2019 matches found
CVE-2016-6124
IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server...
CVE-2016-8225
Unquoted service path vulnerability in Lenovo Edge and Lenovo Slim USB Keyboard Driver versions earlier than 1.21 allows local users to execute code with elevated privileges...
Out-of-bounds
The ConvertToPDF plugin in Foxit Reader before 8.2 and PhantomPDF before 8.2 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted JPEG image. The vulnerability could lead to information disclosure; ...
libupnp: Multiple vulnerabilities
Background libupnp is a portable, open source, UPnP development kit. Description Multiple vulnerabilities have been discovered in libupnp. Please review the CVE identifiers referenced below for details. Impact A remote attack could arbitrarily write files to a users file system, cause a Denial of...
Mapserver Buffer Overflow Vulnerability
MapServer is an open source web mapping software. A buffer overflow vulnerability exists in Mapserver that could allow a remote user to crash the service or possibly execute arbitrary code...
DEBIAN-CVE-2016-10006
In OWASP AntiSamy before 1.5.5, by submitting a specially crafted input a tag that supports style with active content, you could bypass the library protections and supply executable code. The impact is XSS...
Arbitrary Code Execution Vulnerability in the Kernel Component of Multiple Apple Products (CNVD-2016-12824)
Apple iOS, watchOS, macOS, and tvOS are products of Apple Inc. Apple iOS is an operating system for mobile devices; watchOS is a smartwatch operating system. kernel is a kernel component. A security vulnerability exists in the Kernel component of several Apple products. A local attacker could...
Apple iOS APPLE-SA-2016-12-12-1 has multiple vulnerabilities (CNVD-2016-12705)
Apple iOS is an operating system developed for mobile devices. Apple iOS has multiple vulnerabilities. An attacker can exploit the vulnerabilities to bypass security restrictions, execute arbitrary code or perform unauthorized actions, and obtain sensitive information...
KLA10921 Multiple vulnerabilities in Microsoft Office
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, cause denial of service, gain priveleges. Below is a complete list of vulnerabilities: 1. Memory corruption vulnerabilit...
Microsoft Edge Memory Corruption (MS16-145: CVE-2016-7286)
A remote code execution vulnerability exists in Microsoft Edge. The vulnerability is due to a memory corruption when handling certain objects in JavaScript. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page that could cause memory corruption...
CVE-2016-9428
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Heap-based buffer overflow in the addMultirowsForm function in w3m allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted HTML page...
Microsoft Edge browser vulnerability, which allows a hacker to trigger a service failure or execute arbitrary code
Microsoft Edge browser vulnerability, which allows a hacker to trigger a service failure or execute arbitrary code...
USN-3143-1 c-ares vulnerability
Gzob Qq discovered that c-ares incorrectly handled certain hostnames. A remote attacker could use this issue to cause applications using c-ares to crash, resulting in a denial of service, or possibly execute arbitrary code...
CVE-2016-7196
Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."...
UBUNTU-CVE-2016-9187
Unrestricted file upload vulnerability in the double extension support in the "image" module in Moodle 3.1.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, and then accessing it via unspecified vectors...
The vulnerability of the libaudiofile library, which allows a hacker to trigger a service failure or execute arbitrary code.
The vulnerability of the msadpcm.c file in the libaudiofile library arises due to an overflow in the buffer in the dynamic memory. Exploiting this vulnerability can allow a local attacker to cause a service failure application termination or execute arbitrary code using a specially crafted WAV fi...
Cisco ASR 900 Series Aggregation Services Routers Buffer Overflow Vulnerability
A vulnerability in the Transaction Language 1 TL1 code of Cisco ASR 900 Series routers could allow an unauthenticated, remote attacker to cause a reload of, or remotely execute code on, the affected system. The vulnerability exists because the affected software performs incomplete bounds checks o...
Silicon Graphics LibTIFF Remote Code Execution Vulnerability
Silicon Graphics LibTIFF is a library for reading and writing TIFF files. A security vulnerability in Silicon Graphics LibTIFF can be exploited by remote attackers to construct malicious TIFF files that can be parsed by the user, which can crash an application or execute arbitrary code...
Adobe Flash Player Memory Corruption Vulnerability (CNVD-2016-09451)
Adobe Flash Player is a cross-platform, browser-based multimedia player product. A memory corruption vulnerability exists in Adobe Flash Player, which can be exploited by remote attackers to construct malicious SWF files that can be parsed by the user to crash the application or execute arbitrary...
Design/Logic Flaw
Virtual servers in F5 BIG-IP systems 11.5.0, 11.5.1 before HF11, 11.5.2, 11.5.3, 11.5.4 before HF2, 11.6.0 before HF8, 11.6.1 before HF1, 12.0.0 before HF4, and 12.1.0 before HF2, when configured with the HTTP Explicit Proxy functionality or SOCKS profile, allow remote attackers to modify the...