The vulnerability of the Internet Explorer browser, which allows a malicious individual to execute arbitrary code or trigger a service failure.

The Internet Explorer browser contains a vulnerability related to the use of memory after its release use-after-free error when processing C Markup objects. This vulnerability allows attackers to execute arbitrary code or cause a service failure through a specially created website...

The vulnerability of the SeaMonkey software package allows a malicious attacker to trigger a service failure or execute arbitrary code.

The SeaMonkey software contains a vulnerability in the nsXBLProtoImpl::InstallImplementation function. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or trigger a service failure using JavaScript, which processes XBL objects in the same way as XBL...

The vulnerability of the Thunderbird email client allows a remote attacker to trigger a service failure or execute arbitrary code.

Mozilla Thunderbird’s software contains a vulnerability in the function nsXBLProtoImpl::InstallImplementation. Exploiting this vulnerability allows an attacker to execute arbitrary code or trigger a service failure using JavaScript, which processes XBL objects in the same manner as XBL itself...

The vulnerability of the Internet Explorer browser, which allows a malicious actor to execute arbitrary code

The Internet Explorer browser contains a vulnerability related to the processing of VBScript objects stored in memory. Exploiting this vulnerability allows a malicious individual to execute arbitrary code in the context of the current user. If a user with administrative privileges accesses the...

The vulnerability of the Internet Explorer browser, which allows a malicious individual to execute arbitrary code or trigger a service failure.

The Internet Explorer browser contains a vulnerability related to the use of memory after its release use-after-free error when processing C Markup objects. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely or cause a service failure...

The vulnerability of the Internet Explorer browser, which allows a malicious actor to execute arbitrary code

Internet Explorer browser contains a vulnerability related to array indexing, which arises due to insufficient validation of data entered by users when working with CSS objects. Exploiting this vulnerability allows malicious actors to execute arbitrary code through a specially created website...

Stack overflow

Multiple stack-based buffer overflows in COM objects in Micro Focus Rumba 9.4.x before 9.4 HF 13960 allow remote attackers to execute arbitrary code via 1 the NetworkName property value to ObjectXSNAConfig.ObjectXSNAConfig in iconfig.dll, 2 the CPName property value to...

CVE-2016-1606

The CVE-2016-1606 entry concerns Micro Focus Rumba/Rumba+ 9.4.x prior to 9.4 HF 13960, where multiple stack-based buffer overflows in COM objects allow remote code execution. Affected components include iconfig.dll (NetworkName, CPName), ProfEdit.dll (PrinterName, LUName), FtxBIFF.dll (WriteRecor...

Ruby 'Fiddle::Function.new' function heap buffer overflow vulnerability

Ruby is a cross-platform, object-oriented, dynamically typed programming language developed by Japanese software developer Yukihiro Matsumoto. A heap buffer overflow vulnerability exists in the 'Fiddle::Function.new' function in Ruby versions 2.3.0 dev and 2.2.2. The vulnerability can be exploite...

The vulnerability in the browser kernel V8, which allows a hacker to trigger a service failure or cause other effects

The vulnerability of the objects.cc component in the V8 browser kernel arises due to incorrect restrictions on optimization. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures or other effects by using specially crafted JavaScript code...

Microsoft Office Remote Code Execution Vulnerability (3163610) - Mac OS X

This host is missing a critical security update according to Microsoft Bulletin MS16-070 SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Microsoft Edge Multiple Vulnerabilities (3163656)

This host is missing a critical security update according to Microsoft Bulletin MS16-068. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Win32k Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or...

HPE Discovery and Dependency Mapping Inventory Arbitrary Command Execution Vulnerability

HPE Discovery and Dependency Mapping Inventory DDMi is a Hewlett Packard Enterprise HPE solution for automating the discovery and logging of client device information to help IT departments manage and control costs and risks. Apache Commons Collections ACC is a U.S. Apache Apache Software...

HPE Universal CMDB Arbitrary Code Execution Vulnerability

HPE Universal CMDB is the Universal Management Configuration Database, UCMDB, of Hewlett Packard Enterprise HPE, USA. An arbitrary code execution vulnerability exists in HPE Universal CMDB versions 10.0 through 10.21, Universal CMDB Configuration Manager versions 10.0 through 10.21,Universal...

USN-2997-1: Linux kernel (OMAP4) vulnerabilities

Jann Horn discovered that eCryptfs improperly attempted to use the mmap handler of a lower filesystem that did not implement one, causing a recursive page fault to occur. A local unprivileged attacker could use to cause a denial of service system crash or possibly execute arbitrary code with...

The vulnerability of the PHP interpreter, which allows a hacker to trigger a service failure

The vulnerability of the function in the Zend/zendexceptions.c interpreter of PHP exists due to the lack of checks for certain Exception objects. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause a service failure such as reassigning a null pointer or...

CVE-2016-4369

HPE Discovery and Dependency Mapping Inventory DDMi 9.30, 9.31, 9.32, 9.32 update 1, 9.32 update 2, and 9.32 update 3 allows remote authenticated users to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library...

Adobe Acrobat Reader Use-After-Free (APSB16-14: CVE-2016-1061)

A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...

Red Hat JBoss Operations Network Java Object Deserialization RCE

The remote Red Hat JBoss Operations Network server is affected by a remote code execution vulnerability due to unsafe deserialize calls of unauthenticated Java objects to the Jython library. An unauthenticated, remote attacker can exploit this, by sending specially crafted Java objects to the HTT...