13 matches found
EUVD-2016-6976
Malware in sbrugna...
webkitgtk: memory disclosure issue was addressed with improved memory handling
A flaw was found in webkitgtk. Improper input validation leads to a memory corruption vulnerability. This flaw allows an attacker with network access to pass specially crafted web content files, causing an application to halt, crash, or perform arbitrary code execution...
CVE-2021-30953
A flaw was found in webkitgtk. The vulnerability occurs due to improper bounds checking, which can lead to an out-of-bounds read vulnerability. An attacker with network access could pass specially crafted web content files causing an application to halt, crash, or may lead to arbitrary code...
Cross site request forgery (csrf)
Versions of Foreman as shipped with Red Hat Satellite 6 does not check for a correct CSRF token in the logout action. Therefore, an attacker can log out a user by having them view specially crafted content...
CVE-2019-1081
An information disclosure vulnerability exists when affected Microsoft browsers improperly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit the vulnerability, in a web-based attack...
Chakra Scripting Engine Memory Corruption Vulnerability
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge HTML-based. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who...
Chakra Scripting Engine Memory Corruption Vulnerability
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge HTML-based. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who...
Adobe Flash Player <= 26.0.0.137 Multiple Vulnerabilities (APSB17-23)
The version of Adobe Flash Player installed on the remote Windows host is equal or prior to version 26.0.0.137. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists due to an unspecified flaw. An unauthenticated, remote attacker can exploit thi...
Microsoft Edge Memory Corruption Vulnerability
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the...
MS17-009: Security update for Microsoft Windows PDF Library: March 14, 2017
Resolves a vulnerability in Windows that could allow remote code execution if a user views specially crafted PDF content online or opens a specially crafted PDF document.SummaryThis security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution ...
Windows PDF Remote Code Execution Vulnerability
A remote code execution vulnerability exists when Microsoft Windows PDF Library improperly handles objects in memory. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the...
MS15-123: Security update for Skype for Business and Lync to address information disclosure: November 10, 2015
Resolves a vulnerability in Skype for Business and Microsoft Lync. The vulnerability could allow information disclosure if an attacker invites a user to an instant message session and then sends that user a message that contains specially crafted JavaScript content.SummaryThis security update...
MS14-059: Vulnerability in ASP.NET MVC could allow security feature bypass: October 14, 2014
Describes a security update that resolves a vulnerability in ASP.NET MVC that could allow security feature bypass if an attacker convinces a user to click a specially crafted link or to go to a webpage that contains specially crafted content.View products that this article applies...