Lucene search
K

3832 matches found

Zero Day Initiative
Zero Day Initiative
added 2016/03/08 12:0 a.m.26 views

Microsoft Internet Explorer SNeighborPosition Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how...

5.1CVSS2.7AI score0.16763EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2016/03/07 3:22 a.m.8 views

chromium-browser: LayoutBlock.cpp in Blink does not properly determine when anonymous block wrappers may exist

WebKit/Source/core/layout/LayoutBlock.cpp in Blink, as used in Google Chrome before 49.0.2623.75, does not properly determine when anonymous block wrappers may exist, which allows remote attackers to cause a denial of service incorrect cast and assertion failure or possibly have unspecified other...

9.3CVSS7.5AI score0.02121EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2016/02/24 12:0 a.m.5 views

The vulnerability of the Flash Player and Adobe Integrated Runtime software allows attackers to bypass the ASLR protection mechanism.

The vulnerability of the Flash Player and Adobe Integrated Runtime programming platforms is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to bypass the ASLR protection mechanism by using JIT data...

4.3CVSS7.7AI score0.04978EPSS
Exploits0References3Affected Software2
seebug.org
seebug.org
added 2016/02/17 12:0 a.m.250 views

glibc getaddrinfo 栈缓冲区溢出漏洞(CVE-2015-7547)

漏洞概要 Glibc是GNU发布的LIBC库的C运行库,Glibc是Linux系统中最底层的API,基本其它任何运行库都会依赖于Glibc。Glibc除了封装Linux操作系统所提供的系统服务外,还提供了其它的必要服务的实现。由于 Glibc 几乎包含所有的 UNIX 通行的标准,可以说是操作系统重要支撑库。 Glibc中的 DNS...

6.8CVSS8.3AI score0.89557EPSS
Exploits17
CNVD
CNVD
added 2016/02/11 12:0 a.m.2 views

Microsoft Edge Security Mechanism Bypass Vulnerability

Microsoft Edge is a web browser developed by Microsoft USA and is the default browser that comes with the Windows 10 operating system. A security mechanism bypass vulnerability exists in Microsoft Edge mishandles exceptions during window-message dispatch operations, allowing remote attackers to...

4.3CVSS6.6AI score0.15383EPSS
Exploits0References1
Amazon
Amazon
added 2016/02/09 12:0 a.m.61 views

Important: java-1.8.0-openjdk

Issue Overview: An out-of-bounds write flaw was found in the JPEG image format decoder in the AWT component in OpenJDK. A specially crafted JPEG image could cause a Java application to crash or, possibly execute arbitrary code. An untrusted Java application or applet could use this flaw to bypass...

10CVSS8.3AI score0.14714EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2016/02/08 12:0 a.m.4 views

The vulnerability of the McAfee VirusScan Enterprise anti-virus software allows a hacker to bypass both DEP and ASLR protection mechanisms.

The vulnerability of the McAfee VirusScan Enterprise antivirus software is related to the allocation of memory with read, write, and execute permissions at certain addresses on a 32-bit platform, during the protection of external applications. Exploiting this vulnerability could allow an attacker...

2.6CVSS5.6AI score0.00416EPSS
Exploits0References4
CNVD
CNVD
added 2016/01/15 12:0 a.m.3 views

Microsoft Windows Security Mechanism Bypass Vulnerability (CNVD-2016-00252)

Microsoft Windows is a popular operating system. A security bypass vulnerability exists in Microsoft Windows Graphics Device Interface GDI32.dll, which can be exploited by remote attackers to bypass the ASLR protection mechanism and perform unauthorized operations...

4.3CVSS6.8AI score0.13841EPSS
Exploits0References1
OSV
OSV
added 2016/01/13 5:59 a.m.4 views

CVE-2016-0012

Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Office 2013 SP1, Excel 2013 SP1, PowerPoint 2013 SP1, Visio 2013 SP1, Word 2013 SP1, Excel 2013 RT SP1, PowerPoint 20...

4.3CVSS5.8AI score0.11195EPSS
Exploits0References2
OSV
OSV
added 2016/01/13 5:59 a.m.4 views

CVE-2016-0008

The graphics device interface in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to bypass the ASLR protection mechanism via unspecified vectors, aka "Windo...

4.3CVSS6.1AI score0.13841EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2016/01/13 12:0 a.m.129 views

Microsoft Visual Basic ASLR Bypass Vulnerability (3124585)

This host is missing an important security update according to Microsoft Bulletin MS16-004. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

4.3CVSS5.2AI score0.11195EPSS
Exploits0References2
Kaspersky
Kaspersky
added 2016/01/12 12:0 a.m.54 views

KLA10738 Multiple vulnerabilities in Microsoft Office

Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to bypass security restrictions or execute arbitrary code. Below is a complete list of vulnerabilities 1. Improper memory objects handling can be exploited remotely via a...

9.3CVSS7.4AI score0.22688EPSS
Exploits0References30
CNVD
CNVD
added 2015/12/20 12:0 a.m.3 views

McAfee VirusScan Enterprise Buffer Overflow Protection Security Bypass Vulnerability

McAfee VirusScan Enterprise is a suite of antivirus software that provides a full range of security, scans memory for malicious code and optimizes updates for remote systems. A security vulnerability in the McAfee VirusScan Enterprise Buffer Overflow Protection BOP feature allocates memory with...

2.6CVSS7AI score0.00416EPSS
Exploits0References1
CNVD
CNVD
added 2015/12/11 12:0 a.m.2 views

Microsoft Silverlight Security Mechanism Bypass Vulnerability

Microsoft Silverlight is a cross-browser, cross-platform .NET implementation for building media experiences and interactive applications for the Web. A security mechanism bypass vulnerability exists in Microsoft Silverlight that allows remote attackers to pass through the ASLR protection mechanis...

4.3CVSS6.8AI score0.16634EPSS
Exploits0References1
CNVD
CNVD
added 2015/12/10 12:0 a.m.3 views

Microsoft Browser ASLR Bypass Vulnerability

Microsoft Internet Explorer and Microsoft Edge are both web browsers developed by the American company Microsoft. The former is the default browser that comes with operating systems before Windows 10. The latter is the default browser that comes with the latest operating system, Windows 10. A...

4.3CVSS6.8AI score0.19747EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2015/12/08 12:0 a.m.3 views

PT-2015-3014

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer versions 7 through 11 Microsoft Edge Description A security feature bypass exists when Microsoft Edge and Internet Explorer fail to use the Address Space Layout Randomization ASLR security feature, allowing an...

4.3CVSS7.7AI score0.19747EPSS
Exploits0References11
BDU FSTEC
BDU FSTEC
added 2015/11/26 12:0 a.m.5 views

The vulnerabilities in browsers Internet Explorer and Microsoft Edge allow attackers to bypass the ASLR protection mechanism.

The vulnerability of Internet Explorer and Microsoft Edge is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to bypass the ASLR protection mechanism by using a specially created website...

4.3CVSS5.4AI score0.31029EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/11/26 12:0 a.m.4 views

The vulnerability of the Windows operating system, which allows a hacker to bypass the KASLR security mechanism

The vulnerability of the Windows operating system’s kernel is related to the lack of protection for service data. Exploiting this vulnerability allows a local attacker to bypass the KASLR protection mechanism through a specially crafted application...

2.1CVSS5.4AI score0.041EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2015/11/25 9:15 p.m.2 views

ICU: missing boundary checks in layout engine (OpenJDK 2D, 8132042)

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D...

10CVSS7.2AI score0.07514EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2015/11/23 12:56 p.m.6 views

ICU: missing boundary checks in layout engine (OpenJDK 2D, 8132042)

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D...

10CVSS7.2AI score0.07514EPSS
Exploits0References5
Rows per page
Query Builder