phpMyAdmin Full Path Disclosure Vulnerability

phpmyadmin is an online management tool for MySQL databases. phpmyadmin versions 4.4.x, 4.6.x, 4.0.x are available at . /setup/, . /examples/ are vulnerable to a full path disclosure vulnerability, which can be exploited by an attacker with a constructed script that triggers a PHP error message t...

Patched libarchive Vulnerabilities Have Big Reach

The libarchive programming library was recently patched against three critical memory-related vulnerabilities that could be abused to execute code on computers running the vulnerable software. As is the case with most open source software packages, patching the core library is only half the battl...

ImageMagick 7.x < 7.0.1-10 Multiple Vulnerabilities

The remote Windows host has a version of ImageMagick installed that is 7.x prior to 7.0.1-10. It is, therefore, affected by the following vulnerabilities : - An overflow condition exists in the ReadRLEImage function in rle.c due to improper validation of user-supplied input. An unauthenticated,...

[SECURITY] [DLA 521-1] firefox-esr security update

Package : firefox-esr Version : 45.2.0esr-1deb7u1 CVE ID : CVE-2016-2818 CVE-2016-2819 CVE-2016-2821 CVE-2016-2822 CVE-2016-2828 CVE-2016-2831 Multiple security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, buffer overflows and other implementation erro...

Adobe Flash Player for Mac <= 21.0.0.242 Multiple Vulnerabilities (APSB16-18)

The version of Adobe Flash Player installed on the remote Mac OS X host is equal or prior to version 21.0.0.242. It is, therefore, affected by multiple vulnerabilities : - Multiple memory corruption issues exist that allow an unauthenticated, remote attacker to cause a denial of service condition...

Vulnerabilities in the Google Chrome browser that allow a perpetrator to trigger a service failure or cause other effects

The multiple vulnerabilities of the Google Chrome browser are related to code errors. Exploiting these vulnerabilities can allow a malicious actor to cause service failures or other adverse effects...

The vulnerability of Google Chrome browser allows a violator to circumvent existing access restrictions policies.

The vulnerability of the Google Chrome browser extension subsystem is related to errors in the code. Exploiting this vulnerability could allow a malicious actor to bypass existing access restrictions policies...

Adobe Flash Player <= 21.0.0.242 Multiple Vulnerabilities (APSB16-18)

The version of Adobe Flash Player installed on the remote Windows host is equal or prior to version 21.0.0.242. It is, therefore, affected by multiple vulnerabilities : - Multiple memory corruption issues exist that allow an unauthenticated, remote attacker to cause a denial of service condition ...

The vulnerability of Google Chrome browser allows a perpetrator to trigger a service failure.

The vulnerability of the CPDFDIBSource::CreateDecoder function located in core/fpdfapi/fpdfrender/fpdfrenderloadimage.cpp in the PDFium browser component of Google Chrome is related to improper handling of initialization errors. Exploiting this vulnerability can allow an attacker to trigger a...

The vulnerability of Google Chrome browser allows a violator to circumvent existing access restrictions policies.

The vulnerability of the Blink component in Google Chrome browser is related to errors in the code. Exploiting this vulnerability can allow a malicious actor to bypass existing access restrictions policies...

Vulnerabilities in the Google Chrome browser that allow a perpetrator to trigger a service failure or cause other effects

The multiple vulnerabilities of the Google Chrome browser are related to code errors. Exploiting these vulnerabilities can allow a malicious actor to cause service failures or other adverse effects...

PT-2016-2232 · Adobe +3 · Flash Player +3

Name of the Vulnerable Software and Affected Versions: Adobe Flash Player versions 21.0.0.242 and earlier Description: The issue is related to unspecified errors in the code of Flash Player and Flash Player for Linux. It may allow a remote attacker to impact the integrity, availability, and...

PT-2016-3127 · Microsoft +4 · Internet Explorer +5

Name of the Vulnerable Software and Affected Versions: Adobe Flash Player versions 21.0.0.242 and earlier Description: The issue is related to errors in the code of Adobe Flash Player libraries used in Microsoft Internet Explorer 10 and 11 and Microsoft Edge. Exploitation of this issue may allow ...

PT-2016-2257 · Adobe +3 · Flash Player +3

Name of the Vulnerable Software and Affected Versions: Adobe Flash Player versions 21.0.0.242 and earlier Description: The issue is related to unspecified errors in the code of Flash Player and Flash Player for Linux. Exploitation of this issue may allow a remote attacker to impact the integrity,...

PT-2016-3292 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Android kernel versions prior to 4.8 Description: The issue is related to the seccomp implementation in the Linux kernel, specifically with access control errors. This could allow an attacker to escalate privileges and execute arbitrary code...

Debian Security Advisory DSA 3601-1 (icedove - security update)

Multiple security issues have been found in Icedove, Debian OpenVAS Vulnerability Test $Id: deb3601.nasl 6608 2017-07-07 12:05:05Z cfischer $ Auto-generated from advisory DSA 3601-1 using nvtgen 1.0 Script version: 1.0 Author: Greenbone Networks Copyright: Copyright c 2016 Greenbone Networks GmbH...

Centreon Web Useralias Command Execution

Centreon Web Interface 'Centreon Web Useralias Command Execution', 'Description' = %q Centreon Web Interface 'h00die ', module 'Nicolas CHATELAIN ' discovery , 'References' = 'EDB', '39501' , 'License' = MSFLICENSE, 'Platform' = 'python', 'Privileged' = false, 'Arch' = ARCHPYTHON, 'Targets' =...

Debian DSA-3600-1 : firefox-esr - security update

Multiple security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, buffer overflows and other implementation errors may lead to the execution of arbitrary code or spoofing. Wait, Firefox? No more references to Iceweasel? That's right, Debian no longer...

Moderate: Red Hat Security Advisory: Red Hat JBoss BRMS security and bug fix update

An update is now available for Red Hat JBoss BRMS. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

The vulnerability of the FreeBSD operating system allows a hacker to trigger a service failure or increase their privileges.

The vulnerability of the sockargs function sys/kern/uipcsyscalls.c in the FreeBSD operating system is caused by a buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker acting locally to cause a service failure memory reallocation and kernel errors, or to increase...