Microsoft Windows win32k RGNOBJ Integer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within RGNOBJ objects...

Microsoft Windows Win32k Elevation of Privilege (MS16-098: CVE-2016-3309)

An elevation of privilege vulnerability exists in the Windows Kernel. The vulnerability is caused when the Windows kernel-mode driver fails to properly handle objects in memory. A remote attacker can exploit this vulnerability by running a specially crafted application...

KLA10856 Multiple vulnerabilities in Microsoft Windows

Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, gain privileges or obtain sensitive information. Below is a complete list of vulnerabilities 1. An improper embedded...

Design/Logic Flaw

Use-after-free vulnerability in the WebRTC socket thread in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code by leveraging incorrect free operations on DTLS objects during the shutdown of a WebRTC session...

CVE-2016-5258

CVE-2016-5258 is a use-after-free vulnerability in Firefox’s WebRTC DTLS handling, specifically a memory misreference in the WebRTC socket thread during shutdown of a WebRTC session. Public sources consistently describe it as allowing remote code execution due to incorrect free operations on DTLS...

PHP7 Unserialization Use After Free

A Use-After-Free vulnerability exists in the Standard PHP library's unserializion of array objects, due to an internal array self-reference. An attacker could exploit this vulnerability by supplying crafted input to a PHP application. Successful exploitation may result in remote execution of...

PT-2016-6790 · Perl +2 · Xloader +2

Name of the Vulnerable Software and Affected Versions: Perl affected versions not specified Description: The XSLoader::load method in XSLoader does not properly locate .so files when called in a string eval. This might allow local users to execute arbitrary code via a Trojan horse library under t...

ALPINE-CVE-2016-5129

Google V8 before 5.2.361.32, as used in Google Chrome before 52.0.2743.82, does not properly process left-trimmed objects, which allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via crafted JavaScript code...

UBUNTU-CVE-2016-5129

Google V8 before 5.2.361.32, as used in Google Chrome before 52.0.2743.82, does not properly process left-trimmed objects, which allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via crafted JavaScript code...

OWASP Mth3l3m3nt Framework - Penetration Testing Aiding Tool And Exploitation Framework

OWASP Mth3l3m3nt Framework is a penetration testing aiding tool and exploitation framework. It fosters a principle of attack the web using the web as well as pentest on the go through its responsive interface. Modules Packed in so far are: Payload Store Shell Generator PHP/ASP/JSP/JSPX/CFM Payloa...

Oracle Java Uninitialized Object Generation Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way the runtime...

Harvest: Stored XSS on invoice, executing on any subdomain

Summary ----------- There is a stored XSS vulnerability, which can execute on any subdomain as the vulnerability lies in an invoice. You are filtering HTML and js, but you neglect to filter out Flash objects, which can execute javascript. Steps to reproduce ------------- 1. Create an invoice and...

Multiple PHP object injection vulnerabilities in SugarCRM

SugarCRM is an open source Customer Relationship Management CRM system from SugarCRM USA. The system supports differentiated marketing, management and distribution of sales leads for different customer needs, and enables information sharing and tracking of sales representatives. Multiple PHP obje...

Debian DLA-552-1 : binutils security update

Some minor security issues have been identified and fixed in binutils in Debian LTS. These are : CVE-2016-2226 Exploitable buffer overflow. CVE-2016-4487 Invalid write due to a use-after-free to array btypevec. CVE-2016-4488 Invalid write due to a use-after-free to array ktypevec. CVE-2016-4489...

The vulnerability of the SolarWinds Virtualization Manager software allows a hacker to execute arbitrary commands.

The vulnerability of the RMI component of the SolarWinds Virtualization Manager relates to the restoration of unreliable data in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely, using a specially crafted serialized Java object...

DLA-552-1 binutils - security update

Bulletin has no description...

[SECURITY] Fedora 23 Update: python3-3.4.3-11.fc23

Python 3 is a new version of the language that is incompatible with the 2.x line of releases. The language is mostly the same, but many details, especi ally how built-in objects like dictionaries and strings work, have changed considerably, and a lot of deprecated features have finally been remov...

Microsoft Office Compatibility Pack Multiple RCE Vulnerabilities (3170008)

This host is missing an important security update according to Microsoft Bulletin MS16-088. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

SolarWinds Virtualization Manager Java Object Deserialization RCE

The remote SolarWinds Virtualization Manager server is affected by a remote code execution vulnerability due to unsafe deserialize calls of unauthenticated Java objects to the Apache Commons Collections ACC library. An unauthenticated, remote attacker can exploit this, by sending a specially...

MSRT July 2016 – Cerber ransomware

As part of our ongoing effort to provide better malware protection, the July 2016 release of the Microsoft Malicious Software Removal Tool MSRT includes detection for Win32/Cerber, a prevalent ransomware family. The inclusion in MSRT complements our Cerber-specific family detections in Windows...