6682 matches found
Memory corruption
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the rendering engine. Successful exploitation could lead to arbitrary code execution...
CVE-2017-3010
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the rendering engine. Successful exploitation could lead to arbitrary code execution...
CVE-2017-3010
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the rendering engine. Successful exploitation could lead to arbitrary code execution...
[SECURITY] Fedora 25 Update: webkitgtk4-2.16.0-1.fc25
WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3...
[SECURITY] Fedora 24 Update: webkitgtk4-2.16.0-1.fc24
WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3...
Microsoft Outlook - HTML Email Denial of Service Exploit
Exploit for windows platform in category dos / poc Source: https://justhaifei1.blogspot.ca/2017/03/an-interesting-outlook-bug.html When you send this email to someone, when he/she just read the email, Outlook will crash. MSRC told me that they think it's a non-exploitable bug and it seems that th...
Microsoft Outlook - HTML Email Denial of Service
Microsoft Outlook - HTML Email Denial of Service Source: https://justhaifei1.blogspot.ca/2017/03/an-interesting-outlook-bug.html When you send this email to someone, when he/she just read the email, Outlook will crash. MSRC told me that they think it's a non-exploitable bug and it seems that they...
Rockstar Games: Profile bio at rockstar is accepting control characters
This report involved the injection of control characters, such as Null Byte 0x00, into the profile Bio field in order to cause unexpected, harmful behaviors. Our solution was to both block control characters from being saved on the backend when included in user-input, as well as to suppress the...
openSUSE Security Update : Chromium (openSUSE-2017-353)
Chromium was updated to 57.0.2987.98 to fix security issues and bugs. The following vulnerabilities were fixed bsc1028848 : - CVE-2017-5030: Memory corruption in V8 - CVE-2017-5031: Use after free in ANGLE - CVE-2017-5032: Out of bounds write in PDFium - CVE-2017-5029: Integer overflow in libxslt...
Microsoft Internet Explorer Elevation of Privilege Vulnerability (CVE-2017-0154)
Original link: a Broken Browser Original author: Manuel Caballero Translation: Holic know Chong Yu 404 security lab Today we know from Internet Explorer since the birth there has been function. This feature allows the Web Developer instance of the external object, and therefore be the attacker to...
Security update for Chromium (important)
Chromium was updated to 57.0.2987.98 to fix security issues and bugs. The following vulnerabilities were fixed bsc1028848: - CVE-2017-5030: Memory corruption in V8 - CVE-2017-5031: Use after free in ANGLE - CVE-2017-5032: Out of bounds write in PDFium - CVE-2017-5029: Integer overflow in libxslt ...
Security update for Chromium (important)
Chromium was updated to 57.0.2987.98 to fix security issues and bugs. The following vulnerabilities were fixed bsc1028848: - CVE-2017-5030: Memory corruption in V8 - CVE-2017-5031: Use after free in ANGLE - CVE-2017-5032: Out of bounds write in PDFium - CVE-2017-5029: Integer overflow in libxslt ...
OPENSUSE-SU-2017:0738-1 Security update for Chromium
Chromium was updated to 57.0.2987.98 to fix security issues and bugs. The following vulnerabilities were fixed bsc1028848: - CVE-2017-5030: Memory corruption in V8 - CVE-2017-5031: Use after free in ANGLE - CVE-2017-5032: Out of bounds write in PDFium - CVE-2017-5029: Integer overflow in libxslt ...
March 14, 2017—KB4013198 (OS Build 10586.839)
March 14, 2017—KB4013198 OS Build 10586.839 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed a known issue with KB3192441 that was rendering DFS-N mapped network drives inaccessib...
March 14, 2017—KB4013429 (OS Build 14393.953)
March 14, 2017—KB4013429 OS Build 14393.953 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed known issue called out in KB3213986. Users may experience delays while running 3D...
March 14, 2017—KB4012606 (OS Build 10240.17319)
March 14, 2017—KB4012606 OS Build 10240.17319 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed a known issue with KB3192440 that was rendering DFS-N mapped network drives...
Microsoft Edge Scripting Engine Memory Corruption (MS17-007: CVE-2017-0067)
A Memory Corruption Vulnerability exists in Microsoft Edge. The vulnerability is due to the way JavaScript engine renders when handling objects in memory. A remote unauthenticated attacker could exploit this vulnerability by enticing the target user to open a specially crafted file...
[SECURITY] Fedora 24 Update: freetype-2.6.3-3.fc24
The FreeType engine is a free and portable font rendering engine, developed to provide advanced font support for a variety of platforms and environments. FreeType is a library which can open and manages font files as well as efficiently load, hint and render individual glyphs. FreeType is not a...
[SECURITY] Fedora 25 Update: freetype-2.6.5-3.fc25
The FreeType engine is a free and portable font rendering engine, developed to provide advanced font support for a variety of platforms and environments. FreeType is a library which can open and manages font files as well as efficiently load, hint and render individual glyphs. FreeType is not a...
Cross-site Scripting (XSS)
epiceditor is vulnerable to cross-site scripting XSS attacks. The vulnerability is possible because it does not escape the input tags when rendering a page using marked.js...