Oracle E-Business Suite Remote Security Vulnerability (CNVD-2017-00641)

Oracle E-Business Suite E-Business Suite is a set of fully integrated global business management software from Oracle Oracle. The software provides customer relationship management, service management, financial management and other functions. A remote vulnerability exists in Oracle iStore for...

Unspecified Vulnerability in Oracle FLEXCUBE Universal Banking (CNVD-2017-00944)

Oracle FLEXCUBE Universal Banking is the United States Oracle Oracle company's set of real-time, online coverage of retail, group, investment banking, a comprehensive solution. The program supports multi-currency, multi-language and multi-entity operations. A remote security vulnerability exists ...

Oracle E-Business Suite Remote Security Vulnerability (CNVD-2017-00638)

Oracle E-Business Suite is a suite of fully integrated, global business management software from Oracle Corporation. Oracle Common Applications also known as Oracle Common Application Calendar, CAC is one of the components that can simplify the management of daily activities, appointments, and...

CVE-2016-5221

Type confusion in libGLESv2 in ANGLE in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android possibly allowed a remote attacker to bypass buffer validation via a crafted HTML page...

PYSEC-2017-93

A HTTP/2 implementation built using any version of the Python priority library prior to version 1.2.0 could be targeted by a malicious peer by having that peer assign priority information for every possible HTTP/2 stream ID. The priority tree would happily continue to store the priority informati...

w3m denial of service vulnerability (CNVD-2016-13128)

w3m is an open source text-based Web browser . A security vulnerability exists in versions prior to w3m 0.5.3-33. Allows remote attackers to cause a denial of service via a crafted HTML page...

w3m denial of service vulnerability (CNVD-2016-13124)

w3m is an open source text-based Web browser . A security vulnerability exists in versions of w3m prior to 0.5.3-33. A remote attacker can exploit this vulnerability to cause a denial of service segmentation error and crash with the help of specially crafted HTML pages...

Cisco Jabber Guest Server Open Redirect Vulnerability

Cisco Jabber Guest Server is the United States of America Cisco Cisco company's set of users to interact with the enterprise staff in real time software. A security vulnerability exists in Cisco Jabber Guest Server, which arises from the program's failure to adequately enforce access controls on...

CVE-2016-6845

An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. Script code within hyperlinks at HTML E-Mails is not getting correctly sanitized when using base64 encoded "data" resources. This allows an attacker to provide hyperlinks that may execute script code instead of directing to a...

CVE-2016-4026

An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev11. The content sanitizer component has an issue with filtering malicious content in case invalid HTML code is provided. In such cases the filter will output a unsanitized representation of the content. Malicious script code can...

CVE-2016-9205

A vulnerability in the HTTP 2.0 request handling code of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the Event Management Service daemon emsd to crash, resulting in a denial of service DoS condition. More Information: CSCvb14425. Known Affected Releases:...

Cisco IOS XR Software Denial of Service Vulnerability (CNVD-2016-12410)

Cisco IOS is the interconnected Internet operating system used on most Cisco Systems routers and network switches. A denial of service vulnerability exists in Cisco IOS XR Software's handling of HTTP 2.0 requests, which allows remote attackers to exploit the vulnerability by submitting a special...

DEBIAN-CVE-2016-9633

An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service infinite loop and resource consumption via a crafted HTML page...

DEBIAN-CVE-2016-9631

An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service segmentation fault and crash via a crafted HTML page...

DEBIAN-CVE-2016-9625

An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page...

DEBIAN-CVE-2016-9622

An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service segmentation fault and crash via a crafted HTML page...

DEBIAN-CVE-2016-9423

An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Heap-based buffer overflow in w3m allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted HTML page...

UBUNTU-CVE-2016-9631

An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service segmentation fault and crash via a crafted HTML page...

chromium-browser: file download protection bypass

Google Chrome prior to 55.0.2883.75 for Windows mishandled downloaded files, which allowed a remote attacker to prevent the downloaded file from receiving the Mark of the Web via a crafted HTML page...

w3m buffer overflow vulnerability

w3m is an open source text-based Web browser . A buffer overflow vulnerability exists in versions of w3m prior to 0.5.3-31. An attacker can exploit this vulnerability to execute arbitrary code with the help of malformed html tags...