Lucene search
+L

866 matches found

checkpoint_advisories
checkpoint_advisories
added 2017/04/23 12:0 a.m.4 views

Adobe Acrobat and Reader Memory Corruption (APSB17-11: CVE-2017-3038)

A memory corruption vulnerability exists in Adobe Acrobat Reader. The vulnerability is due to improper parsing of True Type font TTF format stream data resulting in out of bounds memory access. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted...

9.3CVSS8.5AI score0.03983EPSS
Exploits0
cnvd
cnvd
added 2017/02/15 12:0 a.m.5 views

Linux kernel security bypass vulnerability (CNVD-2017-01860)

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A security vulnerability exists in the time subsystem of Linux kernel 4.9.9 and earlier versions. A local attacker can exploit this vulnerability by reading the /proc/timerlis...

4CVSS8AI score0.00334EPSS
Exploits0References1
hackapp
hackapp
added 2017/01/12 1:37 p.m.13 views

Acronis True Image: Backup App - Customized SSL, Dangerous filesystem permissions vulnerabilities

HackApp vulnerability scanner discovered that application Acronis True Image: Backup App published at the 'play' market has multiple vulnerabilities...

0.3AI score
Exploits0References1Affected Software1
osv
osv
added 2016/12/29 9:59 a.m.5 views

CVE-2016-7083

VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary code on the host OS or cause a denial of service host OS memory corruption via TrueType fonts embedd...

7.8CVSS6.1AI score0.01496EPSS
Exploits1References4
hackapp
hackapp
added 2016/12/20 8:11 a.m.16 views

True Free Balance - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application True Free Balance published at the 'play' market has multiple vulnerabilities...

0.8AI score
Exploits0References1Affected Software1
redhat
redhat
added 2016/11/15 11:40 a.m.5 views

gd: Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow

An integer overflow flaw, leading to a heap-based buffer overflow was found in the gdImagePaletteToTrueColor function of PHP's gd extension. A remote attacker could use this flaw to crash a PHP application or execute arbitrary code with the privileges of the user running that PHP application usin...

8.8CVSS7.8AI score0.0666EPSS
Exploits0References4
osv
osv
added 2016/11/14 12:0 a.m.16 views

DLA-706-1 python-django - security update

Bulletin has no description...

8.1CVSS8.8AI score0.06074EPSS
Exploits0
mageia
mageia
added 2016/11/06 10:34 a.m.45 views

Updated python-django packages fix security vulnerabilities

User with hardcoded password created when running tests on Oracle When running tests with an Oracle database, Django creates a temporary database user. In older versions, if a password isn't manually specified in the database settings TEST dictionary, a hardcoded password is used. This could allo...

9.8CVSS3.2AI score0.06074EPSS
Exploits0References3
exploitpack
exploitpack
added 2016/10/21 12:0 a.m.17 views

Linux Kernel 2.6.22 3.9 (x86x64) - Dirty COW procselfmem Race Condition Privilege Escalation (SUID Method)

Linux Kernel 2.6.22 3.9 x86x64 - Dirty COW procselfmem Race Condition Privilege Escalation SUID Method / EDB-Note: After getting a shell, doing "echo 0 /proc/sys/vm/dirtywritebackcentisecs" may make the system more stable. uncomment correct payload first x86 or x64! $ gcc cowroot.c -o cowroot...

0.7AI score
Exploits0
nvd
nvd
added 2016/10/14 2:59 a.m.12 views

CVE-2016-7182

The Graphics component in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010...

10CVSS9.5AI score0.30323EPSS
Exploits0References3
osv
osv
added 2016/10/14 2:59 a.m.2 views

CVE-2016-7182

The Graphics component in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010...

9.8CVSS6AI score0.30323EPSS
Exploits0References3
osv
osv
added 2016/10/14 2:59 a.m.2 views

CVE-2016-3209

Graphics Device Interface aka GDI or GDI+ in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for Business 2016; Lync...

5.5CVSS5.8AI score0.53653EPSS
Exploits0References3
prion
prion
added 2016/10/14 2:59 a.m.15 views

Privilege escalation

The Graphics component in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010...

10CVSS7.8AI score0.30323EPSS
Exploits0References3Affected Software9
cve
cve
added 2016/10/14 1:0 a.m.222 views

CVE-2016-7182

CVE-2016-7182 is a true‑type font parsing elevation of privilege vulnerability in the Windows Graphics component. The flaw affects multiple Windows OS versions (Vista SP2, Server 2008 SP2/R2 SP1, Windows 7/8.1/10, Windows Server 2012 R2, Windows RT 8.1, Office 2007/2010, Word Viewer, Skype for Bu...

10CVSS8.7AI score0.30323EPSS
Exploits0References3Affected Software12
cvelist
cvelist
added 2016/10/14 1:0 a.m.28 views

CVE-2016-3209

Graphics Device Interface aka GDI or GDI+ in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for Business 2016; Lync...

6.2AI score0.53653EPSS
Exploits0References3
cvelist
cvelist
added 2016/10/14 1:0 a.m.35 views

CVE-2016-7182

The Graphics component in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010...

8.7AI score0.30323EPSS
Exploits0References3
openvas
openvas
added 2016/10/12 12:0 a.m.53 views

Microsoft Office Multiple Remote Code Execution Vulnerabilities (3192884)

This host is missing a critical security update according to Microsoft Bulletin MS16-120. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

10CVSS6.4AI score0.53653EPSS
Exploits0References8
openvas
openvas
added 2016/10/12 12:0 a.m.42 views

Microsoft Silverlight Information Disclosure Vulnerability (3192884) - Mac OS X

This host is missing a critical security update according to Microsoft Bulletin MS16-120. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5.5CVSS7AI score0.53653EPSS
Exploits0References3
openvas
openvas
added 2016/10/12 12:0 a.m.52 views

Microsoft Office Word Viewer Remote Code Execution Vulnerabilities (3192884)

This host is missing a critical security update according to Microsoft Bulletin MS16-120. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

10CVSS6.4AI score0.53653EPSS
Exploits0References7
openvas
openvas
added 2016/10/12 12:0 a.m.82 views

Microsoft Silverlight Information Disclosure Vulnerability (3192884)

This host is missing a critical security update according to Microsoft Bulletin MS16-120. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5.5CVSS7AI score0.53653EPSS
Exploits0References3
Rows per page
Query Builder