CVE-2019-1199

A remote code execution vulnerability exists in Microsoft Outlook when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrativ...

CVE-2018-6360

mpv through 0.28.0 allows remote attackers to execute arbitrary code via a crafted web site, because it reads HTML documents containing VIDEO elements, and accepts arbitrary URLs in a src attribute without a protocol whitelist in player/lua/ytdlhook.lua. For example, an av://lavfi:ladspa=file= UR...

CVE-2016-7274

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arbitrary code via a crafted web site, aka "Window...

UBUNTU-CVE-2015-6582

The decompose function in platform/transforms/TransformationMatrix.cpp in Blink, as used in Google Chrome before 45.0.2454.85, does not verify that a matrix inversion succeeded, which allows remote attackers to cause a denial of service uninitialized memory access and application crash or possibl...

DD-WRT Information Disclosure Vulnerability

Exploit for hardware platform in category remote exploits Author: Craig Heffner, /dev/ttyS0 Software Link: http://www.dd-wrt.com Version: v24-preSP2 Tested on: builds 14311, 14896 Remote attackers can gain sensitive information about a DD-WRT router and internal clients, including IP addresses, M...

The Nine-Ball Exploit Exposed

In this video, researcher Andrew Martin walks through an attack on a Web site involving the Nine-Ball exploit, which has been used to compromise tens of thousands of legitimate Web sites in the last few months...