7670 matches found
The vulnerability of the Flash Player software, which allows a perpetrator to execute arbitrary code
The vulnerability of the NetConnection class in the Flash Player software platform is related to the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by accessing the associated script objects...
Microsoft Windows 8.1 (x64) RGNOBJ Integer Overflow
include include include include include include include HANDLE hWorker, hManager; BYTE bits; //dt nt!EPROCESS UniqueProcessID ActiveProcessLinks Token typedef struct DWORD UniqueProcessIdOffset; DWORD TokenOffset; VersionSpecificConfig; VersionSpecificConfig gConfig = 0x2e0, 0x348 ; //win 8.1 voi...
Microsoft Windows ADO Recordset GetRows Use-After-Free Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Microsoft Windows ADO Recordset Update Use-After-Free Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Mozilla Firefox < 50.1 Multiple Vulnerabilities
Binary data 9851.prm...
Microsoft Windows 8.1 (x64) - RGNOBJ Integer Overflow (MS16-098)
Microsoft Windows 8.1 x64 - RGNOBJ Integer Overflow MS16-098 // Source: https://github.com/sensepost/ms16-098/tree/b85b8dfdd20a50fc7bc6c40337b8de99d6c4db80 // Binary: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/41020.exe include include include include inclu...
[SECURITY] Fedora 24 Update: tracker-1.8.2-1.fc24
Tracker is a powerful desktop-neutral first class object database, tag/metadata database, search tool and indexer. It consists of a common object database that allows entities to have an almost infinite number of properties, metadata both embedded/harvested as well as user definable, a...
Fuzzer for Individual Method Parameters: RamFuzz
Fuzzer for Individual Method Parameters RamFuzz is a fuzzer for individual method parameters in unit tests. A unit test can use RamFuzz to generate random parameter values for methods under test. The values are logged, and the log can be replayed to repeat the exact same test scenario. But RamFuz...
The vulnerability of the Flash Player software, which allows a violator to execute arbitrary code
The vulnerability of the NetConnection class in the Flash Player software platform is related to the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by accessing the associated script objects...
Microsoft Internet Explorer 9 - IEFRAME CMarkupPointer::MoveToGap Use-After-Free
Microsoft Internet Explorer 9 - IEFRAME CMarkupPointer::MoveToGap Use-After-Free !-- Source: http://blog.skylined.nl/20161215001.html Synopsis A specially crafted web-page can trigger a use-after-free vulnerability in Microsoft Internet Explorer 9. The use appears to happen only once almost...
JFrog Artifactory Arbitrary Code Execution Vulnerability
JFrog Artifactory is an open source, general-purpose Artifact repository manager from Israel's JFrog that supports clustering and high-availability Docker registries and provides an end-to-end automation solution for tracking artifacts from development to production. A security vulnerability exis...
CVE-2016-7872
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class related to objects at multiple presentation levels. Successful exploitation could lead to arbitrary code execution...
WordPress Plugin Google Analytics Counter Tracker PHP Object Injection Vulnerability
WordPress is the WordPress Software Foundation of a set of blogging platform developed using the PHP language , the platform supports PHP and MySQL server set up a personal blog site . WordPress plugin Google Analytics Counter Tracker has a PHP object injection vulnerability, the vulnerability...
Windows Graphics Component Remote Code Execution Vulnerability
A remote code execution vulnerability exists due to the way the Windows Graphics Component handles objects in memory. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or creat...
Windows Common Log File System Driver Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when the Windows Common Log File System CLFS driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. To exploit the vulnerability, an attacker would first have...
Win32k Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or...
SAP Business Objects DS Open redirect
Application: SAP BO DS Versions Affected: SAP BO DS 4.2 Vendor URL: SAP Bug: Open Redirect Reported: 13.12.2016 Vendor response: 14.12.2016 Date of Public Advisory: 13.06.2017 Reference: SAP Security Note 2472026 Authors: Nursultan Abubakirov ERPScan VULNERABILITY INFORMATION Class: CWE-601 Impac...
Adobe Flash Player Worker Out-Of-Bounds Read Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Work...
Microsoft Windows CLFS Driver Information Disclosure (MS16-153: CVE-2016-7295)
An elevation of privilege vulnerability exists in the Windows Common Log File System CLFS driver of Microsoft Windows. The vulnerability is due to the way Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run processes in an elevated...
Adobe Flash PSDK Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of PSDK...