/not fixed For detailed description see http://seclists.org/bugtraq/2015/Jul/51 New behavior introduced in CVE-2015-4532: API ?,c,execute domethod WITH METHOD='dmbptransition', ARGUMENTS=' repo repo...
Google Chrome < 44.0.2403.155 Multiple Vulnerabilities (Mac OS X)
The version of Google Chrome installed on the remote Mac OS X host is prior to 44.0.2403.155. It is, therefore, affected by multiple vulnerabilities : - Multiple type confusion errors exist that allow an attacker to execute arbitrary code. CVE-2015-5554, CVE-2015-5555, CVE-2015-5558, CVE-2015-556...
WordPress WP Symposium Plugin 15.1 - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Wordpress Plugin wp-symposium Unauthenticated SQL Injection Vulnerability Date: 2015-07-30 Exploit Author: PizzaHatHacker Vendor Homepage: http://www.wpsymposium.com/ Version: ? = version = 15.5.1 Tested on: Apache / WordPress...
Three bypasses and a fix for one of Flash's Vector.<*> mitigations
Posted by Chris Evans, Cookie Monster With the release of Flash 18.0.0.209, two mitigations were introduced to combat abuse of Vector corruptions -- we covered these in a previous blog post. Flash 18.0.0.232 has just been released and it includes a change to the way one of the mitigations is...
EMC Documentum Content Server Code Execution Vulnerability
EMC Documentum Content Server suffers from an arbitrary code execution vulnerability. Product: EMC Documentum Content Server Vendor: EMC Version: ANY CVE: N/A Risk: High Status: public/not fixed For detailed description see http://seclists.org/bugtraq/2015/Jul/51 New behavior introduced in...
EMC Documentum Content Server Code Execution
Product: EMC Documentum Content Server Vendor: EMC Version: ANY CVE: N/A Risk: High Status: public/not fixed For detailed description see http://seclists.org/bugtraq/2015/Jul/51 New behavior introduced in CVE-2015-4532: API ?,c,execute domethod WITH METHOD='dmbptransition', ARGUMENTS=' repo repo...
Adobe Air Multiple Vulnerabilities-01 (Aug 2015) - Mac OS X
Adobe Air is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:adobeair"; ifdescription...
UBUNTU-CVE-2015-5125
Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to cause a denial of service vector-length corruption or possibly have unspecifie...
CVE-2015-5125
Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to cause a denial of service vector-length corruption or possibly have unspecifie...
CVE-2015-5125
CVE-2015-5125 affects Adobe Flash Player (Windows/OS X) prior to 18.0.0.232 and Adobe Flash Player for Linux prior to 11.2.202.508, as well as Adobe AIR prior to 18.0.0.199 (and AIR SDK/SDK & Compiler before 18.0.0.199). Root cause is a vector-length corruption that could cause a denial of servic...
Memory Corruption Vulnerability in Multiple Adobe Products
Adobe Flash Player, Adobe AIR SDK, and Adobe AIR SDK & Compiler are products of Adobe, Incorporated.Adobe Flash Player is a multimedia player; Adobe AIR SDK and Adobe AIR SDK & Compiler are standard development kits for Adobe AIR a cross-OS runtime environment. Adobe Flash Player is a multimedia...
MS KB3087916: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer
The remote Windows host is missing KB3087916. It is, therefore, affected by multiple remote code execution vulnerabilities : - Multiple type confusion errors exist that allow an attacker to execute arbitrary code. CVE-2015-5554, CVE-2015-5555, CVE-2015-5558, CVE-2015-5562 - An unspecified...
Adobe Flash Player <= 18.0.0.209 Multiple Vulnerabilities (APSB15-19)
The version of Adobe Flash Player installed on the remote Windows host is equal or prior to version 18.0.0.209. It is, therefore, affected by the following vulnerabilities : - Multiple type confusion errors exist that allow an attacker to execute arbitrary code. CVE-2015-5554, CVE-2015-5555,...
Design/Logic Flaw
The 1 piperead and 2 pipewrite implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed copytouserinatomic and copyfromuserinatomic calls, which allows local users to cause a denial of service system crash or possibly gain privileges via a...
DEBIAN-CVE-2015-1805
The 1 piperead and 2 pipewrite implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed copytouserinatomic and copyfromuserinatomic calls, which allows local users to cause a denial of service system crash or possibly gain privileges via a...
CVE-2015-1805
The 1 piperead and 2 pipewrite implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed copytouserinatomic and copyfromuserinatomic calls, which allows local users to cause a denial of service system crash or possibly gain privileges via a...
CVE-2015-1805
The 1 piperead and 2 pipewrite implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed copytouserinatomic and copyfromuserinatomic calls, which allows local users to cause a denial of service system crash or possibly gain privileges via a...
EUVD-2015-1930
The 1 piperead and 2 pipewrite implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed copytouserinatomic and copyfromuserinatomic calls, which allows local users to cause a denial of service system crash or possibly gain privileges via a...
CVE-2015-1805
The 1 piperead and 2 pipewrite implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed copytouserinatomic and copyfromuserinatomic calls, which allows local users to cause a denial of service system crash or possibly gain privileges via a...