UBUNTU-CVE-2016-9187

Unrestricted file upload vulnerability in the double extension support in the "image" module in Moodle 3.1.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, and then accessing it via unspecified vectors...

Cisco ASR 900 Series Aggregation Services Routers Buffer Overflow Vulnerability

A vulnerability in the Transaction Language 1 TL1 code of Cisco ASR 900 Series routers could allow an unauthenticated, remote attacker to cause a reload of, or remotely execute code on, the affected system. The vulnerability exists because the affected software performs incomplete bounds checks o...

Silicon Graphics LibTIFF Remote Code Execution Vulnerability

Silicon Graphics LibTIFF is a library for reading and writing TIFF files. A security vulnerability in Silicon Graphics LibTIFF can be exploited by remote attackers to construct malicious TIFF files that can be parsed by the user, which can crash an application or execute arbitrary code...

Adobe Flash Player Memory Corruption Vulnerability (CNVD-2016-09451)

Adobe Flash Player is a cross-platform, browser-based multimedia player product. A memory corruption vulnerability exists in Adobe Flash Player, which can be exploited by remote attackers to construct malicious SWF files that can be parsed by the user to crash the application or execute arbitrary...

Design/Logic Flaw

Virtual servers in F5 BIG-IP systems 11.5.0, 11.5.1 before HF11, 11.5.2, 11.5.3, 11.5.4 before HF2, 11.6.0 before HF8, 11.6.1 before HF1, 12.0.0 before HF4, and 12.1.0 before HF2, when configured with the HTTP Explicit Proxy functionality or SOCKS profile, allow remote attackers to modify the...

PT-2016-6204 · Apache · Apache Activemq Artemis

Name of the Vulnerable Software and Affected Versions: Apache ActiveMQ Artemis versions prior to 1.4.0 Description: The issue allows remote authenticated users with permission to send messages to the Artemis broker to deserialize arbitrary objects and execute arbitrary code by leveraging gadget...

CVE-2016-0917

The SMB service in EMC VNXe VNXe3200 Operating Environment prior to 3.1.5.8711957 and VNXe3100/3150/3300 Operating Environment prior to 2.4.4.22638, VNX1 File OE before 7.1.80.3, VNX2 File OE before 8.1.9.155, and Celerra all supported versions does not prevent duplicate NTLM challenge-response...

Microsoft Office Memory Corruption Vulnerability (CNVD-2016-07684)

Microsoft Office is an office software suite product developed by Microsoft. Commonly used components are Word, Excel, Access, Powerpoint, FrontPage and so on. Microsoft Office processing office files fails to properly handle objects in memory, allowing remote attackers to exploit the vulnerabili...

CVE-2016-6351

The espdodma function in hw/scsi/esp.c in QEMU aka Quick Emulator, when built with ESP/NCR53C9x controller emulation support, allows local guest OS administrators to cause a denial of service out-of-bounds write and QEMU process crash or execute arbitrary code on the QEMU host via vectors involvi...

CVE-2016-5423

A flaw was found in the way PostgreSQL server handled certain SQL statements containing CASE/WHEN commands. A remote, authenticated attacker could use a specially crafted SQL statement to cause PostgreSQL to crash or disclose a few bytes of server memory or possibly execute arbitrary code...

Little Snitch Heap Overflow Vulnerability

Little Snitch is a firewall software for Mac. Little Snitch suffers from a heap overflow vulnerability. A local attacker can exploit the vulnerability to elevate system privileges and execute arbitrary code...

Microsoft Office Web Apps Multiple Vulnerabilities (3170008)

This host is missing a critical security update according to Microsoft Bulletin MS16-088. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Microsoft Windows ATMFD.dll Elevation of Privilege Vulnerability

Microsoft Windows is a series of operating systems released by Microsoft.Adobe Type Manager Font Driver is a font management driver from Adobe. An elevation of privilege vulnerability exists in the Adobe Type Manager Font Driver ATMFD.dll for Microsoft Windows, which arises from the program's...

BadTunnel: the impact of Win95 to Win10“Super-vulnerability”with CVE-2 0 1 6-3 2 1 3-the vulnerability warning-the black bar safety net

! Yesterday, Microsoft released a high-risk vulnerability patch the vulnerability by Tencent basaltic laboratory Creator to Yang Chinese circle of safety person of the TK, the leader of the Find, and named it“BadTunnel”, is currently the Windows history of the most wide-reaching vulnerabilities,...

CVE-2016-1421

A vulnerability in the web application for Cisco IP Phones could allow an unauthenticated, remote attacker to execute code with root privileges or cause a reload of an affected IP phone, resulting in a denial of service DoS condition. The vulnerability exists because the affected software fails t...

DEBIAN-CVE-2015-5723

Doctrine Annotations before 1.2.7, Cache before 1.3.2 and 1.4.x before 1.4.2, Common before 2.4.3 and 2.5.x before 2.5.1, ORM before 2.4.8 or 2.5.x before 2.5.1, MongoDB ODM before 1.0.2, and MongoDB ODM Bundle before 3.0.1 use world-writable permissions for cache directories, which allows local...

DEBIAN-CVE-2015-5260

Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to cause a denial of service heap-based memory corruption and QEMU-KVM crash or possibly execute arbitrary code on the host via QXL commands related to the surfaceid parameter...

Multiple vulnerabilities in HPE Matrix Operating Environment and Systems Insight Manager (CNVD-2016-03741)

HPE Matrix Operating Environment is a set of cloud management software designed for infrastructure services.HPE Systems Insight Manager is a set of management software for HP servers and storage devices, which provides multi-system management, fault management and event handling, and rights...

Apple OS X El Capitan Intel Graphics Driver Buffer Overflow Vulnerability

Apple OS X El Capitan is an operating system on Apple devices. A buffer overflow vulnerability in Intel Graphics Driver in Apple OS X El Capitan allows attackers to exploit the vulnerability to execute arbitrary code with kernel privileges...

Apple iOS Accessibility Buffer Overflow Vulnerability

Apple iOS is an operating system on Apple phones. A buffer overflow vulnerability exists in Accessibility in Apple iOS, which allows an attacker to exploit the vulnerability to execute arbitrary code with system privileges...