13538 matches found
Trend Micro SafeSync for Enterprise storage.pm discovery_iscsi_device Command Injection
A command injection vulnerability exists in Trend Micro's SafeSync for Enterprise storage pm page. The vulnerability is due to insufficient validation of the user-supplied parameters defining an iSCSI device to be discovered. A remote, authenticated attacker could exploit this vulnerability by...
URSoft W32Dasm Disassembler Function Buffer Overflow (CVE-2005-0308)
A buffer overflow exists in URSoft W32Dasm. The vulnerability is due to improper bounds checking by the Disassembler process. A remote unauthenticated attacker could exploit this vulnerability by sending crafted .exe file. Successful exploitation can result in arbitrary code execution within the...
Adobe Acrobat and Reader Integer Overflow (APSB17-11: CVE-2017-3034)
An integer overflow vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to a parsing error in XML Forms Architecture XFA engine in Adobe Reader and Acrobat. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...
OpenSSH kex_input_kexinit Denial of Service (CVE-2016-8858)
A denial of service vulnerability has been reported in OpenSSH. The vulnerability is due to improper implementation of the kexinputkexinit function in the kex module allowing the function to be repeated after receipt of a message. A remote attacker could exploit this vulnerability by sending...
Adobe Flash Player Memory Corruption (APSB17-10: CVE-2017-3061)
A memory corruption vulnerability exists in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...
Adobe Flash Player Memory Corruption (APSB17-10: CVE-2017-3060)
A memory corruption vulnerability exists in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...
Adobe Acrobat and Reader Memory Corruption (APSB17-11: CVE-2017-3038)
A memory corruption vulnerability exists in Adobe Acrobat Reader. The vulnerability is due to improper parsing of True Type font TTF format stream data resulting in out of bounds memory access. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted...
VIPA Controls WinPLC7 recv Stack-based Buffer Overflow (CVE-2017-5177)
A stack-based buffer overflow exists in VIPA Controls WinPLC7. The vulnerability is due to improper validation of a length field within received TCP packet data before copying the contents to a stack-based buffer. A remote attacker could exploit this vulnerability by sending maliciously crafted...
Adobe Acrobat and Reader Information Disclosure (APSB17-11: CVE-2017-3033)
An information disclosure vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a corrupted file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted file...
Trend Micro SafeSync for Enterprise restartService Command Injection
A command injection vulnerability exists in Trend Micro's SafeSync for Enterprise. The vulnerability is due to insufficient validation of the user-supplied parameter sent to restartService end point. A remote, authenticated attacker could exploit this vulnerability by sending a crafted input to t...
Trend Micro SafeSync for Enterprise storage.pm device_id role Command Injection
A command injection vulnerability exists in Trend Micro's SafeSync for Enterprise storage.pm page. The vulnerability is due to insufficient validation of the user-supplied role and deviceid parameters. A remote, authenticated attacker could exploit this vulnerability by sending a crafted input to...
Adobe Acrobat and Reader Use After Free (APSB17-11: CVE-2017-3027)
A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...
Adobe Acrobat and Reader Information Disclosure (APSB17-11: CVE-2017-3029)
An information disclosure vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted PDF file...
Adobe Acrobat and Reader Memory Corruption (APSB17-11: CVE-2017-3030)
A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a corrupted file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted file...
Adobe Acrobat and Reader Information Disclosure (APSB17-11: CVE-2017-3032)
An Information Disclosure exists in JPEG 2000 code-stream parser in Adobe Acrobat and Reader. This vulnerability is due to improper handling of objects in memory. Attackers can exploit the vulnerability by using the out of bounds access for information leak attacks...
Adobe Acrobat and Reader Information Disclosure (APSB17-11: CVE-2017-3031)
An information disclosure vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to out-of-bounds error while accessing unintended memory in a specially crafted PDF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted PDF...
Microsoft Windows Uniscribe Information Disclosure (MS17-011: CVE-2017-0085)
An information disclosure vulnerability exists in Microsoft Windows. The vulnerability is due to the way Windows Uniscribe handles objects in the memory. A remote attacker can exploit this vulnerability by enticing the target user to open a specially crafted ttf file...
Adobe Acrobat and Reader Memory Corruption (APSB17-11: CVE-2017-3028)
A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to out-of-bounds error while accessing to unintended memory in a specially crafted TIFF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted TIFF...
Adobe Acrobat and Reader Use After Free (APSB17-11: CVE-2017-3026)
A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...
Adobe Acrobat and Reader Information Disclosure (APSB17-11: CVE-2017-3021)
An information disclosure vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to out-of-bounds error while accessing unintended memory in a specially crafted PDF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted PDF...
Adobe Acrobat and Reader Memory Corruption (APSB17-11: CVE-2017-3024)
A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error in the way Adobe Reader and Acrobat handles objects in memory. A remote attacker could trigger this issue via a specially crafted PDF file...
Adobe Acrobat and Reader Memory Corruption (APSB17-11: CVE-2017-3023)
A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a corrupted file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted file...
Adobe Acrobat And Reader Memory Corruption (APSB17-11: CVE-2017-3025)
A memory corruption vulnerability has been reported in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...
Adobe Acrobat and Reader Heap Overflow (APSB17-11: CVE-2017-3055)
A code execution vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to heap overflow vulnerability in the JPEG decoder routine. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted PDF file...
Adobe Acrobat and Reader Information Disclosure (APSB17-11: CVE-2017-3022)
An information disclosure vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to out-of-bounds error while accessing to unintended memory in a specially crafted PDF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted...
Adobe Acrobat and Reader Memory Corruption (APSB17-11: CVE-2017-3017)
A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a corrupted file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted file...
Aerospike Database Server RW Fabric Message Code Execution (CVE-2016-9053)
An out-of-bounds array indexing vulnerability has been reported in Aerospike Database Server. The vulnerability is due to improper handling of a fabric message containing a request to write a record element with malicious type value. A remote attacker could exploit this vulnerability by sending a...
Adobe Acrobat and Reader Information Disclosure (APSB17-11: CVE-2017-3020)
An information disclosure vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to out-of-bounds error while accessing unintended memory in a specially crafted PDF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted PDF...
Adobe Flash Player Use After Free Code Execution (APSB17-10: CVE-2017-3063)
A remote code execution vulnerability exists in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file...
Adobe Acrobat and Reader Memory Corruption (APSB17-11: CVE-2017-3019)
A memory corruption vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...
Adobe Acrobat and Reader Memory Corruption (APSB17-11: CVE-2017-3056)
A memory corruption vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error while loading a PDF containing a malicious JavaScript code. A remote attacker may exploit this issue by enticing a target user to open a malicious PDF file with an affected version of Adobe...
Adobe Acrobat and Reader Use After Free (APSB17-11: CVE-2017-3057)
A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...
Adobe Acrobat and Reader Use After Free (APSB17-11: CVE-2017-3014)
A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...
Adobe Acrobat and Reader Memory Corruption (APSB17-11: CVE-2017-3036)
A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while opening a PCX file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PCX file with Adobe Reader...
Adobe Flash Player Use After Free Code Execution (APSB17-10: CVE-2017-3062)
A remote code execution vulnerability exists in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file...
Microsoft Edge Memory Corruption (CVE-2017-0205)
A memory corruption vulnerability exists in Microsoft Edge. The vulnerability is due to a type confusion when handling certain objects in memory. A remote attacker could exploit this vulnerability by enticing the target user to open a specially crafted web page...
Microsoft Internet Explorer Elevation of Privilege (CVE-2017-0210)
An elevation of privilege vulnerability exists in Internet Explorer. The vulnerability is due to Internet Explorer not properly enforcing cross-domain policies. This could allow an attacker to access information from one domain and inject it into another domain...
Microsoft Internet Explorer Scripting Engine Memory Corruption (CVE-2017-0158)
A Use-After-Free vulnerability exists in Microsoft Internet Explorer. The vulnerability is due to an error in the way VBScript engine manipulates the assignment of dynamic-array variables. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page...
Microsoft Outlook Remote Code Execution (CVE-2017-0199)
A remote code execution vulnerability exists in Microsoft Outlook. The vulnerability is due to the way that Microsoft Outlook parses specially crafted email messages. Successful exploitation of this vulnerability may result to take control of an affected system...
Microsoft Office DLL Loading (CVE-2017-0197)
A remote code execution vulnerability exists in Microsoft Office. The vulnerability is caused due to an incorrect link to a dynamic-link library file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file which will lead to arbitrary code execution...
Microsoft Windows Elevation of Privilege (CVE-2017-0165)
An elevation of privilege vulnerability exists in Microsoft Windows. The vulnerability is due to an error in the way Microsoft Windows sanitizes handles in memory. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file...
Microsoft Win32k Information Disclosure (CVE-2017-0188)
An Information Disclosure vulnerability exists in the Windows Common Log File System CLFS driver of Microsoft Windows. The vulnerability is due to the way Windows improperly handles objects in memory. An attacker could exploit this vulnerability to bypass security measures on the affected system...
Microsoft Outlook Remote Code Execution (CVE-2017-0106)
A remote code execution vulnerability exists in Microsoft Outlook. The vulnerability is due to the way Microsoft Outlook parses specially crafted email messages. A remote attacker can exploit this vulnerability by enticing the target user to open a specially crafted email message...
Microsoft Internet Explorer Memory Corruption (CVE-2017-0202)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses objects in memory. A remote attacker can exploit this issue by enticing a user to open a specially crafted web-page with an...
Microsoft Win32k Elevation of Privilege (CVE-2017-0189)
An elevation of privilege vulnerability exists in Windows. The vulnerability occurs when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode with full user rights...
Microsoft Windows Kernel Information Disclosure (CVE-2017-0167)
An information disclosure vulnerability exists within Microsoft Windows. The vulnerability is caused when Microsoft Windows kernel improperly handles objects in memory. Successful exploitation of this issue might lead to leakage of sensitive information from the kernel...
Microsoft Windows Graphics Component Elevation of Privilege (CVE-2017-0156)
An elevation of privilege vulnerability exists in Windows Graphics Component. The vulnerability is caused when the Windows Graphics Component fails to properly handle objects in memory. A remote attacker can exploit this vulnerability by enticing a user to run a specially crafted file...
Microsoft ATMFD.dll Information Disclosure (CVE-2017-0192)
An information disclosure vulnerability exists in Adobe Type Manager Font Driver ATMFD.dll. The vulnerability is caused when the Adobe Type Manager Font Driver ATMFD.dll improperly handles objects in memory. An attacker can exploit this vulnerability by enticing a user to open a specially crafted...
Microsoft Office Memory Corruption (CVE-2017-0194)
An Out-of-Bounds-Write vulnerability exists in Microsoft Office. The vulnerability is due to a failure of Office software to properly handle objects in memory. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file...
Microsoft Edge Memory Corruption (CVE-2017-0200)
A type confusion memory corruption vulnerability exists in Microsoft Edge. The vulnerability is due to an error when handling objects in memory. A remote attacker can exploit this vulnerability and execute arbitrary code in the context of the current user...