Adobe Flash Player suffers from an unspecified memory corruption vulnerability (CNVD-2015-05269)

Adobe Flash Player is a Flash file handling program. An unspecified memory corruption vulnerability exists in Adobe Flash Player, which can be exploited by remote attackers to crash an application or execute arbitrary code...

Adobe Flash Player suffers from an unspecified memory corruption vulnerability (CNVD-2015-05265)

Adobe Flash Player is a Flash file handling program. An unspecified memory corruption vulnerability exists in Adobe Flash Player, which can be exploited by remote attackers to crash an application or execute arbitrary code...

PHP SPL ArrayObject Use-After-Free Exploit

A use-after-free vulnerability was discovered in unserialize with SPL ArrayObject object's deserialization that can be abused for leaking arbitrary memory blocks or execute arbitrary code remotely. Use After Free Vulnerability in unserialize with SPL ArrayObject Taoguang Chen - Write Date:...

Ubuntu 14.04 LTS : Oxide vulnerabilities (USN-2677-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2677-1 advisory. An uninitialized value issue was discovered in ICU. If a user were tricked in to opening a specially crafted website, an attacker could potentially explo...

CVE-2015-1329

Use-after-free vulnerability in oxide::qt::URLRequestDelegatedJob in oxide-qt in Ubuntu 15.04 and 14.04 LTS might allow remote attackers to execute arbitrary code...

Stack overflow

Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12.1 allows remote attackers to execute arbitrary code via a crafted packet, a different vulnerability than CVE-2015-4931, CVE-2015-4933, CVE-2015-4934, and CVE-2015-4935...

CVE-2015-5621

The snmppduparse function in snmpapi.c in net-snmp 5.7.2 and earlier does not remove the varBind variable in a netsnmpvariablelist item when parsing of the SNMP PDU fails, which allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted packet...

CVE-2015-2977

Webservice-DIC yoyakuv41 allows remote attackers to create arbitrary files, and consequently execute arbitrary code, via unspecified vectors...

Code injection

Webservice-DIC yoyakuv41 allows remote attackers to create arbitrary files, and consequently execute arbitrary code, via unspecified vectors...

CVE-2015-2977

Webservice-DIC yoyaku_v41 (conference room reservation software) is affected by CVE-2015-2977. The vulnerability stems from insufficient input validation (CWE-20), enabling remote attackers to create arbitrary files, which may lead to arbitrary code execution on the server. Public sources in the ...

Flash Player < 13.0.0.281 / 17.0.0.169 Multiple Vulnerabilities (APSB15-06)

Binary data 8815.prm...

Debian DSA-3309-1 : tidy - security update

Fernando Munoz discovered that invalid HTML input passed to tidy, an HTML syntax checker and reformatter, could trigger a buffer overflow. This could allow remote attackers to cause a denial of service crash or potentially execute arbitrary code. Geoff McLane also discovered that a similar issue...

Microsoft Internet Explorer Memory Corruption Vulnerability (CNVD-2015-04686)

Microsoft Internet Explorer is a popular WEB browser. A memory corruption vulnerability exists in Microsoft Internet Explorer, which allows remote attackers to exploit the vulnerability to construct a malicious web page that can be tricked into parsing by the user, which could cause the applicati...

CVE-2015-5105

Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allows attackers to execute arbitrary code via...

CVE-2015-5110

Stack-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allows attackers to execute arbitrary code via...

CVE-2015-5111

CVE-2015-5111 is a use-after-free vulnerability in Adobe Reader and Acrobat products on Windows and macOS. Affected are: Reader/Acrobat 10.x before 10.1.15, 11.x before 11.0.12, Acrobat/Reader DC Classic before 2015.006.30060, and DC Continuous before 2015.008.20082. The issue enables attackers t...

CVE-2015-2424

Microsoft PowerPoint 2007 SP3, Word 2007 SP3, PowerPoint 2010 SP2, Word 2010 SP2, PowerPoint 2013 SP1, Word 2013 SP1, and PowerPoint 2013 RT SP1 allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted Office document, aka "Microsoft Office...

CVE-2015-2403

Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."...

CVE-2015-2390

Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2385, CVE-2015-2397, CVE-2015-2404,...

CVE-2015-3258

Heap-based buffer overflow in the WriteProlog function in filter/texttopdf.c in texttopdf in cups-filters before 1.0.70 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a small line size in a print job...