1052 matches found
CVE-2016-4262
Adobe Digital Editions before 4.5.2 allows attackers to execute arbitrary code or cause a denial of service memory corruption via unspecified vectors, a different vulnerability than CVE-2016-4256, CVE-2016-4257, CVE-2016-4258, CVE-2016-4259, CVE-2016-4260, and CVE-2016-4261...
Adobe Digital Editions Remote Code Execution Vulnerability (CNVD-2016-07619)
Adobe Digital Editions DE is a set of e-book reading and management software of the United States Ordoby Adobe. Through the software can open, read and manage PDF, XML, Flash files. A remote code execution vulnerability exists in Adobe DE versions prior to 4.5.2. A remote attacker could exploit...
CVE-2016-0292
WebReports in IBM BigFix Platform formerly Tivoli Endpoint Manager 9.x before 9.5.2 allows local users to discover the cleartext system password by reading a report...
AlienVault OSSIM and USM Cross-Site Scripting Vulnerabilities
AlienVault OSSIM and USM are both products of AlienVault Corporation, U.S.A. OSSIM is an open source security information management system. USM is a security management platform that provides security monitoring, security event management and reporting, and threat awareness system. A cross-site...
Multiple vulnerabilities in ZOHO WebNMS Framework (CNVD-2016-06372)
ZOHO WebNMS Framework is the United States ZhuoHao ZOHO company's set of framework for building network management applications. A directory traversal vulnerability, an information disclosure vulnerability, and a user impersonation vulnerability exist in versions 5.2 and 5.2 SP1 of the ZOHO WebNM...
CVE-2016-1465
Cisco Nexus 1000v Application Virtual Switch AVS devices before 5.21SV31.5i allow remote attackers to cause a denial of service ESXi hypervisor crash and purple screen via a crafted Cisco Discovery Protocol packet that triggers an out-of-bounds memory access, aka Bug ID CSCuw57985...
Unspecified Vulnerability in Oracle Fusion Middleware Outside In Technology (CNVD-2016-05416)
Oracle Fusion Middleware is a comprehensive middleware portfolio of SOA and middleware products. A security vulnerability exists in Oracle Fusion Middleware versions 8.5.0, 8.5.1, 8.5.2, Outside In Technology component, which can be exploited by remote attackers to compromise confidentiality...
WordPress Information Disclosure Vulnerability (CNVD-2016-04364)
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Software Foundation. An information disclosure vulnerability exists in WordPress versions 4.5.2 and earlier, which can be exploited by an attacker to disclose revision history information...
WordPress Denial of Service Vulnerability (CNVD-2016-04363)
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Software Foundation. A denial of service vulnerability exists in WordPress 4.5.2 and earlier versions, which can be exploited by attackers to cause a denial of service...
Adobe Connect untrustworthy search path vulnerability
Adobe Connect formerly known as Macromedia Breeze is a set of enterprise-level web-based communication solutions from the U.S. company Audobee Adobe. The program provides web conferencing, e-learning and webinar features. An untrustworthy search path vulnerability exists in Adobe Connect 9.5.2 an...
DEBIAN-CVE-2016-1575
The overlayfs implementation in the Linux kernel through 4.5.2 does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory...
PT-2016-5052 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.5.2 Description: The issue allows physically proximate attackers to cause a denial of service, resulting in a system crash due to a NULL pointer dereference. This is achieved by using a crafted endpoints value...
PT-2016-5021 · Linux +5 · Linux Kernel +5
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.5.2 Description: The issue allows remote attackers to obtain sensitive information from kernel memory by reading packet data. This is due to the incorrect enabling of scatter/gather I/O in the atl2 probe...
PostgreSQL Security Bypass Vulnerability (CNVD-2016-02169)
PostgreSQL is a free object-relational database management system developed by the PostgreSQL development group. The system supports most of the SQL standards and provides many other features, such as foreign keys, triggers, views, and so on. A security bypass vulnerability exists in PostgreSQL...
CVE-2016-0948
Cross-site request forgery CSRF vulnerability in Adobe Connect before 9.5.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...
Directory traversal vulnerability in guard-livereload
The vulnerability allows remote attackers to read arbitrary files on the server by exploiting improper path validation in the livereload server functionality. This vulnerability is related to the handling of file paths in the livereload server component, which could allow an attacker to traverse...
CVE-2016-0501
Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5.2 allows remote attackers to affect availability via vectors related to SGD Core...
IBM Sterling B2B Integrator Cross-Site Scripting Vulnerability (CNVD-2015-07814)
IBM Sterling B2B Integrator is a suite of software from IBM USA that integrates essential B2B processes, transactions and relationships. A cross-site scripting vulnerability in IBM Sterling B2B Integrator version 5.2 can be exploited by an attacker to steal cookie-based authentication and execute...
IBM Sterling B2B Integrator Authentication Bypass Vulnerability
IBM Sterling B2B Integrator is IBM's software for integrating critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with diverse partner communities. A security vulnerability exists in IBM Sterling B2B Integrator versions 5.1 and...
Fortinet FortiOS Access Privilege Vulnerability
Fortinet FortiOS is a set of security operating system developed by the U.S. Fiat Fortinet company dedicated to FortiGate network security platform. The system provides users with firewall, antivirus, IPSec/SSL VPN, Web content filtering and anti-spam and other security features. An access...