Design/Logic Flaw

Juniper ScreenOS before 6.3.0r21, when ssh-pka is configured and enabled, allows remote attackers to cause a denial of service system crash or execute arbitrary code via crafted SSH negotiation...

Ubuntu 14.04 LTS : libpng vulnerabilities (USN-2861-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2861-1 advisory. It was discovered that libpng incorrectly handled certain small bit-depth values. If a user or automated system using libpng were tricked into opening a...

CVE-2015-8835

The makehttpsoaprequest function in ext/soap/phphttp.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 does not properly retrieve keys, which allows remote attackers to cause a denial of service NULL pointer dereference, type confusion, and application crash or possibly execute...

Apple Xcode mach-o file handling arbitrary code execution vulnerability

Apple Xcode is an integrated development tool IDE that runs on the operating system Mac OS X. It is used for the development of the Mac OS X operating system and for the development of the Mac OS X operating system. A security vulnerability exists in Apple Xcode that fails to properly enforce the...

Microsoft Windows VBScript Replace Function Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose the contents of memory on applications using the VBScript scripting language on vulnerable installations of Microsoft Windows. Microsoft Internet Explorer is an affected application. User interaction is required to exploit this vulnerability ...

The vulnerability of the Internet Explorer browser, which allows a hacker to execute arbitrary code or trigger a service failure.

The vulnerability of the Internet Explorer browser arises due to buffer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure by using a specially created website...

Microsoft Internet Explorer Memory Corruption (MS15-112: CVE-2015-6082)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...

F5 Networks BIG-IP : Datastor kernel vulnerability (K17407)

The datastor kernel module in F5 BIG-IP Analytics, APM, ASM, Link Controller, and LTM 11.1.0 before 12.0.0, BIG-IP AAM 11.4.0 before 12.0.0, BIG-IP AFM, PEM 11.3.0 before 12.0.0, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.1.0 through 11.3.0, BIG-IP GTM 11.1.0 through 11.6.0, BIG-IP PSM 11.1....

The vulnerability of the Kaspersky Anti-Virus antivirus protection allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of Kaspersky Anti-Virus lies in a numerical overflow condition. Exploiting this vulnerability allows an attacker to cause service interruptions or execute arbitrary code using VB6 files during the antivirus system’s scanning process...

Ubuntu: Security Advisory (USN-2773-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the Android operating system, which allows a hacker to execute arbitrary code or cause a service failure

The vulnerability of the libstagefright component in the Android operating system arises due to buffer overflow. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure using a specially crafted media file...

Microsoft Windows Tablet Input Band Memory Misreference Vulnerability

Microsoft Windows is a popular operating system. A memory misreference vulnerability exists in Microsoft Windows Microsoft Tablet Input Band. The vulnerability allows remote attackers to construct special data to trick the user into loading it, which can trigger a post-release use of memory error...

Apple OS X intel graphics driver memory corruption vulnerability (CNVD-2015-06431)

Apple OS X is an operating system developed by Apple Inc. A memory corruption vulnerability exists in the Apple OS X Intel graphics driver, which can be exploited by a local attacker to execute arbitrary code with system privileges...

Apple OS X kernel memory corruption vulnerability (CNVD-2015-06427)

Apple OS X is an operating system developed by Apple Inc. A memory corruption vulnerability exists in the Apple OS X kernel, which can be exploited by a local attacker to execute arbitrary code in the kernel context...

The vulnerability of the multi-media player iTunes, allowing a intruder to execute arbitrary code or trigger a service failure

The vulnerability of the WebKit component in the multimedia player iTunes and the iOS operating system exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure by using a specially crafted...

Mozilla Firefox and Firefox ESR 'ConvertDialogOptions' function buffer overflow vulnerability

Mozilla Firefox is an open source web browser. A buffer overflow vulnerability exists in the Mozilla Firefox 'ConvertDialogOptions' function, which allows attackers to construct a malicious web page and trick the user into parsing it, which could crash the application or execute arbitrary code...

Adobe Flash Player suffers from an unspecified memory corruption vulnerability (CNVD-2015-06317)

Adobe Flash Player is a Flash file processing program.Adobe AIR is a cross-operating system runtime library produced by Adobe, through which developers can take advantage of existing Web development technology. A memory corruption vulnerability exists in Adobe Flash Player that could allow an...

Apple iOS WebKit Memory Corruption Vulnerability

Apple iOS is the latest operating system that runs on Apple's iPhone and iPod touch devices. A memory corruption vulnerability exists in the Apple iOS WebKit engine, which allows remote attackers to construct a malicious web page and trick users into parsing it, which could crash the application ...

Apple iOS Webkit Memory Corruption Vulnerability (CNVD-2015-06147)

Apple iOS is the latest operating system that runs on Apple's iPhone and iPod touch devices. A memory corruption vulnerability exists in Webkit used by Apple iOS, which allows attackers to construct a malicious web page and trick users into parsing it, which could crash the application or execute...

CVE-2015-5798

WebKit, as used in Apple iTunes before 12.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in...