7668 matches found
CVE-2015-7078
Use-after-free vulnerability in Hypervisor in Apple OS X before 10.11.2 allows local users to gain privileges via vectors involving VM objects...
Design/Logic Flaw
Use-after-free vulnerability in Hypervisor in Apple OS X before 10.11.2 allows local users to gain privileges via vectors involving VM objects...
CVE-2015-7078
CVE-2015-7078 is a use-after-free vulnerability in the Apple OS X Hypervisor before 10.11.2. The issue stems from a use-after-free in the hypervisor driver when handling VM objects, enabling a local attacker to gain kernel/privilege level access. Affected product: OS X (pre-10.11.2) . Impact per ...
CVE-2015-7078
Use-after-free vulnerability in Hypervisor in Apple OS X before 10.11.2 allows local users to gain privileges via vectors involving VM objects...
Foxit PhantomPDF App Memory Misreference Vulnerability
Foxit PhantomPDF is a practical PDF solution. Foxit PhantomPDF has a memory misreference vulnerability in the handling of App objects, and constructed PDF documents can be forced to have released the hanging pointer to be re-utilized. An attacker exploiting this vulnerability could execute...
JBoss Java Object Deserialization RCE
The remote JBoss server is affected by multiple remote code execution vulnerabilities : - A flaw exists due to the JMXInvokerHAServlet and EJBInvokerHAServlet invoker servlets not properly restricting access to profiles. A remote attacker can exploit this issue to bypass authentication and invoke...
Microsoft Windows Media Center Library - Parsing Remote Code Execution aka 'self-executing' MCL File
Title: Microsoft Windows Media Center Library Parsing RCE Vuln aka "self-executing" MCL file CVE-2015-6131 Software Vendor: Microsoft Software version : MS Windows Media Center latest version on any Windows OS. Software Vendor Homepage: http://www.microsoft.com CVE: CVE-2015-6131 Exploit Author:...
Microsoft Windows Media Center Library - Parsing Remote Code Execution aka self-executing MCL File
Microsoft Windows Media Center Library - Parsing Remote Code Execution aka self-executing MCL File Title: Microsoft Windows Media Center Library Parsing RCE Vuln aka "self-executing" MCL file CVE-2015-6131 Software Vendor: Microsoft Software version : MS Windows Media Center latest version on any...
Microsoft Windows Media Center Library Parsing RCE Vulnerability aka "self-executing" MC
Exploit for windows platform in category remote exploits Title: Microsoft Windows Media Center Library Parsing RCE Vuln aka "self-executing" MCL file CVE-2015-6131 Software Vendor: Microsoft Software version : MS Windows Media Center latest version on any Windows OS. Software Vendor Homepage:...
Microsoft Internet Explorer Scripting Engine Information Disclosure (MS15-124: CVE-2015-6135)
An information disclosure vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way VBScript engine manipulates BSTR objects. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page...
Microsoft Windows JScript External Object Type Confusion Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code in applications using the JScript scripting language on vulnerable installations of Microsoft Windows. Microsoft Internet Explorer is an affected application. User interaction is required to exploit this vulnerability in that th...
Microsoft Internet Explorer Memory Corruption (MS15-124: CVE-2015-6143)
A use after free vulnerability exists in Microsoft Internet Explorer. The vulnerability is due to an error in manipulating CAttrArray objects. Successful exploitation could cause memory corruption in a way that would allow attackers to execute code on the target...
groovy: remote execution of untrusted code in class MethodClosure
A flaw was discovered in the way applications using Groovy used the standard Java serialization mechanism. A remote attacker could use a specially crafted serialized object that would execute code directly when deserialized. All applications which rely on serialization and do not isolate the code...
Oracle Linux 7 : kernel (ELSA-2015-2152)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-2152 advisory. - kernel Initialize msg/shm IPC objects before doing ipcaddid Lennert Buytenhek 1271507 CVE-2015-7613 - fs vfs: Test for and handle paths that are...
DLA-352-1 libcommons-collections3-java - security update
Bulletin has no description...
Immunity Canvas: JENKINS_CLI_DESERIALIZATION
Name| jenkinsclideserialization ---|--- CVE| CVE-2015-8103 Exploit Pack| CANVAS Description| jenkinsclideserialization Notes| CVE Name: CVE-2015-8103 VENDOR: Jenkins NOTES: IMPORTANT NOTE: Any instance of this application running Apache Commons Collections version prior to 3.0 WILL NOT WORK...
kernel: Unauthorized access to IPC objects with SysV shm
A race condition flaw was found in the way the Linux kernel's IPC subsystem initialized certain fields in an IPC object structure that were later used for permission checking before inserting the object into a globally visible list. A local, unprivileged user could potentially use this flaw to...
Low: Red Hat Security Advisory: rest security update
Updated rest packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available from the CV...
Oracle WebLogic Server Remote Code Execution Vulnerability
Oracle WebLogic Server is an Oracle application server for cloud and legacy environments that provides a modern lightweight development platform that supports the entire lifecycle management of applications from development to production and simplifies application deployment and management.WLS...
Microsoft Office Memory Corruption Vulnerability (CNVD-2015-07511)
Microsoft Office is an office software suite of products developed by the U.S. company Microsoft Microsoft. Commonly used components are Word, Excel, Access, Powerpoint, FrontPage and so on. A remote code execution vulnerability exists in Microsoft Office. As the program fails to properly handle...