7682 matches found
D-Link DCS Series Cameras Insecure Crossdomain.xml
Exploit Title: Insecure CrossDomain.XML in D-Link DCS Series Cameras Date: 22/02/2017 Exploit Author: SlidingWindow , Twitter: @KapilKhot Vendor Homepage: http://us.dlink.com/product-category/home-solutions/view/network-cameras/ Version: Tested on DCS-933L with firmware version 1.03. Other...
The vulnerability of the Flash Player software, which allows a violator to execute arbitrary code
The vulnerability of the Flash Player software is related to the use of memory after it is freed when hiding screen objects. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
Microsoft Chakra Core Remote Code Execution Vulnerability
Chakra is a JavaScript engine developed by Microsoft for its web browsers. A security vulnerability in the way the JavaScript engine is rendered when handling in-memory objects in Microsoft Chakra Core could be exploited by remote attackers to construct malicious web pages that could be parsed by...
(Pwn2Own) Apple Safari WebGLRenderingContextBase drawElements Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...
CVE-2017-0223
A remote code execution vulnerability exists in Microsoft Chakra Core in the way JavaScript engines render when handling objects in memory. aka "Scripting Engine Memory Corruption Vulnerability". This vulnerability is unique from CVE-2017-0252...
Apple Safari RenderLayer Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...
CVE-2017-0242
An information disclosure vulnerability exists in the way some ActiveX objects are instantiated, aka "Microsoft ActiveX Information Disclosure Vulnerability."...
Microsoft Windows Kernel 'Win32k.sys' local elevation of privilege vulnerability (CNVD-2017-06619)
Microsoft Windows is the popular computer operating system. A local elevation of privilege vulnerability in the Windows Kernel's handling of memory objects exists in some versions of Windows, which when successfully exploited allows an attacker to run arbitrary code in kernel mode...
Microsoft Edge Remote Code Execution Vulnerability
Microsoft Edge is the web browser built into the Windows 10 version. A remote code execution vulnerability exists in the scripting engine presentation when Microsoft Edge handles in-memory objects, where an attacker could execute arbitrary code in the current user context...
Microsoft Windows Kernel Local Elevation of Privilege Vulnerability (CNVD-2017-06616)
Microsoft Windows is the popular computer operating system. A local elevation of privilege vulnerability in the Windows Kernel's handling of memory objects exists in some versions of Windows, which when successfully exploited, could allow an attacker to execute arbitrary code and denial of servic...
Microsoft DirectX Graphics Kernel Local Elevation of Privilege Vulnerability
Microsoft Windows is the popular computer operating system. A local elevation of privilege vulnerability exists in the implementation of Microsoft Windows when memory objects are not handled correctly, which could allow a local attacker to take control of the affected system via a constructed...
Microsoft Windows Kernel Local Information Disclosure Vulnerability (CNVD-2017-06610)
Microsoft Windows is the popular computer operating system. The Windows kernel does not properly handle memory objects and is implemented with a local information disclosure vulnerability that, when successfully exploited, allows an attacker to obtain sensitive information...
Microsoft Windows 'Tcpip.sys' Information Disclosure Vulnerability (KB4018885)
This host is missing an important security update according to Microsoft KB4018885. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescripti...
(Pwn2Own) Microsoft Chakra Array Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Chakra. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...
Microsoft ActiveX 'Msadcf.dll' Information Disclosure Vulnerability (KB4018927)
This host is missing an important security update according to Microsoft KB4018927. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescripti...
flash-plugin: multiple code execution issues fixed in APSB17-15
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when masking display objects. Successful exploitation could lead to arbitrary code execution...
CVE-2017-3071
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when masking display objects. Successful exploitation could lead to arbitrary code execution...
CVE-2017-3071
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when masking display objects. Successful exploitation could lead to arbitrary code execution...
UBUNTU-CVE-2017-3071
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when masking display objects. Successful exploitation could lead to arbitrary code execution...
CVE-2017-3071
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when masking display objects. Successful exploitation could lead to arbitrary code execution...