13538 matches found
Magnitude Exploit Kit Redirection
Magnitude exploit kit is a web exploit kit that operates by delivering malicious payload to the victim's computer. Remote attackers can infect users with Magnitude exploit kit by enticing them to visit a malicious web page. Successful infection will allow the attacker to perform Remote Code...
Adobe Flash Player Memory Corruption (APSB16-25: CVE-2016-4177)
A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...
Ruby on Rails Remote Code Execution (CVE-2016-2098)
A remote code execution vulnerability exists in Ruby on Rails. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
CGI Namespace Conflict Man-In-The-Middle (httpoxy; CVE-2016-1000109; CVE-2016-1000110; CVE-2016-5385; CVE-2016-5386; CVE-2016-5387; CVE-2016-5388)
Namespace conflict related to HTTP proxy headers allows an attacker to configure the HTTPPROXY environment variable. A successful exploitation might allow an attacker to launch a man-in-the-middle attack and redirect traffic to an arbitrary host...
Adobe Acrobat and Reader Use After Free (APSB16-14: CVE-2016-1070)
A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...
Apache Struts URLValidator Denial of Service (CVE-2016-4465)
A denial of service vulnerability exists in Apache Struts URLValidator. The vulnerability is due to insufficient validation of crafted URLs by the URLValidator. A remote, unauthenticated attacker could exploit this vulnerability by sending a crafted HTTP request to a Struts 2 application...
Tiki Wiki ELFinder Unauthenticated File Upload
An unauthenticated file upload vulnerability exists in Tiki Wiki. By uploading a malicious file to Tiki Wiki, a remote attacker can exploit this vulnerability for execution of arbitrary code in the security context of the web server...
Adobe Flash Player Use After Free Code Execution (APSB16-25: CVE-2016-4228)
A remote code execution vulnerability exists in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file...
Digium Asterisk PJSIP Channel Driver REGISTER Denial of Service
A denial of service vulnerability exists in Digium Asterisk. The vulnerability is due to errors when processing incoming REGISTER requests with lengthy Contact Header URI. A remote authenticated attacker can exploit this vulnerability to cause a denial of service condition...
Adobe Flash Player Security Bypass (APSB16-25: CVE-2016-4178)
A security bypass vulnerability has been reported in Adobe Flash Player. The vulnerability is due to insufficient security restrictions while handling specially crafted SWF files. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file using...
Adobe Flash Player Use After Free Code Execution (APSB16-25: CVE-2016-4222)
A remote code execution vulnerability exists in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file...
Adobe Flash Player Memory Corruption (APSB16-25: CVE-2016-4182)
A memory corruption vulnerability exists in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...
Adobe Flash Player Use After Free Code Execution (APSB16-25: CVE-2016-4174)
A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially craft...
Adobe Flash Player Use After Free Code Execution (APSB16-25: CVE-2016-4173)
A remote code execution vulnerability exists in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file...
Adobe Flash Player Memory Corruption (APSB16-25: CVE-2016-4176)
A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...
Adobe Flash Player Use After Free Code Execution (APSB16-25: CVE-2016-4248)
A remote code execution vulnerability exists in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file...
Adobe Flash Player Memory Corruption (APSB16-25: CVE-2016-4185)
A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...
Adobe Flash Player Memory Corruption (APSB16-25: CVE-2016-4225)
A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...
Adobe Flash Player Use After Free Code Execution (APSB16-25: CVE-2016-4231)
A remote code execution vulnerability exists in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file...
Adobe Flash Player Use After Free Code Execution (APSB16-25: CVE-2016-4229)
A remote code execution vulnerability exists in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file...
Adobe Flash Player Use After Free Code Execution (APSB16-25: CVE-2016-4226)
A remote code execution vulnerability exists in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file...
Adobe Flash Player Memory Corruption (APSB16-25: CVE-2016-4188)
A memory corruption vulnerability exists in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...
Adobe Flash Player Use After Free Code Execution (APSB16-25: CVE-2016-4227)
A remote code execution vulnerability exists in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file...
Adobe Flash Player Memory Corruption (APSB16-25: CVE-2016-4224)
A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...
HP LoadRunner Controller Scenario File Stack Buffer Overflow (CVE-2015-5426)
A stack-based buffer overflow vulnerability exists in HP LoadRunner Controller. The vulnerability is due to insufficient boundary checks while parsing scenario files. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted ".lrs" files with the...
Adobe Flash Player Use After Free Code Execution (APSB16-25: CVE-2016-4230)
A remote code execution vulnerability exists in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file...
Adobe Flash Player Memory Corruption (APSB16-25: CVE-2016-4232)
A memory leak vulnerability exists in Adobe Flash Player. The vulnerability is due to a dangling reference error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file with ...
Adobe Flash Player Memory Corruption (APSB16-25: CVE-2016-4223)
A memory corruption vulnerability exists in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...
Adobe Acrobat Reader XFA FormCalc replace Integer Overflow (CVE-2016-1043)
An integer overflow vulnerability exists in Adobe Acrobat Reader. The vulnerability is due to improper validation of the parameters for a certain function. A remote attacker could exploit this vulnerability by enticing a user to open a maliciously crafted document. Successful exploitation of the...
D-Link DCS-930L Authenticated Remote Command Execution
A command execution vulnerability exists in D-Link DCS-930L. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Microsoft Office Remote Code Execution (MS16-088: CVE-2016-3279)
A remote code execution vulnerability exists in Microsoft Office. The vulnerability is due to improper handling of objects in memory while parsing a specially crafted Office file. A remote attacker could exploit this vulnerability by enticing the target user to open a specially crafted Office fil...
WordPress All In One SEO Pack Plugin Cross-site Scripting
A cross-site scripting vulnerability exists in WordPress All In One SEO Pack plugin. Successful exploitation of this vulnerability would allow a remote attacker to insert malicious code into the effected system...
Microsoft Browser Spoofing (MS16-084: CVE-2016-3276)
A spoofing vulnerability exists in Microsoft Internet Explorer and EDGE browsers. The vulnerability is due to improper parsing of HTTP content. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page...
Microsoft Internet Explorer Memory Corruption (MS16-084 : CVE-2016-3259)
A remote code execution vulnerability exists in Microsoft Edge. The vulnerability is due to a type confusion when handling certain objects in JavaScript. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page that could cause memory corruption in...
Microsoft Windows GDI Component Information Disclosure (MS16-090: CVE-2016-3251)
An Information disclosure vulnerability exists in Windows GDI component. The vulnerability is due to the way Microsoft Graphics Component improperly discloses contents of its memory. An attacker who successfully exploited the vulnerabilities could obtain information to further compromise the user...
Microsoft Office Memory Corruption (MS16-088: CVE-2016-3281)
A remote code execution vulnerability exists in Microsoft Office. The vulnerability is due to an error in the way Microsoft Office improperly handles objects in memory while parsing specially crafted files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted...
Microsoft Edge Memory Corruption (MS16-085: CVE-2016-3246)
A remote code execution vulnerability exists in Microsoft Edge. The vulnerability is due to a type confusion when handling certain objects in JavaScript. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page that could cause memory corruption in...
Microsoft Office Memory Corruption (MS16-088: CVE-2016-3283)
A remote code execution vulnerability exists in Microsoft Office. The vulnerability is due to an error in the way Microsoft Office improperly handles objects in memory while parsing specially crafted files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted...
WordPress WP Live Chat Support Plugin Cross-Site Scripting
A cross-site scripting vulnerability exists in WordPress WP Live Chat Support Plugin. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...
Microsoft Internet Explorer Memory Corruption (MS16-084: CVE-2016-3242)
A memory corruption vulnerability exists in Microsoft Internet Explorer. The vulnerability is due to an error while handling certain objects when processing HTML and script code. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page that could...
Microsoft Windows Win32k Elevation of Privilege (MS16-090: CVE-2016-3250)
An elevation of privilege vulnerability exists in Microsoft Windows Win32k. A remote attacker can bypass a security check in win32k to load a custom font from an arbitrary file on disk. Successful exploitation could allow an attacker to run arbitrary code with elevated privileges...
Microsoft Windows Win32k Elevation of Privilege (MS16-090: CVE-2016-3254)
An elevation of privilege vulnerability exists in Microsoft Windows Win32k. A remote attacker can bypass a security check in win32k to load a custom font from an arbitrary file on disk. A successful exploitation could allow an attacker to run arbitrary code with elevated privileges...
Microsoft Office Memory Corruption (MS16-088: CVE-2016-3282)
A memory corruption vulnerability exists in Microsoft Office. The vulnerability is due to an error in the way Microsoft Office improperly handles objects in memory while parsing specially crafted files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file...
Nagios XI SQL Injection (CVE-2018-8734)
An SQL injection vulnerability exists in Nagios XI. It allows an authenticated remote attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data...
Microsoft Edge Security Feature Bypass (MS16-085: CVE-2016-3244)
A security feature bypass exists in Microsoft Edge. The vulnerability is due to an error in the way Microsoft Edge implements Address Space Layout Randomization ASLR. A remote attacker can exploit this issue by enticing a user to open a specially crafted web-page with an affected version of...
Microsoft Internet Explorer Memory Corruption (MS16-084: CVE-2016-3240)
A memory corruption vulnerability exists in Microsoft Internet Explorer. The vulnerability is due to an error while handling certain objects when processing HTML and script code. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page that could...
Tiki-Wiki CMS Calendar Remote Command Execution
A remote command injection vulnerability exists in Tiki-Wiki CMS's calendar module. By exploiting this vulnerability, a remote attacker can execute arbitrary code on the affected server...
Microsoft Internet Explorer Information Disclosure (MS16-084 : CVE-2016-3277)
An information disclosure vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in Microsoft Internet Explorer while handling unsafe command line parameters. A remote attacker can exploit this issue by enticing a user to open a specially crafted...
Microsoft Browser Spoofing (MS16-084: CVE-2016-3274)
A spoofing vulnerability exists in Microsoft Internet Explorer and EDGE browsers. The vulnerability is due to improper parsing of HTTP content. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page...
Microsoft Edge Memory Corruption (MS16-085: CVE-2016-3264)
A remote code execution vulnerability exists in Microsoft Edge. The vulnerability is due to an error in the way Microsoft Edge accesses objects in memory. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page that could cause memory corruption i...