UBUNTU-CVE-2016-1678

objects.cc in Google V8 before 5.0.71.32, as used in Google Chrome before 51.0.2704.63, does not properly restrict lazy deoptimization, which allows remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact via crafted JavaScript code...

PowerFolder Server 10.4.321 - Remote Code Execution

Mogwai Security Advisory MSA-2016-01 ---------------------------------------------------------------------- Title: PowerFolder Remote Code Execution Vulnerability Product: PowerFolder Server Affected versions: 10.4.321 Linux/Windows Other version might be also affected Impact: high Remote: yes...

Apache TomEE 1.x < 1.7.4 / 7.x < 7.0.0-M3 Multiple RCE

Binary data 9323.prm...

HPE Release Control Apache Commons Collections Arbitrary Code Execution Vulnerability

HPE Release Control is a set of decision support solutions.Apache Commons Collections is a component in Commons Proper of the Apache Commons project that extends or adds to the Java collections framework. An unspecified security vulnerability in ACC for HPE Release Control allows remote attackers...

(Pwn2Own) Apple Safari ArrayStorage DFG Optimization Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

The vulnerability of the Android operating system, which allows a perpetrator to obtain confidential information

The vulnerability of the Android operating system’s media server is related to the improper initialization of certain data structures. Exploiting this vulnerability allows a malicious actor to obtain confidential information through a specially created application, which is associated with the...

Adobe ColdFusion Arbitrary Command Execution Vulnerability

Adobe ColdFusion is the United States of America Audobee Adobe a dynamic Web server products, which runs the CFML ColdFusion Markup Language is a programming language for Web applications. A command execution vulnerability exists in Adobe ColdFusion. A remote attacker can exploit this vulnerabili...

Adobe ColdFusion Multiple Vulnerabilities (APSB16-16) (credentialed check)

The version of Adobe ColdFusion running on the remote Windows host is missing a security hotfix. It is, therefore, affected by multiple vulnerabilities : - A cross-site scripting vulnerability exists due to improper validation of user-supplied input. An attacker can exploit this to execute...

Microsoft Chakra JavaScript Scripting Engine Memory Corruption Vulnerability (CNVD-2016-03020)

Microsoft Edge is a web browser developed by Microsoft and is the default browser that comes with the Windows 10 operating system.Chakra JScript engine is a JavaScript engine component used by IE and Edge web browser. A memory corruption vulnerability exists in the way the Microsoft Chakra...

Microsoft Windows win32k elevation of privilege vulnerability (CNVD-2016-03100)

Microsoft Windows is a series of operating systems released by Microsoft USA. win32k.sys is the kernel part of the Windows subsystem, a kernel-mode device driver, which contains a window manager, background control windows and screen output management. An elevation of privilege vulnerability exis...

Win32k Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or...

Win32k Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or...

Win32k Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or...

KLA10806 Multiple vulnerabilities in Microsoft Internet Explorer and Edge

Multiple serious vulnerabilities have been found in Microsoft Internet Explorer and Edge. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions or obtain sensitive information. Below is a complete list of vulnerabilities 1. An improper memory...

Adobe Acrobat Pro DC WillSave OCG Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...

Xerces DTDScanner Memory Misreference Vulnerability

Xerces is the United States Apache Apache Software Foundation of an open source XML document parsing project , but also an open source XML syntax parser , it is currently available in a variety of languages , including JAVA, C++, PERL, COM and so on. A memory misreference vulnerability exists in...

KLA10804 Code execution vulnerabilities in Microsoft Office

Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities 1. An improper memory objects handling can be exploited remotely via a specially designed content; 2. An...

HPE Network Node Manager Arbitrary Command Execution Vulnerability

HP Network Node Manager i-series NNMi software delivers powerful out-of-the-box features to help your network operations team efficiently manage networks of any size. An arbitrary command execution vulnerability exists in HPE Network Node Manager i NNMi versions 9.20, 9.23, 9.24, 9.25, 10.00,...

CVE-2016-2009

HPE Network Node Manager i NNMi 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections ACC library...

Samsung's SmartThings platform is explosive new vulnerabilities, can trigger the fire alarm-vulnerability warning-the black bar safety net

The researchers found that Samsung's SmartThings platform, there are multiple vulnerabilities for the attacker to invade a victim's home the door open. ! Security research team found in Samsung SmartThings platform in the presence of a plurality of security vulnerability for the network attacker ...