7676 matches found
Windows Graphics Component Remote Code Execution Vulnerability
A remote code execution vulnerability exists due to the way the Windows Graphics Component handles objects in memory. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or creat...
Win32k Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or...
SAP Business Objects DS Open redirect
Application: SAP BO DS Versions Affected: SAP BO DS 4.2 Vendor URL: SAP Bug: Open Redirect Reported: 13.12.2016 Vendor response: 14.12.2016 Date of Public Advisory: 13.06.2017 Reference: SAP Security Note 2472026 Authors: Nursultan Abubakirov ERPScan VULNERABILITY INFORMATION Class: CWE-601 Impac...
Adobe Flash Player Worker Out-Of-Bounds Read Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Work...
Microsoft Windows CLFS Driver Information Disclosure (MS16-153: CVE-2016-7295)
An elevation of privilege vulnerability exists in the Windows Common Log File System CLFS driver of Microsoft Windows. The vulnerability is due to the way Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run processes in an elevated...
Adobe Flash PSDK Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of PSDK...
elfutils: Heap-based buffer overflow
Background Elfutils provides a library and utilities to access, modify and analyse ELF objects. Description An integer overflow, in the checksection function of dwarfbeginelf.c, in the libdw library can lead to a heap-based buffer overflow. Impact A remote attacker could entice a user to open a...
Debian DLA-733-1 : openafs security update
It was discovered that there was an information leak vulnerability in openafs, a distributed filesystem. Due to incomplete initialization or clearing of reused memory, OpenAFS directory objects are likely to contain 'dead' directory entry information. For Debian 7 'Wheezy', this issue has been...
Simple App to-end security vulnerability of the backup function is enabled and a local denial of service vulnerability-vulnerability warning-the black bar safety net
The last description about the App end to sensitive information leaks, then the App end what security vulnerability is worth the developers food for thought and attention? When an App installed in A mobile phone, the user Joe Smith to login through the App, the login data is stored in the mobile...
CVE-2016-9372
In Wireshark 2.2.0 to 2.2.1, the Profinet I/O dissector could loop excessively, triggered by network traffic or a capture file. This was addressed in plugins/profinet/packet-pn-rtc-one.c by rejecting input with too many I/O objects...
UBUNTU-CVE-2016-9372
In Wireshark 2.2.0 to 2.2.1, the Profinet I/O dissector could loop excessively, triggered by network traffic or a capture file. This was addressed in plugins/profinet/packet-pn-rtc-one.c by rejecting input with too many I/O objects...
CVE-2016-9372
In Wireshark 2.2.0 to 2.2.1, the Profinet I/O dissector could loop excessively, triggered by network traffic or a capture file. This was addressed in plugins/profinet/packet-pn-rtc-one.c by rejecting input with too many I/O objects...
Win32k elevation of privilege vulnerability MS16-135)(CVE-2016-7255)
If the Windows kernel-mode drivers do not properly handle objects in memory, then there will be multiple elevation of Privilege vulnerabilities. Successful exploitation of this vulnerability an attacker can run in kernel mode arbitrary code. An attacker could then install programs; view, change, ...
Microsoft Office PowerPoint Viewer Remote Code Execution Vulnerability (3199168)
This host is missing an important security update according to Microsoft Bulletin MS16-133. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Microsoft Windows Local Elevation of Privilege Vulnerability (CNVD-2016-10978)
Microsoft Windows is the popular computer operating system. An elevation of privilege vulnerability exists in the implementation of the Windows Common Log File System CLFS driver that does not properly handle memory objects. Successful exploitation could allow an attacker to run processes with...
Microsoft Windows Local Elevation of Privilege Vulnerability (CNVD-2016-10980)
Microsoft Windows is the popular computer operating system. An elevation of privilege vulnerability exists in the implementation of the Windows Common Log File System CLFS driver that does not properly handle memory objects. Successful exploitation could allow an attacker to run processes with...
Microsoft Windows Local Elevation of Privilege Vulnerability (CNVD-2016-10977)
Microsoft Windows is the popular computer operating system. An elevation of privilege vulnerability exists in the implementation of the Windows Common Log File System CLFS driver that does not properly handle memory objects. Successful exploitation could allow an attacker to run processes with...
Microsoft Windows Local Elevation of Privilege Vulnerability (CNVD-2016-11013)
Microsoft Windows is a series of operating systems released by the American company Microsoft. An elevation of privilege vulnerability exists in the Windows Common Log File System CLFS driver that does not properly handle memory objects. An attacker could be allowed to exploit the vulnerability t...
Windows Bowser.sys Information Disclosure Vulnerability
An information disclosure vulnerability exists in Windows when the Windows bowser.sys kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could potentially disclose contents of System memory to which they should not have access. ...
Windows Common Log File System Driver Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when the Windows Common Log File System CLFS driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. To exploit the vulnerability, an attacker would first have...