13538 matches found
PHP 7 Unserialization Hash Table Resize Use After Free
A Use After Free vulnerability exists in PHP 7. A remote attacker can exploit this vulnerability by sending specially crafted input to the unserialize function...
PHP 7 Unserialization Exception Infinite Loop Denial of Service (CVE-2016-7478)
A Denial of Service vulnerability exists in PHP 7. A remote attacker can exploit this vulnerability by sending specially crafted input to the unserialize function...
Adobe Acrobat and Reader Memory Corruption (APSB16-33: CVE-2016-6956)
A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to out-of-bounds error while accessing unintended memory in a specially crafted PDF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted PDF file...
Adobe Reader Memory Corruption (APSB16-33: CVE-2016-6943)
A memory corruption vulnerability has been reported in Adobe Reader. The vulnerability is due to improper input validation. A remote attacker could trigger this issue via a specially crafted PDF file...
Adobe Flash Player Memory Corruption (APSB16-32: CVE-2016-6985)
A memory corruption vulnerability exists in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...
Squash YAML Code Execution (CVE-2013-5036)
A remote code execution vulnerability exists in Squash. The vulnerability is due to insufficient sanitization of user-supplied input while processing certain language expressions. An attacker could exploit this vulnerability by sending a crafted request to the affected software...
Adobe Acrobat and Reader Use-After-Free Code Execution (APSB16-33: CVE-2016-6944)
A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...
Adobe Reader and Acrobat Memory Corruption (APSB16-33: CVE-2016-6959; CVE-2016-6966; CVE-2016-6978)
A memory corruption vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error while loading a PDF containing a malicious JavaScript code. A remote attacker may exploit this issue by enticing a target user to open a malicious PDF file with an affected version of Adobe...
Adobe Flash Player Use After Free Code Execution (APSB16-32: CVE-2016-6981)
A remote code execution vulnerability exists in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file...
Adobe Acrobat and Reader Memory Corruption (APSB16-33: CVE-2016-6947)
A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to out-of-bounds error while accessing to unintended memory in a specially crafted PDF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted PDF fi...
Adobe Acrobat and Reader Memory Corruption (APSB16-33: CVE-2016-6942)
A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to out-of-bounds error while accessing to unintended memory in a specially crafted PDF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted PDF fi...
Adobe Reader and Acrobat Memory Corruption (APSB16-33: CVE-2016-6950)
A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a corrupted file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted file...
Adobe Acrobat and Reader Security Bypass (APSB16-33: CVE-2016-6957; CVE-2016-6958)
This vulnerability is an instance of a security bypass in Adobe Reader JavaScript engine. This vulnerability could be exploited to bypass the engine security restrictions. Successful exploitation of this issue could allow an attacker to execute privileged JavaScript functions...
Adobe Acrobat and Reader Memory Corruption (APSB16-33: CVE-2016-6948)
A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to out-of-bounds error while accessing to unintended memory in a specially crafted PDF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted PDF fi...
Adobe Acrobat and Reader Heap Overflow (APSB16-33: CVE-2016-6939)
A heap overflow vulnerability exists in Adobe Reader. The vulnerability is due to improper input validation. A remote attacker could trigger this issue via a specially crafted PDF file...
Adobe Acrobat and Reader Use After Free Code Execution (APSB16-33: CVE-2016-6979)
A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...
Adobe Acrobat and Reader Memory Corruption (APSB16-33: CVE-2016-6955)
A memory corruption vulnerability has been reported in Adobe Acrobat and Reader. The vulnerability is due to an error in Adobe Acrobat and Reader while parsing a corrupted PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...
Adobe Acrobat and Reader Memory Corruption (APSB16-33: CVE-2016-6940)
A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a corrupted file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted file...
Adobe Acrobat and Reader Use After Free (APSB16-33: CVE-2016-1089)
A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...
Adobe Flash Player Memory Corruption (APSB16-32: CVE-2016-6982)
A memory corruption vulnerability exists in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...
Adobe Flash Player Memory Corruption (APSB16-32: CVE-2016-6984)
A memory corruption vulnerability exists in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...
Adobe Flash Player Memory Corruption (APSB16-32: CVE-2016-6986)
A memory corruption vulnerability exists in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...
Adobe Acrobat and Reader Memory Corruption (APSB16-33: CVE-2016-6941)
A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to out-of-bounds error while accessing to unintended memory in a specially crafted PDF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted PDF fi...
Adobe Acrobat and Reader Use-After-Free Code Execution (APSB16-33: CVE-2016-6952)
A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...
Adobe Acrobat and Reader Use After Free (APSB16-33: CVE-2016-6953)
A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...
Adobe Acrobat And Reader Memory Corruption (APSB16-33: CVE-2016-6951)
A memory corruption vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a corrupted PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...
Adobe Acrobat and Reader Use-After-Free Code Execution (APSB16-33: CVE-2016-6949)
A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...
Adobe Acrobat and Reader Memory Corruption (APSB16-33: CVE-2016-6972; CVE-2016-6973)
A memory corruption vulnerability has been reported in Adobe Acrobat and Reader. The vulnerability is due to an error in Adobe Acrobat and Reader while parsing a corrupted PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...
Adobe Flash Player Memory Corruption (APSB16-32: CVE-2016-6983)
A memory corruption vulnerability exists in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...
Adobe Reader Memory Corruption (APSB16-33: CVE-2016-6974; CVE-2016-6975; CVE-2016-6976; CVE-2016-6977)
A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...
Adobe Acrobat and Reader Use After Free Code Execution (APSB16-33: CVE-2016-6945)
A remote code execution vulnerability has been reported in Adobe Acrobat and Reader. The vulnerability is due to a use-after-free error in Adobe Reader and Acrobat while handling a specially crafted PDF file. A remote attacker can exploit this vulnerability by enticing a target user to open a...
Adobe Acrobat and Reader Use After Free (APSB16-33: CVE-2016-6946)
A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file, potentially leading to...
Adobe Acrobat and Reader Use-After-Free Code Execution (APSB16-33: CVE-2016-6961; CVE-2016-6962; CVE-2016-6963; CVE-2016-6964)
A remote code execution vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to a use-after-free error in Adobe Acrobat and Reader while handling a specially crafted PDF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially...
Microsoft Internet Explorer Information Disclosure (MS16-118: CVE-2016-3267)
An information disclosure vulnerability exists in Internet Explorer and Microsoft Edge. The vulnerability is due to the way Internet Explorer and Edge do not properly handle objects in memory. A remote attacker could exploit this vulnerability by enticing the target user to open a specially craft...
Microsoft Windows Diagnostics Hub Elevation of Privilege (MS16-125: CVE-2016-7188)
An elevation of privilege vulnerability exists in Microsoft Windows within the Diagnostics Hub component. The vulnerability is caused when inputs are not properly sanitized by the Windows Diagnostics Hub Standard Collector Service . A successful exploitation could allow an attacker to run arbitra...
Microsoft Internet Explorer Memory Corruption (MS16-118: CVE-2016-3385)
A remote code execution vulnerability exists in Internet Explorer and Microsoft Edge. The vulnerability is due to the way scripting engine renders when handling objects in memory. A remote attacker can exploit this issue by enticing a user to open a specially crafted web-page with an affected...
Microsoft Windows GDI+ Information Disclosure (MS16-120: CVE-2016-3263)
An information disclosure vulnerability has been reported in Microsoft Windows. The vulnerability is due to an error in the way the True Type Font TTF driver handles objects in memory. A remote attacker could exploit this vulnerability by enticing a target user to open a specially crafted EMF fil...
Microsoft Office Memory Corruption (MS16-121: CVE-2016-7193)
A buffer overflow vulnerability exists in the Word's RTF parser. The vulnerability is due to invalid parsing of RTF files. By enticing the user to open a specially crafted RTF file, an attacker could exploit this vulnerability to execute arbitrary code on the affected system...
Microsoft Edge Memory Corruption (MS16-119: CVE-2016-3386)
A memory corruption vulnerability exists in Microsoft Edge. The vulnerability is due to the way Chakra JavaScript engine renders when handling objects in memory. A remote unauthenticated attacker could exploit this vulnerability by enticing the target user to open a specially crafted web page...
Microsoft Windows GDI+ Information Disclosure (MS16-120: CVE-2016-3262)
An information disclosure vulnerability has been reported in Microsoft Windows. The vulnerability is due to an error in the way the True Type Font TTF driver handles objects in memory. A remote attacker could exploit this vulnerability by enticing a target user to open a specially crafted EMF fil...
Microsoft Windows Kernel Local Elevation of Privilege (MS16-124: CVE-2016-0075)
An elevation of privilege vulnerability exists in Microsoft Windows. The vulnerability is due to the way Windows kernel API improperly allows a user to access sensitive registry information. A remote attacker can exploit this vulnerability by enticing a user to run a specially crafted executable...
Adobe Reader and Acrobat Memory Corruption (APSB16-33: CVE-2016-6960)
A memory corruption vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error while loading a PDF containing a malicious JavaScript code. A remote attacker may exploit this issue by enticing a target user to open a malicious PDF file with an affected version of Adobe...
Microsoft Scripting Engine Information Disclosure (MS16-119: CVE-2016-7189)
An information disclosure vulnerability exists in Microsoft Edge. This vulnerability is due to improper handling of objects in memory. A remote attacker could exploit this vulnerability by enticing the target user to open a specially crafted web page...
Microsoft Windows Win32k Elevation of Privilege (MS16-120: CVE-2016-3270)
An elevation of privilege vulnerability exists in Microsoft Windows Win32k. The vulnerability is caused when Microsoft Windows improperly deals with one of its kernel components. A successful exploitation could allow an attacker to run arbitrary code with elevated privileges...
Microsoft Internet Explorer Memory Corruption (MS16-118: CVE-2016-3383)
A remote code execution vulnerability exists in Internet Explorer. The vulnerability is due to the way Internet Explorer accesses objects in memory. A remote attacker can exploit this vulnerability by enticing a user to open a specially crafted website...
Microsoft Win32k Elevation of Privilege (MS16-123: CVE-2016-7211)
An elevation of privilege vulnerability exists in Microsoft Windows. The vulnerability is caused when the Windows kernel-mode driver fails to properly handle objects in memory. A remote attacker could exploit this vulnerability by running a specially crafted application...
Microsoft Windows Transaction Manager Elevation of Privilege (MS16-123: CVE-2016-3341)
An elevation of privilege vulnerability has been reported in Microsoft Windows Kernel Transaction Manager. The vulnerability is due to an malformed blf file, which could be abused by attackers to gain local privilege escalation. The attacker must entice the victim to run an executable file to...
Microsoft Browser Elevation of Privilege (MS16-118: CVE-2016-3387)
An Elevation of Privileges vulnerability exists in Internet Explorer and Edge. The vulnerability is due to a failure in properly securing a private namespace. A remote attacker could exploit this vulnerability by enticing a user to run a specially crafted executable...
Microsoft Internet Explorer Memory Corruption (MS16-118: CVE-2016-3382)
A remote code execution vulnerability exists in Internet Explorer and Microsoft Edge. The vulnerability is due to the way scripting engine renders when handling objects in memory. A remote attacker can exploit this issue by enticing a user to open a specially crafted web-page with an affected...
Microsoft Windows Win32k Elevation of Privilege (MS16-123: CVE-2016-7185)
An elevation of privilege vulnerability exists in Microsoft Windows. The vulnerability is caused when the Windows kernel-mode driver fails to properly handle objects in memory. A remote attacker could exploit this vulnerability by running a specially crafted application...