The vulnerability of the IntraVUE visualization and diagnosis software allows a intruder to execute arbitrary commands.

The vulnerability of the IntraVUE visualization and diagnosis software exists due to the failure to take measures to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

The vulnerability of Adobe Pepper Flash software for Google Chrome allows a malicious intruder to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability exists in Adobe Pepper Flash for Google Chrome due to an incorrect limitation of the SWF file format. Exploiting this vulnerability allows malicious actors to carry out attacks on endpoints using JSONP requests through Cross-Site Request Forgery CSRF. These actors can gain acces...

The vulnerability of the Flash Player software allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability exists in the Adobe Flash Player due to an improper limitation of the SWF file format. Exploiting this vulnerability allows malicious actors to carry out attacks on endpoints using JSONP requests through Cross-Site Request Forgery CSRF. These actors can gain access to confidenti...

The vulnerability of Google Chrome browser allows a malicious actor to trigger a service failure.

The Google Chrome browser contains a vulnerability related to incorrect checking of the render state during the focus event in the object model of the document DOM implementation of Blink for Google Chrome. Exploiting this vulnerability allows malicious actors to cause service failures or otherwi...

CVE-2015-7776

CVE-2015-7776 affects Cybozu Garoon 3.x and 4.x prior to 4.2.0. The vulnerability arises from improper restriction on loading IMG elements in HTML email, enabling remote attackers to track users via crafted messages. The issue is explicitly described as a different vulnerability from CVE-2016-119...

CVE-2016-0028

Outlook Web Access OWA in Microsoft Exchange Server 2013 SP1, Cumulative Update 11, and Cumulative Update 12 and 2016 Gold and Cumulative Update 1 does not properly restrict loading of IMG elements, which makes it easier for remote attackers to track users via a crafted HTML e-mail message, aka...

Information disclosure

Outlook Web Access OWA in Microsoft Exchange Server 2013 SP1, Cumulative Update 11, and Cumulative Update 12 and 2016 Gold and Cumulative Update 1 does not properly restrict loading of IMG elements, which makes it easier for remote attackers to track users via a crafted HTML e-mail message, aka...

CVE-2016-2821

Use-after-free vulnerability in the mozilla::dom::Element class in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2, when contenteditable mode is enabled, allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption by triggering deletion of DO...

CVE-2016-2821

Use-after-free vulnerability in the mozilla::dom::Element class in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2, when contenteditable mode is enabled, allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption by triggering deletion of DO...

CVE-2016-2821

Use-after-free vulnerability in the mozilla::dom::Element class in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2, when contenteditable mode is enabled, allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption by triggering deletion of DO...

CVE-2015-5714

Cross-site scripting XSS vulnerability in WordPress before 4.3.1 allows remote attackers to inject arbitrary web script or HTML by leveraging the mishandling of unclosed HTML elements during processing of shortcode tags...

CVE-2015-5714

Cross-site scripting XSS vulnerability in WordPress before 4.3.1 allows remote attackers to inject arbitrary web script or HTML by leveraging the mishandling of unclosed HTML elements during processing of shortcode tags...

CVE-2015-5714

Cross-site scripting XSS vulnerability in WordPress before 4.3.1 allows remote attackers to inject arbitrary web script or HTML by leveraging the mishandling of unclosed HTML elements during processing of shortcode tags...

CVE-2015-5714

Cross-site scripting XSS vulnerability in WordPress before 4.3.1 allows remote attackers to inject arbitrary web script or HTML by leveraging the mishandling of unclosed HTML elements during processing of shortcode tags...

CVE-2016-0895

EMC RSA Data Loss Prevention 9.6 before SP2 P5 allows remote attackers to conduct clickjacking attacks via web-site elements with crafted transparency or opacity...

Code injection

EMC RSA Data Loss Prevention 9.6 before SP2 P5 allows remote attackers to conduct clickjacking attacks via web-site elements with crafted transparency or opacity...

CVE-2016-0895

EMC RSA Data Loss Prevention 9.6 before SP2 P5 allows remote attackers to conduct clickjacking attacks via web-site elements with crafted transparency or opacity...

Fedora 22 : webkitgtk4-2.12.1-1.fc22 (2016-ac1dff014c)

Highlights in 2.12.0: Enable FTL by default in JavaScriptCore for x8664. Network process is now used unconditionally. The shared secondary process model is now the same as using the multiple process model and setting a process limit of 1. Switch to use overlay scrollbars like all other GTK+ widge...

Fedora 24 : webkitgtk4-2.12.1-1.fc24 (2016-73c0897e5e)

Highlights in 2.12.0: Enable FTL by default in JavaScriptCore for x8664. Network process is now used unconditionally. The shared secondary process model is now the same as using the multiple process model and setting a process limit of 1. Switch to use overlay scrollbars like all other GTK+ widge...

Microsoft Internet Explorer CAttrValue Double-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...