IBM Domino Authentication Bypass Vulnerability

IBM Domino is a suite of platforms for hosting social business applications from IBM in the United States. An unspecified security vulnerability exists in IBM Domino, which allows remote attackers to bypass the authentication process and execute arbitrary code with system privileges...

CVE-2016-4090

Technical details about CVE-2016-4090 are not publicly available in the provided connected documents. Monitor for updates from the sources referenced in the Initial Description; no explicit vulnerability specifics (exploit vectors, impacted versions, or fixes) are given here.

CVE-2016-1125

Technical details about CVE-2016-1125 are not publicly available in the provided Connected documents; no affected products, versions, impact details, or remediation are disclosed here. Monitor for updates.

Microsoft Edge Memory Corruption (MS16-052: CVE-2016-0191)

A remote code execution vulnerability has been reported in Microsoft Edge. The vulnerability is due to a use of uninitialized pointer. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page that could cause memory corruption in a way that would...

Google Chrome suffers from an unspecified vulnerability (CNVD-2016-02823)

Google Chrome is a popular web browser. An unspecified security vulnerability exists in Google Chrome, which allows remote attackers to exploit the vulnerability to build malicious web pages and trick users into parsing them, which could cause the application to crash or execute arbitrary code...

The use of PHP 7 is due to the OPcache execute PHP code-bug warning-the black bar safety net

from:http://blog. gosecure. ca/2 0 1 6/0 4/2 7/binary-webshell-through-opcache-in-php-7/ In the PHP 7.0 release at the beginning, there are a lot of PHP developers for its performance improvement is very attention. In the introduction of OPcache, PHP performance has been greatly improved, many...

Microsoft Edge Memory Corruption (MS16-038: CVE-2016-0155)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to a type confusion when handling certain objects in JavaScript. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page that could...

Pixman Integer Overflow Vulnerability

Pixman is an underlying software library for pixel manipulation. An integer overflow vulnerability exists in Pixman, which can be exploited by a remote attacker to cause a denial of service application crash or execute arbitrary code with user privileges...

Mozilla Network Security Services Memory Misreference Vulnerability

Firefox is an open source web browser. A memory misreference vulnerability in the handling of DER-encoded keys by Mozilla Network Security Services allows remote attackers to exploit the vulnerability to construct a malicious web page that can be tricked into parsing by a user, which can crash th...

Mozilla Firefox and Firefox ESR Graphite 2 Denial of Service Vulnerability (CNVD-2016-01650)

Firefox is an open source Web browser ; Firefox ESR is an extended support version of Firefox.Graphite is a set of Python language , written using the Django framework for enterprise-class open source system monitoring tools . A security vulnerability exists in Mozilla Firefox and Firefox ESR...

Microsoft Internet Explorer Memory Error Reference Remote Code Execution Vulnerability (CNVD-2016-01536)

Internet Explorer is a web browser from Microsoft. A vulnerability in the handling of "range" type HTML input elements in some versions of Internet Explorer can be exploited by an attacker with a malicious web page or file to reuse a freed memory structure to execute arbitrary code in the context...

Google Nexus Conscrypt Man-in-the-Middle Attack Vulnerability

Google Nexus is a series of smart devices based on the Android operating system developed by the U.S. company Google Google, including cell phones and tablet computers. The smart device by Google to provide technology and authorize the cooperation of hardware manufacturers for production and...

USN-2906-1: GNU cpio vulnerabilities

Alexander Cherepanov discovered that GNU cpio incorrectly handled symbolic links when used with the --no-absolute-filenames option. If a user or automated system were tricked into extracting a specially-crafted cpio archive, a remote attacker could possibly use this issue to write arbitrary files...

Core FTP Server 1.2 - Buffer Overflow (PoC)

Exploit for windows platform in category local exploits -- coding: utf-8 -- Exploit Title : Core FTP Server v1.2 - BufferOverflow POC Date: 2016-02-22 Author: INSECT.B Facebook : https://www.facebook.com/B.INSECT00 GitHub : binsect00 Blog : http://binsect00.tistory.com Vendor Homepage :...

glibc vulnerable to stack buffer overflow in DNS resolver

Overview GNU glibc contains a buffer overflow vulnerability in the DNS resolver, which may allow a remote attacker to execute arbitrary code. Description CWE-121: Stack-based Buffer Overflow - CVE-2015-7547According to a Google security blog post: "The glibc DNS client side resolver is vulnerable...

Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability

A vulnerability in the Internet Key Exchange IKE version 1 v1 and IKE version 2 v2 code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. The vulnerability is due to a buffer overflow in the affected code...

Design/Logic Flaw

Juniper ScreenOS before 6.3.0r21, when ssh-pka is configured and enabled, allows remote attackers to cause a denial of service system crash or execute arbitrary code via crafted SSH negotiation...

Ubuntu 14.04 LTS : libpng vulnerabilities (USN-2861-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2861-1 advisory. It was discovered that libpng incorrectly handled certain small bit-depth values. If a user or automated system using libpng were tricked into opening a...

CVE-2015-8835

The makehttpsoaprequest function in ext/soap/phphttp.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 does not properly retrieve keys, which allows remote attackers to cause a denial of service NULL pointer dereference, type confusion, and application crash or possibly execute...

Apple Xcode mach-o file handling arbitrary code execution vulnerability

Apple Xcode is an integrated development tool IDE that runs on the operating system Mac OS X. It is used for the development of the Mac OS X operating system and for the development of the Mac OS X operating system. A security vulnerability exists in Apple Xcode that fails to properly enforce the...