Elements: Epic Heroes - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Elements: Epic Heroes published at the 'play' market has multiple vulnerabilities...

Microsoft Internet Explorer Memory Corruption Vulnerability (CNVD-2016-01599)

Microsoft Internet Explorer IE is a Web browser developed by Microsoft and is the default browser that comes with the Windows operating system.CAttrArray object is one of the CAttrArray objects. A security vulnerability exists in the implementation of the CAttrArray object in Microsoft Internet...

CVE-2015-6184

The CAttrArray object implementation in Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service type confusion and memory corruption via a malformed Cascading Style Sheets CSS token sequence in conjunction with modifications to HTML...

Microsoft Internet Explorer CDataset RemoveItem Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose the contents of memory on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates t...

Microsoft Internet Explorer CAttrArray Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how...

Microsoft Internet Explorer setAttribute Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose memory contents on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how...

Microsoft Internet Explorer CDataset SetItem Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose the contents of memory on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates t...

Microsoft Internet Explorer Input Range Control Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how...

Microsoft Internet Explorer HTML form Element Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how...

The vulnerability of the Cisco Firepower Extensible Operating System allows a perpetrator to execute arbitrary operating system commands on behalf of the root user.

The vulnerability of the Cisco Firepower Extensible Operating System component exists due to the lack of measures taken to neutralize the special elements used in the operating system’s command line. Exploiting this vulnerability allows a malicious actor, operating locally, to execute arbitrary...

libEBML Memory Misreference Vulnerability

libEBML is a C++ library for parsing EBML files maintained by the Matroska team. A memory misreference vulnerability exists in the 'EbmlMaster::Read' function of libEBML when parsing deep nested elements of infinite size, which allows remote attackers to exploit the vulnerability to access freed...

Matroska Media Container libmatroska Multiple ElementList Double Free Vulnerabilities

Talos Vulnerability Report TALOS-2016-0037 Matroska Media Container libmatroska Multiple ElementList Double Free Vulnerabilities January 28, 2016 CVE Number CVE-2016-1515 Description A use after free/double free vulnerability can occur in libmatroska while parsing Track elements of the MKV...

The vulnerability of the Cisco IOS operating system, which allows a intruder to trigger a service failure

The vulnerability of the Cisco IOS operating system does not limit the number of PCE elements used for OSPF LSA updates. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

Cisco IOS XR Resource Management Error Vulnerability

Cisco IOS XR is the United States Cisco Cisco company's IOS software series in a fully modular, distributed network operating system. A security vulnerability exists in Cisco IOS XR that stems from the program not properly limiting the number of Path Computation Elements PCEs for OSPF LSA opaque...

Microsoft Internet Explorer Memory Corruption Vulnerability (CNVD-2016-01501)

Internet Explorer is a web browser from Microsoft. Internet Explorer 11 notified Mutation Observer of a security vulnerability in the way document character data is modified. By tampering with document elements, an attacker could force a CTreePos object in memory to be reused after release and th...

Debian Security Advisory DSA 3375-1 (wordpress - security update)

Several vulnerabilities have been fixed in Wordpress, the popular blogging engine. CVE-2015-5714 A cross-site scripting vulnerability when processing shortcode tags has been discovered. The issue has been fixed by not allowing unclosed HTML elements in attributes. CVE-2015-5715 A vulnerability ha...

DEBIAN-CVE-2013-7445

The Direct Rendering Manager DRM subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager GEM objects, which allows context-dependent attackers to cause a denial of service memory consumption via an application that processes graphics data, as demonstrated by...

UBUNTU-CVE-2013-7445

The Direct Rendering Manager DRM subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager GEM objects, which allows context-dependent attackers to cause a denial of service memory consumption via an application that processes graphics data, as demonstrated by...

The vulnerability of the Firefox browser, which allows a hacker to circumvent access restrictions to window elements

The vulnerability of the js/src/proxy/Proxy.cpp component of the Firefox browser is related to security configuration errors. Exploiting this vulnerability allows a malicious actor to bypass access restrictions to window elements by using a specially crafted web page...

Microsoft Internet Explorer CImgElement Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...