CVE-2016-5634

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to RBR...

CVE-2016-5630

Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB...

CVE-2016-5608

Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect availability via vectors related to Core, a different vulnerability than CVE-2016-5613...

CVE-2016-5599

Unspecified vulnerability in the Oracle Advanced Supply Chain Planning component in Oracle Supply Chain Products Suite 12.2.3 through 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to MscObieeSrvlt...

CVE-2016-8283

Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types...

CVE-2016-3495

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB...

CVE-2016-5625

Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Packaging...

CVE-2016-5630

Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB...

SPIP 3.1.2 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications SPIP 3.1.2 Reflected Cross-Site Scripting CVE-2016-7981 Product Description SPIP is a publishing system for the Internet, which put importance on collaborative working, multilingual environments and ease of use. It is free software, distribute...

SPIP 3.1.2 Cross Site Request Forgery

SPIP 3.1.2 Exec Code Cross-Site Request Forgery CVE-2016-7980 Product Description SPIP is a publishing system for the Internet, which put importance on collaborative working, multilingual environments and ease of use. It is free software, distributed under the GNU/GPL licence. Vulnerability...

Google Chrome Scheme Bypass Vulnerability

Google Chrome is a popular web browser. Google Chrome vulnerability has a security flaw. An attacker can exploit the vulnerability to bypass security restrictions...

GDI+ Remote Code Execution Vulnerability

A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data...

Microsoft Video Control Remote Code Execution Vulnerability

A remote code execution vulnerability exists when Microsoft Video Control fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user...

UBUNTU-CVE-2016-7777

Xen 4.7.x and earlier does not properly honor CR0.TS and CR0.EM, which allows local x86 HVM guest OS users to read or modify FPU, MMX, or XMM register state information belonging to arbitrary tasks on the guest by modifying an instruction while the hypervisor is preparing to emulate it...

Revive Adserver: Stored XSS on Admin Access Page - Email field

"Cricetinae" : Short Description The Email field is not sanitized on Inventory Admin Access page resulting in to Stored Cross-Site Scripting vulnerability. Vulnerability Details Cross-Site Scripting issue let's one to run a javascript of choice. It helps most of the client side risks including bu...

Debian DLA-621-1 : autotrace security update

Autotrace is a program for converting bitmaps to vector graphics. It had a bug that caused an out-of-bounds write. This was caused by not allocating sufficient memory to store the terminating NULL pointer in an array. For Debian 7 'Wheezy', this problem have been fixed in version 0.31.1-16+deb7u1...

Attack Leverages Windows Safe Mode

Researchers warn the Windows diagnostic feature Safe Mode can be used as a remote attack vector by hackers who already have access to a compromised PC or server. The method of attack is unusual, researchers said, and places attention on the diagnostic tool used to fix PC problems and remove...

[SECURITY] [DLA 621-1] autotrace security update

Package : autotrace Version : 0.31.1-16+deb7u1 CVE ID : CVE-2016-7392 Autotrace is a program for converting bitmaps to vector graphics. It had a bug that caused an out-of-bounds write. This was caused by not allocating sufficient memory to store the terminating NULL pointer in an array. For Debia...

DLA-621-1 autotrace - security update

Bulletin has no description...

HTTPD: sets environmental variable based on user supplied Proxy request header

It was discovered that httpd used the value of the Proxy header from HTTP requests to initialize the HTTPPROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could...