CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Zero Day Initiative•added 2016/06/29 12:0 a.m.•26 views

(0Day) WECON LeviStudio BaseSet CurScrIdAddr Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of WECON LeviStudio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in the handling of...

Zero Day Initiative•added 2016/06/29 12:0 a.m.•29 views

(0Day) WECON LeviStudio CommSet Port Buffer Overflow Remote Code Execution Vulnerability

Zero Day Initiative•added 2016/06/29 12:0 a.m.•29 views

(0Day) WECON LeviStudio HmiSet Style Buffer Overflow Remote Code Execution Vulnerability

Zero Day Initiative•added 2016/06/29 12:0 a.m.•15 views

(0Day) WECON LeviStudio BaseSet EnterTime Buffer Overflow Remote Code Execution Vulnerability

Zero Day Initiative•added 2016/06/29 12:0 a.m.•16 views

(0Day) WECON LeviStudio BaseSet HMINAME Buffer Overflow Remote Code Execution Vulnerability

Zero Day Initiative•added 2016/06/29 12:0 a.m.•30 views

(0Day) WECON LeviStudio HmiSet Type Buffer Overflow Remote Code Execution Vulnerability

Zero Day Initiative•added 2016/06/29 12:0 a.m.•25 views

(0Day) WECON LeviStudio BaseSet PowerEnterTime Buffer Overflow Remote Code Execution Vulnerability

Zero Day Initiative•added 2016/06/29 12:0 a.m.•11 views

(0Day) WECON LeviStudio PLC Type Buffer Overflow Remote Code Execution Vulnerability

Zero Day Initiative•added 2016/06/29 12:0 a.m.•18 views

(0Day) WECON LeviStudio BaseSet ScrIDWordAddr Buffer Overflow Remote Code Execution Vulnerability

exploitpack•added 2016/06/21 12:0 a.m.•33 views

Microsoft Internet Explorer 11 - Garbage Collector Attribute Type Confusion (MS16-063)

Microsoft Internet Explorer 11 - Garbage Collector Attribute Type Confusion MS16-063 !-- CVE-2016-0199 / MS16-063: MSIE 11 garbage collector attribute type confusion ============================================================================ This information is available in an easier to read...

9.3CVSS0.2AI score0.50996EPSS

Exploits5

BDU FSTEC•added 2016/06/21 12:0 a.m.•4 views

The vulnerability of the information protection system against unauthorized access—Dallas Lock—allows a intruder to gain unauthorized access to information by circumventing the access control rules.

The vulnerability in the “Dallas Lock 8.0” information protection system driver lies in its lack of implementation of access control for attributes of file system objects. An attacker can access a file system object that is restricted according to access control rules, by using a special attribut...

9CVSS5.5AI score

Exploits0References2

Packet Storm•added 2016/06/17 12:0 a.m.•42 views

Microsoft Internet Explorer 11 Garbage Collector Attribute Type Confusion

CVE-2016-0199 / MS16-063: MSIE 11 garbage collector attribute type confusion ============================================================================ This information is available in an easier to read format on my blog at http://blog.skylined.nl/ With MS16-063 Microsoft has patched...

9.3CVSS0.2AI score0.50996EPSS

Exploits5

CNVD•added 2016/05/25 12:0 a.m.•3 views

libdwarf 'get_attr_value()' function denial of service vulnerability

libdwarf is a set of tools for reading and writing DWARF2 debugging information. A security vulnerability exists in the 'getattrvalue' function of libdwarf. An attacker can exploit this vulnerability to cause a denial of service OOB read...

7.5CVSS8.8AI score0.04379EPSS

Exploits1References1

CNVD•added 2016/05/21 12:0 a.m.•2 views

IBM InfoSphere Streams Privilege Acquisition Vulnerability

IBM InfoSphere Streams is a data analytics platform. A security vulnerability in IBM InfoSphere Streams exists when the program sets the instance runAsUser attribute, which allows a local attacker to exploit the vulnerability to check permissions using the group ID of the root user...

7CVSS6.5AI score0.00258EPSS

OSV•added 2016/05/20 10:59 a.m.•1 views

DEBIAN-CVE-2016-1835

Use-after-free vulnerability in the xmlSAX2AttributeNs function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2 and OS X before 10.11.5, allows remote attackers to cause a denial of service via a crafted XML document...

8.8CVSS7.4AI score0.0511EPSS

myhack58•added 2016/05/12 12:0 a.m.•16 views

Security Alert: WordPress Forum plug-in bbPress, there is stored XSS vulnerability, the impact of fix version 2. 5. 9 all previous versions-bug warning-the black bar safety net

Recently, the WordPress parent company Automattic released bbPress 2.5.9 version in the official WordPress Forum plugin to the latest version, fixes a higher threat of the storage typeXSSvulnerabilities that affect the scope include existing bbPress version, i.e., version 2.5.9 of all will suffer...

7.3AI score

Zero Day Initiative•added 2016/05/10 12:0 a.m.•26 views

Adobe Acrobat Pro DC listbox value Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...

6.8CVSS3.4AI score0.0641EPSS

Zero Day Initiative•added 2016/05/10 12:0 a.m.•25 views

Adobe Acrobat Pro DC fillColor Use-After-Free Remote Code Execution Vulnerability

6.8CVSS3.3AI score0.0641EPSS