Moxa SoftCMS IPCam.IPCam_Video_Render_Plugin.1 IVLCControl setStreamRecordData Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Moxa SoftCMS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

check-mk: multiple flaws fixed in versions 1.2.4p4 and 1.2.5i4

Multiple cross-site scripting XSS vulnerabilities in the multisite component in CheckMK before 1.2.4p4 and 1.2.5 before 1.2.5i4 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors to the 1 renderstatusicons function in htmllib.py or 2 ajaxaction functio...

Adobe Reader RenderEventHandler Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

Drupal Render Cache System Information Disclosure Vulnerability

Drupal is an open source content management framework CMF written in the PHP language, which consists of a content management system CMS and PHP development framework Framework together. An information disclosure full vulnerability exists in the Render caching system in versions 7.x prior to Drup...

CVE-2015-3231

The Render cache system in Drupal 7.x before 7.38, when used to cache content by user role, allows remote authenticated users to obtain private content viewed by user 1 by reading the cache...

CVE-2015-3231

The Render cache system in Drupal 7.x before 7.38, when used to cache content by user role, allows remote authenticated users to obtain private content viewed by user 1 by reading the cache...

Default configuration

The Render cache system in Drupal 7.x before 7.38, when used to cache content by user role, allows remote authenticated users to obtain private content viewed by user 1 by reading the cache...

UBUNTU-CVE-2015-3231

The Render cache system in Drupal 7.x before 7.38, when used to cache content by user role, allows remote authenticated users to obtain private content viewed by user 1 by reading the cache...

CVE-2015-3231

Removed by vendor...

CVE-2015-3231

The Render cache system in Drupal 7.x before 7.38, when used to cache content by user role, allows remote authenticated users to obtain private content viewed by user 1 by reading the cache...

FreeBSD : drupal -- multiple vulnerabilities (d605edb1-1616-11e5-a000-d050996490d0)

Drupal development team reports : Impersonation OpenID module - Drupal 6 and 7 - Critical A vulnerability was found in the OpenID module that allows a malicious user to log in as other users on the site, including administrators, and hijack their accounts. This vulnerability is mitigated by the...

Drupal Core - Critical - Multiple Vulnerabilities - SA-CORE-2015-002

Impersonation OpenID module - Drupal 6 and 7 - Critical A vulnerability was found in the OpenID module that allows a malicious user to log in as other users on the site, including administrators, and hijack their accounts. This vulnerability is mitigated by the fact that the victim must have an...

USN-2582-1: Oxide vulnerabilities

A use-after-free was discovered in the DOM implementation in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed render...

EMC NetWorke 'nsr_render_log' Buffer Overflow Vulnerability

EMC NetWorker is a suite of unified backup and recovery software from EMC. The software provides backup and recovery, deduplication elimination, backup reporting, and more. A buffer overflow vulnerability exists in the nsrrenderlog command line interface tool of EMC NetWorker. The program uses...

CVE-2015-1237

Removed by vendor...

UBUNTU-CVE-2015-1237

Use-after-free vulnerability in the RenderFrameImpl::OnMessageReceived function in content/renderer/renderframeimpl.cc in Google Chrome before 42.0.2311.90 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger renderer IPC messages...

Google Chrome < 41.0.2272.76 Multiple Vulnerabilities

Binary data 8684.pasl...

Ubuntu 14.04 LTS : Oxide vulnerabilities (USN-2495-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2495-1 advisory. A use-after-free bug was discovered in the DOM implementation in Blink. If a user were tricked in to opening a specially crafted website, an attacker cou...

Ruby on Rails: Explicit, dynamic render path: Dir. Trav + RCE

Possible Information Leak Vulnerability in Action View There is a possible directory traversal and information leak vulnerability in Action View. This vulnerability has been assigned the CVE identifier CVE-2016-0752. Versions Affected: All. Not affected: None. Fixed Versions: 5.0.0.beta1.1,...

chromium-browser: out-of-bounds read in Fonts

The RenderTable::simplifiedNormalFlowLayout function in core/rendering/RenderTable.cpp in Blink, as used in Google Chrome before 40.0.2214.91, skips captions during table layout in certain situations, which allows remote attackers to cause a denial of service out-of-bounds read via unspecified...