Microsoft Internet Explorer XSS Filter Vulnerability

Microsoft Internet Explorer IE is a Web browser developed by the American company Microsoft and is the default browser that comes with the Windows operating system. A remote code execution vulnerability exists in the XSS filter of Microsoft IE versions 9 through 11, which stems from the program's...

Internet Explorer XSS Filter Vulnerability

A remote code execution vulnerability exists when the Internet Explorer XSS Filter does not properly validate JavaScript under specific conditions. An attacker who exploited the vulnerability could run arbitrary code with medium-integrity level privileges the permissions of the current user. In a...

Microsoft Edge Elevation of Privilege Vulnerability

Microsoft Edge is the web browser built into the Windows 10 version. Microsoft Edge suffers from an elevation of privilege vulnerability in its implementation due to the program failing to properly validate JavaScript.A remote attacker could exploit this vulnerability to run scripts with elevated...

MS16-038: Cumulative Security Update for Microsoft Edge (3148532)

The version of Microsoft Edge installed on the remote host is missing Cumulative Security Update 3148532. It is, therefore, affected by multiple vulnerabilities : - Multiple remote code execution vulnerabilities exist due to improper handling of objects in memory. An attacker can exploit these...

firefox: multiple issues

CVE-2015-2708 Memory safety bugs fixed in Firefox ESR 31.7 and Firefox 38: Jesse Ruderman, Mats Palmgren, Byron Campen, and Steve Fink reported memory safety problems and crashes that affect Firefox ESR 31.6 and Firefox 37. - CVE-2015-2709 Memory safety bugs fixed in Firefox 38: Gary Kwong,...

Out-of-bounds read and write in asm.js validation — Mozilla

Security researcher Dougall Johnson reported an out-of-bounds read and write in asm.js during JavaScript validation due to an error in how heap lengths are defined. This results in a potentially exploitable crash and could allow for the reading of random memory which may contain sensitive data...

Accuenergy Acuvim II AXM-NET 3.04 Multiple Vulnerabilities

Binary data 8577.prm...

Accuenergy Acuvim II AXM-NET 3.04 Multiple Vulnerabilities

Binary data 7162.pasl...

TRENDnet TEW-634GRU 1.00.23 - Multiple Vulnerabilities

No description provided by source. Title: TRENDnet TEW-634GRU 1.00.23 Multiple Vulnerabilities Author: SirGod Website: www.rstforums.com Vendor Homepage: http://www.trendnet.com/ Version: 1.00.23 1. Local file disclosure The router has the TFTP service enabled by default and it can be accessed...

TRENDnet TEW-634GRU 1.00.23 Disclosure / DoS / Privilege Escalation

Title: TRENDnet TEW-634GRU 1.00.23 Multiple Vulnerabilities Author: SirGod Website: www.rstforums.com Vendor Homepage: http://www.trendnet.com/ Version: 1.00.23 1. Local file disclosure The router has the TFTP service enabled by default and it can be accessed without any prior authentication sinc...

ThinkSNS V3任意删除评论 微博 转发漏洞

简要描述： 今天注册的v3测试下功能 发现v3问题很多 主要是在没有验证权限，只是单纯的在js上进行验证，下面是测试截图。 详细说明： 删除前： 删除中 修改uid和微博id 删除后： 漏洞证明：...

Conceptronic GrabnGo and Sitecom Storage Center - Password Disclosure

Conceptronic GrabnGo and Sitecom Storage Center - Password Disclosure Updated to include Sitecom MD-253 and MD254 Minor textual changes == Conceptronic Grab’n’Go and Sitecom Storage Center - Password disclosure Vulnerability - Security Advisory AA-002 Severity Rating: High Discovery Date: May 5,...

Being the top academic system in the latest sql injection vulnerability fix-bug warning-the black bar safety net

You also again for the exam hanging branches and trouble? you also then for College how to sister phone and tangled? -, do you want to quickly find a school of nice girl?, then please see below 1. Classroom query at sql injection, as shown in Figure ! 1 union select NULL,owner from alltables brok...

ZeeCareers 2.0 (addadminmembercode.php) Add Admin Exploit

Exploit for unknown platform in category web applications ========================================================= ZeeCareers 2.0 addadminmembercode.php Add Admin Exploit ========================================================= ZeeCareers v2.0 addadminmembercode.php Add Admin function...

EUVD-2007-0131

The Javascript SVG support in Opera before 9.10 does not properly validate object types in a createSVGTransformFromMatrix request, which allows remote attackers to execute arbitrary code via JavaScript code that uses an invalid object in this request that causes a controlled pointer to be...

CVE-2003-0284

Adobe Acrobat 5 does not properly validate JavaScript in PDF files, which allows remote attackers to write arbitrary files into the Plug-ins folder that spread to other PDF documents, as demonstrated by the W32.Yourde virus...