Google Chrome < 44.0.2403.155 Multiple Vulnerabilities (Mac OS X)

The version of Google Chrome installed on the remote Mac OS X host is prior to 44.0.2403.155. It is, therefore, affected by multiple vulnerabilities : - Multiple type confusion errors exist that allow an attacker to execute arbitrary code. CVE-2015-5554, CVE-2015-5555, CVE-2015-5558, CVE-2015-556...

WordPress WP Symposium Plugin 15.1 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Wordpress Plugin wp-symposium Unauthenticated SQL Injection Vulnerability Date: 2015-07-30 Exploit Author: PizzaHatHacker Vendor Homepage: http://www.wpsymposium.com/ Version: ? = version = 15.5.1 Tested on: Apache / WordPress...

EMC Documentum Content Server Code Execution Vulnerability

EMC Documentum Content Server suffers from an arbitrary code execution vulnerability. Product: EMC Documentum Content Server Vendor: EMC Version: ANY CVE: N/A Risk: High Status: public/not fixed For detailed description see http://seclists.org/bugtraq/2015/Jul/51 New behavior introduced in...

Three bypasses and a fix for one of Flash's Vector.<*> mitigations

Posted by Chris Evans, Cookie Monster With the release of Flash 18.0.0.209, two mitigations were introduced to combat abuse of Vector corruptions -- we covered these in a previous blog post. Flash 18.0.0.232 has just been released and it includes a change to the way one of the mitigations is...

EMC Documentum Content Server Code Execution

Product: EMC Documentum Content Server Vendor: EMC Version: ANY CVE: N/A Risk: High Status: public/not fixed For detailed description see http://seclists.org/bugtraq/2015/Jul/51 New behavior introduced in CVE-2015-4532: API ?,c,execute domethod WITH METHOD='dmbptransition', ARGUMENTS=' repo repo...

Adobe Air Multiple Vulnerabilities-01 (Aug 2015) - Mac OS X

Adobe Air is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:adobeair"; ifdescription...

CVE-2015-5125

Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to cause a denial of service vector-length corruption or possibly have unspecifie...

UBUNTU-CVE-2015-5125

Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to cause a denial of service vector-length corruption or possibly have unspecifie...

CVE-2015-5125

CVE-2015-5125 affects Adobe Flash Player (Windows/OS X) prior to 18.0.0.232 and Adobe Flash Player for Linux prior to 11.2.202.508, as well as Adobe AIR prior to 18.0.0.199 (and AIR SDK/SDK & Compiler before 18.0.0.199). Root cause is a vector-length corruption that could cause a denial of servic...

Memory Corruption Vulnerability in Multiple Adobe Products

Adobe Flash Player, Adobe AIR SDK, and Adobe AIR SDK & Compiler are products of Adobe, Incorporated.Adobe Flash Player is a multimedia player; Adobe AIR SDK and Adobe AIR SDK & Compiler are standard development kits for Adobe AIR a cross-OS runtime environment. Adobe Flash Player is a multimedia...

Adobe Flash Player <= 18.0.0.209 Multiple Vulnerabilities (APSB15-19)

The version of Adobe Flash Player installed on the remote Windows host is equal or prior to version 18.0.0.209. It is, therefore, affected by the following vulnerabilities : - Multiple type confusion errors exist that allow an attacker to execute arbitrary code. CVE-2015-5554, CVE-2015-5555,...

MS KB3087916: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer

The remote Windows host is missing KB3087916. It is, therefore, affected by multiple remote code execution vulnerabilities : - Multiple type confusion errors exist that allow an attacker to execute arbitrary code. CVE-2015-5554, CVE-2015-5555, CVE-2015-5558, CVE-2015-5562 - An unspecified...

Design/Logic Flaw

The 1 piperead and 2 pipewrite implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed copytouserinatomic and copyfromuserinatomic calls, which allows local users to cause a denial of service system crash or possibly gain privileges via a...

DEBIAN-CVE-2015-1805

The 1 piperead and 2 pipewrite implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed copytouserinatomic and copyfromuserinatomic calls, which allows local users to cause a denial of service system crash or possibly gain privileges via a...

CVE-2015-1805

The 1 piperead and 2 pipewrite implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed copytouserinatomic and copyfromuserinatomic calls, which allows local users to cause a denial of service system crash or possibly gain privileges via a...

CVE-2015-1805

The 1 piperead and 2 pipewrite implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed copytouserinatomic and copyfromuserinatomic calls, which allows local users to cause a denial of service system crash or possibly gain privileges via a...

EUVD-2015-1930

The 1 piperead and 2 pipewrite implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed copytouserinatomic and copyfromuserinatomic calls, which allows local users to cause a denial of service system crash or possibly gain privileges via a...

CVE-2015-1805

The 1 piperead and 2 pipewrite implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed copytouserinatomic and copyfromuserinatomic calls, which allows local users to cause a denial of service system crash or possibly gain privileges via a...

JDK: unspecified vulnerability fixed in 6u101, 7u85 and 8u51 (Deployment)

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment...

[SECURITY] Fedora 21 Update: libwmf-0.2.8.4-45.fc21

A library for reading and converting Windows MetaFile vector graphics WMF...