Lucene search
K

144 matches found

CNVD
CNVD
added 2017/04/08 12:0 a.m.3 views

Apple iOS webkit memory corruption vulnerability (CNVD-2017-05607)

Apple iOS is an operating system for Apple smart devices. A memory corruption vulnerability exists in Webkit used by Apple iOS, which allows attackers to exploit the vulnerability to build malicious web pages that can be clicked on by users, which can crash the application or execute arbitrary co...

8.8CVSS7.2AI score0.01842EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2017/03/02 1:3 p.m.16 views

132 Google Play Apps Booted For Having Malicious IFrames

Google removed 132 apps infected with malicious iFrames from its Google Play store after security researchers discovered a development platform used to create the apps was infected with malware and in turn compromised the apps. Palo Alto Networks’ Unit 42 researchers said the apps were infected...

7.1AI score
Exploits0References3
Microsoft KB
Microsoft KB
added 2017/01/07 12:0 a.m.97 views

MS15-080: Description of the security update for the .NET Framework 3.5 on Windows 8.1 and Windows Server 2012 R2: August 11, 2015

MS15-080: Description of the security update for the .NET Framework 3.5 on Windows 8.1 and Windows Server 2012 R2: August 11, 2015 View products that this article applies to. Summary This security update resolves vulnerabilities in the Microsoft .NET Framework and Microsoft Silverlight. These...

7.4AI score
Exploits0
Microsoft KB
Microsoft KB
added 2017/01/07 12:0 a.m.37 views

MS15-080: Description of the security update for the .NET Framework 3.5 on Windows 8 and Windows Server 2012: August 11, 2015

MS15-080: Description of the security update for the .NET Framework 3.5 on Windows 8 and Windows Server 2012: August 11, 2015 View products that this article applies to. Summary This security update resolves vulnerabilities in the Microsoft .NET Framework and Microsoft Silverlight. These...

7.4AI score
Exploits0
Microsoft KB
Microsoft KB
added 2017/01/07 12:0 a.m.53 views

MS14-036: Description of the security update for Windows 7, Windows Server 2008 R2, Windows Server 2008, Windows Vista, and Windows Server 2003: June 10, 2014

MS14-036: Description of the security update for Windows 7, Windows Server 2008 R2, Windows Server 2008, Windows Vista, and Windows Server 2003: June 10, 2014 Introduction This security update resolves vulnerabilities in Windows, Microsoft Office, and Microsoft Lync that could allow remote code...

7.6AI score
Exploits0
Packet Storm
Packet Storm
added 2016/10/21 12:0 a.m.81 views

MiCasa VeraLite Remote Code Execution

Exploit Title: MiCasa VeraLite Remote Code Execution Date: 10-20-2016 Software Link: http://getvera.com/controllers/veralite/ Exploit Author: Jacob Baines Contact: https://twitter.com/JuniorBaines CVE: CVE-2013-4863 & CVE-2016-6255 Platform: Hardware 1. Description A remote attacker can execute...

0.6AI score0.26818EPSS
Exploits10
Fedora
Fedora
added 2016/07/09 11:55 p.m.31 views

[SECURITY] Fedora 23 Update: gimp-2.8.16-2.fc23

GIMP GNU Image Manipulation Program is a powerful image composition and editing program, which can be extremely useful for creating logos and other graphics for webpages. GIMP has many of the tools and filters you would exp ect to find in similar commercial offerings, and some interesting extras ...

7.8CVSS2.4AI score0.03113EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2016/04/12 7:0 a.m.71 views

MS16-039: Description of the security update for Skype for Business 2016: April 12, 2016

None None...

9.3CVSS7AI score0.43272EPSS
Exploits1
Microsoft KB
Microsoft KB
added 2016/03/08 12:0 a.m.37 views

MS16-024: Cumulative security update for Microsoft Edge: March 8, 2016

Resolves a vulnerability in Microsoft Edge that could allow remote code execution if a user views a specially crafted webpage in Microsoft Edge.SummaryThis security update resolves multiple vulnerabilities in Microsoft Edge. The most severe of these vulnerabilities could allow remote code executi...

7.6CVSS6.9AI score0.43643EPSS
Exploits1
n0where
n0where
added 2016/02/26 4:34 p.m.477 views

Linux Embedded Firmware Dynamic Analysis: FIRMADYNE

FIRMADYNE is an automated and scalable system for performing emulation and dynamic analysis of Linux-based embedded firmware. It includes the following components: modified kernels MIPS: v2.6.32 , ARM: v4.1 , v3.10 for instrumentation of firmware execution; a userspace NVRAM library to emulate a...

7.8AI score
Exploits0References17
Microsoft KB
Microsoft KB
added 2016/01/12 12:0 a.m.35 views

MS16-001: Cumulative Security Update for Internet Explorer: January 12, 2016

Resolves vulnerabilities in Internet Explorer that could allow remote code execution if a user views a specially crafted webpage using Internet Explorer.SummaryThis security update resolves several reported vulnerabilities in Internet Explorer. These vulnerabilities could allow remote code...

7.6CVSS7.1AI score0.28206EPSS
Exploits0
0day.today
0day.today
added 2015/11/25 12:0 a.m.92 views

Huawei HG253s V2 Information Disclosure Vulnerability

Huawei HG253s V2 suffers from a remote information disclosure vulnerability. Huawei HG253s v2 Vodafone-Spain is starting to rent a new Huawei HG253v2 router to the spanish costumers. This new router is coming with a new firmware version. This bug has been found by @VicenDominguez Vulnerability...

6.6AI score
Exploits0
Packet Storm
Packet Storm
added 2015/07/27 12:0 a.m.31 views

Hawkeye-G 3.0.1.4912 Cross Site Scripting / Information Leakage

Credits: John Page hyp3rlinx + Domains: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-HAWKEYEG0725.txt Vendor: ================================ www.hexiscyber.com Product: ================================ Hawkeye-G v3.0.1.4912 Hawkeye G is an active defense...

7.4AI score
Exploits0
Symantec
Symantec
added 2015/07/14 12:0 a.m.69 views

Microsoft Internet Explorer CVE-2015-2425 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

9.3CVSS0.7AI score0.44851EPSS
Exploits0Affected Software3
OSV
OSV
added 2015/04/01 2:59 p.m.11 views

CVE-2015-0259

OpenStack Compute Nova before 2014.1.4, 2014.2.x before 2014.2.3, and kilo before kilo-3 does not validate the origin of websocket requests, which allows remote attackers to hijack the authentication of users for access to consoles via a crafted webpage...

6.5AI score
Exploits0References5
OSV
OSV
added 2015/04/01 2:59 p.m.5 views

UBUNTU-CVE-2015-0259

OpenStack Compute Nova before 2014.1.4, 2014.2.x before 2014.2.3, and kilo before kilo-3 does not validate the origin of websocket requests, which allows remote attackers to hijack the authentication of users for access to consoles via a crafted webpage...

5.1CVSS5.8AI score0.01068EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2015/04/01 2:0 p.m.91 views

CVE-2015-0259

OpenStack Compute Nova before 2014.1.4, 2014.2.x before 2014.2.3, and kilo before kilo-3 does not validate the origin of websocket requests, which allows remote attackers to hijack the authentication of users for access to consoles via a crafted webpage...

5.1CVSS6.4AI score0.01068EPSS
Exploits0
Drupal
Drupal
added 2015/03/25 12:0 a.m.15 views

Crumbs - Moderately Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2015-082

This module enables you to add navigation to your webpages colloquially referred to as "breadcrumbs". The module doesn't sufficiently sanitize custom HTML separators for breadcrumbs, thereby exposing a Cross Site Scripting vulnerability. This vulnerability is mitigated by the fact that an attacke...

2.1CVSS5.9AI score0.00949EPSS
Exploits0References10
Symantec
Symantec
added 2015/02/10 12:0 a.m.25 views

Microsoft Internet Explorer CVE-2015-0042 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

9.3CVSS0.1AI score0.19101EPSS
Exploits0Affected Software10
Symantec
Symantec
added 2014/09/09 12:0 a.m.20 views

Microsoft Internet Explorer CVE-2014-4091 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

9.3CVSS0.9AI score0.15993EPSS
Exploits0Affected Software1
Rows per page
Query Builder