9459 matches found
AXIS Network Camera Cross Site Scripting
I. ADVISORY INFORMATION ----------------------- Title: Axis Network Cameras Multiple Cross-site scripting Vendor: Axis Communications Class: Improper Input Validation CWE-20 CVE Name: CVE-2015-8256 Remotely Exploitable: Yes Locally Exploitable: No OLSA-ID: OLSA-2015-8256 vulnerability -----------...
NSS -- multiple vulnerabilities
Mozilla Foundation reports: An out-of-bounds write during Base64 decoding operation in the Network Security Services NSS library due to insufficient memory being allocated to the buffer. This results in a potentially exploitable crash. The NSS library has been updated to fix this issue to address...
Undocumented Backdoor Account in DBLTek GoIP
Trustwave recently reported a remotely exploitable issue in the Telnet administrative interface of numerous DblTek branded devices. The issue permits a remote attacker to gain a shell with root privileges on the affected device due to a vendor backdoor in the authentication procedure. The Telnet...
Unauthorized Container Shutdown In ServerMigrationCoordinator
Application: Oracle PeopleSoft Versions Affected: PeopleSoft FSCM 9.2 Vendor: Oracle Bug: Missing Authentication for Critical Function Reported: 16.03.2017 Vendor response: 17.03.2017 Date of Public Advisory: 18.07.2017 Reference: Oracle CPU July 2017 Authors: Vahagn Vardanyan ERPScan VULNERABILI...
Mozilla Firefox MFSA Memory Misreference Vulnerability
Mozilla Firefox is an open source web browser. A security vulnerability exists in Mozilla Firefox. Free usage may occur during buffer storage operations in the ANGLE graphics library for WebGL content. The buffer storage can still be freed under certain circumstances, leading to a potentially...
Buffer overflow
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable buffer overflow / underflow vulnerability in the Primetime TVSDK that supports customizing ad information. Successful exploitation could lead to arbitrary code execution...
Mozilla: Memory Corruption when handling ErrorResult (MFSA 2017-06)
A crash triggerable by web content in which an "ErrorResult" references unassigned memory due to a logic error. The resulting crash may be exploitable. This vulnerability affects Firefox 52, Firefox ESR 45.8, Thunderbird 52, and Thunderbird 45.8...
CVE-2016-8714
An exploitable buffer overflow vulnerability exists in the LoadEncoding functionality of the R programming language version 3.3.0. A specially crafted R script can cause a buffer overflow resulting in a memory corruption. An attacker can send a malicious R script to trigger this vulnerability...
CVE-2016-8714
An exploitable buffer overflow vulnerability exists in the LoadEncoding functionality of the R programming language version 3.3.0. A specially crafted R script can cause a buffer overflow resulting in a memory corruption. An attacker can send a malicious R script to trigger this vulnerability...
CVE-2016-8714
An exploitable buffer overflow vulnerability exists in the LoadEncoding functionality of the R programming language version 3.3.0. A specially crafted R script can cause a buffer overflow resulting in a memory corruption. An attacker can send a malicious R script to trigger this vulnerability...
CVE-2016-8714
An exploitable buffer overflow vulnerability exists in the LoadEncoding functionality of the R programming language version 3.3.0. A specially crafted R script can cause a buffer overflow resulting in a memory corruption. An attacker can send a malicious R script to trigger this vulnerability...
[ASA-201703-3] firefox: multiple issues
Arch Linux Security Advisory ASA-201703-3 ========================================= Severity: Critical Date : 2017-03-10 CVE-ID : CVE-2017-5398 CVE-2017-5399 CVE-2017-5400 CVE-2017-5401 CVE-2017-5402 CVE-2017-5403 CVE-2017-5404 CVE-2017-5405 CVE-2017-5406 CVE-2017-5407 CVE-2017-5408 CVE-2017-5410...
DLL hijacking and the Opera browser
Security DLL hijacking and the Opera browser Share March 10th, 2017 Recently, a collection of documents was released online, which was claimed to have originated with a major World power. The documents listed hacking vectors that could be used to inject code into major operating systems and...
Mozilla Firefox < 52.0 Multiple Vulnerabilities
The version of Mozilla Firefox installed on the remote Windows host is prior to 52.0. It is, therefore, affected by multiple vulnerabilities : - Mozilla developers and community members Boris Zbarsky, Christian Holler, Honza Bambas, Jon Coppeard, Randell Jesup, Andre Bargull, Kan-Ru Chen, and...
Mozilla: Memory Corruption when handling ErrorResult (MFSA 2017-06)
A crash triggerable by web content in which an "ErrorResult" references unassigned memory due to a logic error. The resulting crash may be exploitable. This vulnerability affects Firefox 52, Firefox ESR 45.8, Thunderbird 52, and Thunderbird 45.8...
Mozilla: Memory Corruption when handling ErrorResult (MFSA 2017-06)
A crash triggerable by web content in which an "ErrorResult" references unassigned memory due to a logic error. The resulting crash may be exploitable. This vulnerability affects Firefox 52, Firefox ESR 45.8, Thunderbird 52, and Thunderbird 45.8...
Mozilla: Memory corruption during JavaScript garbage collection incremental sweeping (MFSA 2017-06)
Memory corruption resulting in a potentially exploitable crash during garbage collection of JavaScript due errors in how incremental sweeping is managed for memory cleanup. This vulnerability affects Firefox 52, Firefox ESR 45.8, Thunderbird 52, and Thunderbird 45.8...
CVE-2017-5410
Memory corruption resulting in a potentially exploitable crash during garbage collection of JavaScript due errors in how incremental sweeping is managed for memory cleanup. This vulnerability affects Firefox 52, Firefox ESR 45.8, Thunderbird 52, and Thunderbird 45.8...
CVE-2017-5401
A crash triggerable by web content in which an "ErrorResult" references unassigned memory due to a logic error. The resulting crash may be exploitable. This vulnerability affects Firefox 52, Firefox ESR 45.8, Thunderbird 52, and Thunderbird 45.8...
CVE-2017-5404
A use-after-free error can occur when manipulating ranges in selections with one node inside a native anonymous tree and one node outside of it. This results in a potentially exploitable crash. This vulnerability affects Firefox 52, Firefox ESR 45.8, Thunderbird 52, and Thunderbird 45.8...