CVE-2017-5422

If a malicious site uses the "view-source:" protocol in a series within a single hyperlink, it can trigger a non-exploitable browser crash when the hyperlink is selected. This was fixed by no longer making "view-source:" linkable. This vulnerability affects Firefox 52 and Thunderbird 52...

CVE-2017-5410

Memory corruption resulting in a potentially exploitable crash during garbage collection of JavaScript due errors in how incremental sweeping is managed for memory cleanup. This vulnerability affects Firefox 52, Firefox ESR 45.8, Thunderbird 52, and Thunderbird 45.8...

CVE-2017-5403

When adding a range to an object in the DOM, it is possible to use "addRange" to add the range to an incorrect root object. This triggers a use-after-free, resulting in a potentially exploitable crash. This vulnerability affects Firefox 52 and Thunderbird 52...

Security vulnerabilities fixed in Firefox 52 — Mozilla

JIT-spray targeting asm.js combined with a heap spray allows for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. A crash triggerable by web content in which an ErrorResult references unassigned memory due to a logic error. The resulting crash may be exploitabl...

CVE-2017-5404

A use-after-free error can occur when manipulating ranges in selections with one node inside a native anonymous tree and one node outside of it. This results in a potentially exploitable crash. This vulnerability affects Firefox 52, Firefox ESR 45.8, Thunderbird 52, and Thunderbird 45.8...

Siemens SINUMERIK Integrate and SINUMERIK Operate

CVSS v3 7.4 ATTENTION: Remotely exploitable. Vendor: Siemens Equipment: SINUMERIK Integrate, SINUMERIK Operate Vulnerability: Man-in-the-Middle AFFECTED PRODUCTS Siemens reports that the vulnerability affects the following SINUMERIK Integrate and Operate product suite versions: SINUMERIK Integrat...

Integer overflow

An exploitable integer-overflow vulnerability exists within Iceni Argus. When it attempts to convert a malformed PDF to XML, it will attempt to convert each character from a font into a polygon and then attempt to rasterize these shapes. As the application attempts to iterate through the rows and...

Heap overflow

An exploitable arbitrary heap-overwrite vulnerability exists within Iceni Argus. When it attempts to convert a malformed PDF to XML, it will explicitly trust an index within the specific font object and use it to write the font's name to a single object within an array of objects...

CVE-2016-8388

An exploitable arbitrary heap-overwrite vulnerability exists within Iceni Argus. When it attempts to convert a malformed PDF to XML, it will explicitly trust an index within the specific font object and use it to write the font's name to a single object within an array of objects...

CVE-2016-8715

An exploitable heap corruption vulnerability exists in the loadTrailer functionality of Iceni Argus version 6.6.05. A specially crafted PDF file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide a malicious PDF file to trigger this vulnerability...

CVE-2016-8388

An exploitable arbitrary heap-overwrite vulnerability exists within Iceni Argus. When it attempts to convert a malformed PDF to XML, it will explicitly trust an index within the specific font object and use it to write the font's name to a single object within an array of objects...

CVE-2016-8387

An exploitable heap-based buffer overflow exists in Iceni Argus. When it attempts to convert a malformed PDF with an object encoded w/ multiple encoding types terminating with an LZW encoded type, an overflow may occur due to a lack of bounds checking by the LZW decoder. This can lead to code...

CVE-2016-8386

An exploitable heap-based buffer overflow exists in Iceni Argus. When it attempts to convert a PDF containing a malformed font to XML, the tool will attempt to use a size out of the font to search through a linked list of buffers to return. Due to a signedness issue, a buffer smaller than the...

Out-of-bounds

An exploitable out-of-bounds indexing vulnerability exists within the RW fabric message particle type of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause the server to fetch a function table outside the bounds of an array resulting in remote code execution. An attacker can...

Null pointer dereference

An exploitable denial-of-service vulnerability exists in the fabric-worker component of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause the server process to dereference a null pointer. An attacker can simply connect to a TCP port in order to trigger this vulnerability...

Out-of-bounds

An exploitable out-of-bounds write vulnerability exists in the batch transaction field parsing functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause an out-of-bounds write resulting in memory corruption which can lead to remote code execution. An attacker can...

Plone 5.0.5 Cross Site Scripting

Security Advisory - Curesec Research Team 1. Introduction Affected Product: Plone 5.0.5 Fixed in: Hotfix 20170117 Fixed Version Link: https://plone.org/security/hotfix/20170117 Vendor Contact: [email protected] Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor: 09/05/2016...

Buffer overflow

Adobe Digital Editions versions 4.5.3 and earlier have an exploitable buffer over-read vulnerability. Successful exploitation could lead to information disclosure...

CVE-2017-2982

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in a routine related to player shutdown. Successful exploitation could lead to arbitrary code execution...

Siemens SIMATIC Authentication Bypass (Update A)

CVSS v3 9.0 ATTENTION: Remotely exploitable/low skill level to exploit Vendor: Siemens Equipment: SIMATIC Vulnerability: Authentication Bypass UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-17-045-03 Siemens SIMATIC Authentication Bypass that was...