UBUNTU-CVE-2017-8807

vbfstperror in bin/varnishd/cache/cachefetch.c in Varnish HTTP Cache 4.1.x before 4.1.9 and 5.x before 5.2.1 allows remote attackers to obtain sensitive information from process memory because a VFPGetStorage buffer is larger than intended in certain circumstances involving -sfile Stevedore...

CVE-2017-8807

vbfstperror in bin/varnishd/cache/cachefetch.c in Varnish HTTP Cache 4.1.x before 4.1.9 and 5.x before 5.2.1 allows remote attackers to obtain sensitive information from process memory because a VFPGetStorage buffer is larger than intended in certain circumstances involving -sfile Stevedore...

CVE-2017-8807

vbfstperror in bin/varnishd/cache/cachefetch.c in Varnish HTTP Cache 4.1.x before 4.1.9 and 5.x before 5.2.1 allows remote attackers to obtain sensitive information from process memory because a VFPGetStorage buffer is larger than intended in certain circumstances involving -sfile Stevedore...

Unsafe objects can be loaded from Redis

Redis-store =v1.3.0 allows unsafe objects to be loaded from Redis via the use of the Marshal serializer...

UBUNTU-CVE-2014-4000

Cacti before 1.0.0 allows remote authenticated users to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object, related to calling unserializestripslashes...

Information disclosure

The Windows kernel component on Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows Server, version 1709, allows an information disclosure vulnerability when it...

Information disclosure

Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to run a specially crafted application and obtain information to further compromise the user's...

CVE-2017-11851

The Windows kernel component on Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows Server, version 1709, allows an information disclosure vulnerability when it...

CVE-2017-11788

Windows Search in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows server, version 1709 allows an unauthenticated attacker to remotely send specially crafted messages...

CVE-2017-11845

Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how Microsoft Edge handles objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability"...

CVE-2017-11847

Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows Server, version 1709 allows an attacker to run arbitrary code in kernel mode, install programs, view,...

CVE-2017-7831

A vulnerability where the security wrapper does not deny access to some exposed properties using the deprecated "exposedProps" mechanism on proxy objects. These properties should be explicitly unavailable to proxy objects. This vulnerability affects Firefox 57...

SAP Business Objects Platform Enterprise Denial of Service Vulnerability

SAP Business Objects Platform Enterprise is the enterprise version of a suite of business intelligence software and enterprise performance management platform from SAP, Germany. The program provides reporting, performance management and data base and other functions. A denial of service...

Microsoft Office Compatibility Pack Service Pack 3 Multiple Vulnerabilities (KB4011265)

This host is missing an important security update according to Microsoft KB4011265 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

Microsoft Windows Multiple Vulnerabilities (KB4048955)

This host is missing a critical security update according to Microsoft KB4048955 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

UBUNTU-CVE-2017-7831

A vulnerability where the security wrapper does not deny access to some exposed properties using the deprecated "exposedProps" mechanism on proxy objects. These properties should be explicitly unavailable to proxy objects. This vulnerability affects Firefox 57...

Windows GDI Information Disclosure Vulnerability

A Win32k information disclosure vulnerability exists when the Windows GDI component improperly discloses kernel memory addresses. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker...

Windows Kernel Information Disclosure Vulnerability

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information t...

Scripting Engine Information Disclosure Vulnerability

An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Internet Explorer. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. In a web-based attack scenario, an...

Windows GDI Information Disclosure Vulnerability

A Win32k information disclosure vulnerability exists when the Windows GDI component improperly discloses kernel memory addresses. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker...