CVE-2017-5019

A use after free in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2016-5786

An issue was discovered in OmniMetrix OmniView, Version 1.2. The OmniView web application transmits credentials with the HTTP protocol, which could be sniffed by an attacker that may result in the compromise of account credentials...

DEBIAN-CVE-2016-3124

The sanitycheck module in SimpleSAMLphp before 1.14.1 allows remote attackers to learn the PHP version on the system via unspecified vectors...

The vulnerability of Google Chrome browser allows a perpetrator to bypass the certificate verification process.

The vulnerability of Google Chrome exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to bypass certificate verification by using a specially created HTML page...

The vulnerability of Google Chrome browser allows a perpetrator to trigger a service failure.

The vulnerability of the V8 component in Google Chrome browsers arises from an operation that occurs outside the buffer in memory. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause a service failure through a specially created HTML page...

The vulnerability of Google Chrome browser allows a perpetrator to trigger a service failure or otherwise affect the system.

The vulnerability of the privateClass extension in Google Chrome’s browser API is related to the lack of protection for service data. Exploiting this vulnerability could allow a malicious actor to remotely cause service failures or otherwise affect the system through a specially created HTML page...

snoopy: incomplete fixes for command execution flaws

Various command-execution flaws were found in the Snoopy library included with Nagios. These flaws allowed remote attackers to execute arbitrary commands by manipulating Nagios HTTP headers...

snoopy: incomplete fixes for command execution flaws

Various command-execution flaws were found in the Snoopy library included with Nagios. These flaws allowed remote attackers to execute arbitrary commands by manipulating Nagios HTTP headers...

CVE-2017-3414

Vulnerability in the Oracle Advanced Outbound Telephony component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with...

CVE-2017-3402

Vulnerability in the Oracle Advanced Outbound Telephony component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with...

CVE-2016-8329

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: Mobile Application Platform. Supported versions that are affected are 8.54 and 8.55. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

CVE-2016-8311

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications subcomponent: Core. Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0 and 12.2.0. Easily exploitable vulnerability allows low privileged attacker with...

chromium-browser: universal xss in chrome://apps

Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, had an insufficiently strict content security policy on the Chrome app launcher page, which allowed a remote attacker to inject scripts or HTML into a privileged page via a crafted HTML page...

PHP 'process_nested_data()' Remote Code Execution Vulnerability

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. A...

PHP 'ext/pcre/php_pcre.c' Information Disclosure Vulnerability

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. PHP...

Moodle HTML Injection Vulnerability (CNVD-2017-00905)

Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment, developed by Dr. Martin Dougiamas of Australia. Moodle suffers from an HTML injection vulnerability due to the program failing to...

Oracle E-Business Suite Remote Security Vulnerability (CNVD-2017-00644)

Oracle E-Business Suite is a fully integrated suite of global business management software from Oracle Corporation. Oracle Service Fulfillment Manager is one of the components that provide telecommunications providers, ISPs Internet Service Providers and similar vendor companies with the ability ...

Unspecified Vulnerability in Oracle FLEXCUBE Universal Banking (CNVD-2017-00941)

Oracle FLEXCUBE Universal Banking is the United States Oracle Oracle company's set of real-time, online coverage of retail, group, investment banking, a comprehensive solution. The program supports multi-currency, multi-language and multi-entity operations. A remote security vulnerability exists ...

Oracle PeolpeSoft Enterprise HCM ePerformance Remote Vulnerability

Oracle PeopleSoft Products is a suite of enterprise human capital management solutions from Oracle that provides human capital management, financial management, supplier relationship management, etc. PeopleSoft Enterprise HCM is one of the Human Capital Management HCM components. A remote securit...

Unspecified Vulnerability in Oracle FLEXCUBE Universal Banking (CNVD-2017-00948)

Oracle FLEXCUBE Universal Banking is the United States Oracle Oracle company's set of real-time, online coverage of retail, group, investment banking, a comprehensive solution. The program supports multi-currency, multi-language and multi-entity operations. A remote security vulnerability exists ...