CVE-2017-11305

A regression affecting Adobe Flash Player version 27.0.0.187 and earlier versions causes the unintended reset of the global settings preference file when a user clears browser data...

Information disclosure

A regression affecting Adobe Flash Player version 27.0.0.187 and earlier versions causes the unintended reset of the global settings preference file when a user clears browser data...

UBUNTU-CVE-2017-11305

A regression affecting Adobe Flash Player version 27.0.0.187 and earlier versions causes the unintended reset of the global settings preference file when a user clears browser data...

CVE-2017-11305

The CVE-2017-11305 entry refers to a regression in Adobe Flash Player up to version 27.0.0.187 that causes the unintended reset of the global settings preference file when a user clears browser data. Connected sources confirm this regression affecting Flash Player and document affected releases (...

CVE-2017-11305

A regression affecting Adobe Flash Player version 27.0.0.187 and earlier versions causes the unintended reset of the global settings preference file when a user clears browser data...

KLA11157 A regression in Adobe Flash Player

A regression in Adobe Flash Player can lead to the unintended reset of the global settings preference file when a user clears browser data. Technical details To update Adobe Flash Player ActiveX detected as Flash.ocx on Windows 8 and higher, install latest updates from Control Panel Original...

PT-2017-11908 · Adobe +2 · Flash Player +2

Name of the Vulnerable Software and Affected Versions: Adobe Flash Player versions prior to 27.0.0.187 Description: A regression in Adobe Flash Player causes the unintended reset of the global settings preference file when a user clears browser data. This issue allows attackers to affect the...

Cisco WebEx Meeting Center Cross-Site Scripting Vulnerability (CNVD-2017-36128)

Cisco WebEx Meeting Center is a set of WebEx meeting solutions in the United States Cisco Cisco company's network of online meeting products. The product invites others to join the meeting via e-mail or instant messaging IM, and supports online product demonstrations, information sharing, and mor...

Android commercial spyware

There's certainly no shortage of commercial spying apps for Android, with most positioned as parental control tools. In reality, however, these apps barely differ from spyware, with the exception perhaps of the installation method. There's no need to even resort to Tor Browser or other darknet...

Cisco Registered Envelope Service Cross-Site Scripting Vulnerability

Cisco Registered Envelope Service is a set of mail service solutions from Cisco USA. The product includes read receipts for mail, mail recycling, mail forwarding and reply functions, and provides smartphone support. A cross-site scripting vulnerability exists in Cisco Registered Envelope Service,...

Management Console Cross-Site Scripting Vulnerability in Multiple WSO2 Products

WSO2 Application Server is a set of cloud-based application server software.WSO2 Business Process Server is a set of business process server software.Management Console is one of the management console programs. Management Console is one of the management console programs. A cross-site scripting...

Cisco WebEx Meetings Server Cross-Site Scripting Vulnerability (CNVD-2017-32122)

Cisco WebEx Meetings Server CWMS is the United States Cisco Cisco WebEx meeting program in a set of multifunctional meeting solutions that include audio, video and Web conferencing. A cross-site scripting vulnerability exists in CWMS that stems from the program failing to adequately perform input...

CVE-2017-12288

A vulnerability in the web-based management interface of Cisco Unified Contact Center Express could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of an affected device. The vulnerability is due to insufficient validation of user-supplied inp...

CVE-2017-12248

A vulnerability in the web framework code of Cisco Unified Intelligence Center Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface of an affected system. The vulnerability is due to insufficient input validation...

Cisco Elastic Services Controller Cross-Site Scripting Vulnerability

Cisco Elastic Services Controller ESC is an open source modular system from Cisco USA. A cross-site scripting vulnerability exists in the Web framework in Cisco ESC, which stems from the program failing to adequately validate user-submitted input. A remote attacker could exploit this vulnerabilit...

Cisco Adaptive Security Appliance Cross-Site Scripting Vulnerability (CNVD-2017-20381)

Cisco Adaptive Security Appliance ASA, Adaptive Security Appliance is a set of firewall appliances from the American company Cisco Cisco. The appliance also includes IPS Intrusion Prevention System, SSL VPN, IPSec VPN, anti-spam, and more. A cross-site scripting vulnerability exists in the...

CVE-2016-9697

An unspecified vulnerability in IBM Rhapsody DM 4.0, 5.0, and 6.0 could allow an attacker to perform a JSON Hijacking Attack. A JSON Hijacking Attack may expose to an attacker information passed between the server and the browser. IBM Reference : 1999960...

IBM Rational Rhapsody Design Manager Information Disclosure Vulnerability

IBM Rational Rhapsody Design Manager is a suite of collaborative design management software from IBM. The software supports the use of centralized system repositories with Web-based access to store, share, search, and manage design models as well as automated software design reviews. A security...

IBM Security Guardium Database Activity Monitor Information Disclosure Vulnerability (CNVD-2016-03906)

IBM Security Guardium Database Activity Monitor is a database activity monitor product from IBM USA. The product provides features such as automated controls for compliance and protection against internal and external threats. A security vulnerability exists in IBM Security Guardium Database...

Atrax Kit Boasts Tor Connectivity, Bitcoin Extraction

Yet another commercial crimekit has been spotted making the rounds on the underground malware forums that uses the anonymity network Tor to stealthily communicate with its command and control servers. While it isn’t the first of its kind to use Tor, the kit, nicknamed Atrax, is cheap and comes wi...