13538 matches found
Microsoft Windows Uniscribe Integer Underflow (MS15-130: CVE-2015-6130)
An integer underflow vulnerability exists in Microsoft Windows Uniscribe. The vulnerability is due to an improper alignment of table offsets leading to an integer underflow. A remote attacker can exploit this vulnerability by enticing the target to open a specially crafted ttf file. Successful...
Microsoft Internet Explorer Memory Corruption (MS15-124: CVE-2015-6083)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...
Microsoft Internet Explorer Memory Corruption (MS15-124: CVE-2015-6156)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...
Microsoft Office Memory Corruption (MS15-131: CVE-2015-6040)
A remote code execution vulnerability exists in Microsoft Office. The vulnerability is due to an error in the way Microsoft Office improperly handles objects in memory while parsing specially crafted files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted...
Microsoft Windows Library Loading Remote Code Execution (MS15-132: CVE-2015-6133)
A remote code execution vulnerability has been reported in Microsoft Windows. The vulnerability is due to the way Windows improperly validates input before loading libraries. A remote attacker could exploit this vulnerability by enticing a target user to open a specially crafted file...
Microsoft Internet Explorer Memory Corruption (MS15-124: CVE-2015-6154)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an out of bounds memory access. A remote attacker can exploit this issue by enticing a victim to view a specially crafted website with an affected version of Internet Explorer...
Microsoft Internet Explorer Memory Corruption (MS15-124: CVE-2015-6159)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...
Microsoft Office Memory Corruption (MS15-128: CVE-2015-6106)
A remote code execution vulnerability exists in Microsoft Office. The vulnerability is due to an error in the way Microsoft Office improperly handles objects in memory while parsing specially crafted files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted...
Microsoft Internet Explorer Memory Corruption (MS15-124: CVE-2015-6155)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...
Microsoft Internet Explorer Memory Corruption (MS15-124: CVE-2015-6145)
A use-after-free vulnerability has been reported in Microsoft Internet Explorer which could result in remote code execution. A remote attacker can exploit this issue by enticing a user to open a specially crafted web-page with an affected version of Internet Explorer...
Microsoft Windows Media Center Information Disclosure (MS15-134: CVE-2015-6127)
An information disclosure vulnerability has been reported in Microsoft Media Center. The vulnerability is due to an error in the way Media Center renders MCL files which redirects to the MCL file itself. A remote attacker can exploit this issue by enticing a user to open a specially crafted MCL...
Microsoft Office Memory Corruption (MS15-131: CVE-2015-6118)
A Memory corruption vulnerability exists in Microsoft Word. The vulnerability is caused when Microsoft Word does not properly handle objects in memory while parsing specially crafted Office files. A remote attacker can exploit this issue by enticing a user to open a specially crafted Word file...
Microsoft Edge Elevation of Privilege (MS15-125: CVE-2015-6170)
An elevation of privilege vulnerability has been reported in Microsoft Edge. The vulnerability is due to an error in the way that Microsoft Edge validates permissions under specific conditions. A remote attacker can exploit this issue by enticing a user to open a specially crafted web-page with a...
Microsoft Office Memory Corruption (MS15-131: CVE-2015-6122)
A remote code execution vulnerability exists in Microsoft Office. The vulnerability is due to an error in the way Microsoft Office improperly handles objects in memory while parsing specially crafted files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted...
Microsoft Internet Explorer Scripting Engine Information Disclosure (MS15-124: CVE-2015-6135)
An information disclosure vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way VBScript engine manipulates BSTR objects. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page...
Microsoft Internet Explorer Scripting Engine Memory Corruption (MS15-124: CVE-2015-6139)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer parses an iCalendar ICS file. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page...
Microsoft Internet Explorer Information Disclosure (MS15-124: CVE-2015-6157)
An information disclosure vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in Microsoft Internet Explorer while handling unsafe command line parameters. A remote attacker can exploit this issue by enticing a user to open a specially crafted...
Microsoft Internet Explorer Memory Corruption (MS15-124: CVE-2015-6153)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an out of bounds memory access. A remote attacker can exploit this issue by enticing a victim to view a specially crafted website with an affected version of Internet Explorer...
Microsoft Office Memory Corruption (MS15-131: CVE-2015-6122) - ver 2
A remote code execution vulnerability exists in Microsoft Office. The vulnerability is due to an error in the way Microsoft Office improperly handles objects in memory while parsing specially crafted files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted...
Microsoft Internet Explorer Memory Corruption (MS15-124: CVE-2015-6134)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer verifies an argument of a certain function. A remote attacker can exploit this issue by enticing a user to open a specially crafted web-page wi...
Microsoft Graphics Component Memory Corruption (MS15-128: CVE-2015-6107)
A remote code execution vulnerability has been reported in Microsoft Graphics Component. The vulnerability involves an integer overflow leading to a buffer overflow in an internal graphics routine. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file...
Microsoft Internet Explorer Memory Corruption (MS15-124: CVE-2015-6150)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has been deleted. A remote attacker can exploit this issue by enticing a user to open a specially crafted web-page...
Microsoft Internet Explorer Memory Corruption (MS15-124: CVE-2015-6147)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory. A remote attacker can exploit this issue by enticing a victim to view a specially crafted website with an affecte...
Microsoft Internet Explorer Memory Corruption (MS15-124: CVE-2015-6151)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...
Microsoft Internet Explorer Memory Corruption (MS15-124: CVE-2015-6162)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...
Microsoft Internet Explorer Memory Corruption (MS15-124: CVE-2015-6142)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...
Microsoft Internet Explorer Memory Corruption (MS15-124: CVE-2015-6140)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...
Microsoft Scripting Engine Memory Corruption (MS15-124: CVE-2015-6136)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...
Microsoft Edge Memory Corruption (MS15-125: CVE-2015-6168)
A memory corruption vulnerability exists in Microsoft Edge. The vulnerability is because the program fails to detect a returned error value, resulting in an out-of-bounds read condition. A remote unauthenticated attacker could exploit this vulnerability by enticing the target user to open a...
Microsoft Windows Media Center Remote Code Execution (MS15-134: CVE-2015-6131)
A flaw has been reported in Windows Media Center when parsing MCL files. This flaw could allow malicious users to execute arbitrary code on a target Windows system by enticing the victim to open a specially crafted Media Center file...
Microsoft Office Memory Corruption (MS15-131: CVE-2015-6124)
A Memory corruption vulnerability exists in Microsoft Word. The vulnerability is caused when Microsoft Word does not properly handle objects in memory while parsing specially crafted Office files. A remote attacker can exploit this issue by enticing a user to open a specially crafted Word file...
Microsoft Internet Explorer Memory Corruption (MS15-124: CVE-2015-6152)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...
Microsoft Internet Explorer XSS Filter Bypass (MS15-124: CVE-2015-6164)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...
Microsoft Outlook Embedded OLE Object (MS15-131: CVE-2015-6172)
A sandbox bypass vulnerability, known as BadWinMail, exists in Microsoft Outlook. The vulnerability is due to the support provided by Outlook for two file formats that are being parsed automatically by Outlook which does not run under a sandbox and has medium integrity level. A remote attacker ca...
Microsoft Internet Explorer Memory Corruption (MS15-124: CVE-2015-6141)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...
Microsoft Internet Explorer Memory Corruption (MS15-124: CVE-2015-6146)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...
Microsoft Internet Explorer Memory Corruption (MS15-124: CVE-2015-6143)
A use after free vulnerability exists in Microsoft Internet Explorer. The vulnerability is due to an error in manipulating CAttrArray objects. Successful exploitation could cause memory corruption in a way that would allow attackers to execute code on the target...
Microsoft Internet Explorer Use After Free Remote Code Execution (MS15-124: CVE-2015-6148)
A use after free vulnerability exists in Microsoft Internet Explorer. The vulnerability occurs when Internet Explorer attempts to retrieve the common ancestor for nodes that are already dead, resulting in dereferences to invalid pointers. A remote attacker can exploit this issue by enticing a...
Linux Shellcode Remote Code Execution
A remote code execution vulnerability has been reported in Linux. A remote attacker can exploit this issue by sending a specially crafted request to the victim. Successful exploitation would allow an attacker to execute arbitrary code on the target machine...
Labtam ProFTP Client Banner Buffer Overflow (CVE-2009-3976)
Labtam ProFTP is vulnerable to a buffer overflow, caused by improper bounds checking. A remote attacker could exploit this vulnerability via an overly long welcome message to overflow a buffer and execute arbitrary code on the system with elevated privileges or cause the service to crash...
WordPress PHP Movie Parameter Redirection
A website redirection vulnerability has been reported in WordPress. Successful exploitation of this vulnerability would allow a remote attacker to redirect the clients who access a WordPress website to an attacker-controlled page, and infect the client host...
Network Time Protocol Daemon Pidfile Driftfile Arbitrary File Overwrite (CVE-2015-7709)
An arbitrary file overwrite vulnerability exists in the Network Time Protocol daemon NTPD. The vulnerability is due to NTPD allowing remote clients to change the pidfile and driftfile configuration options to any arbitrary file, allowing any file on the target system to be overwritten. A remote,...
IBM Tivoli Storage Manager FastBack Server Opcode 1329 Directory Traversal (CVE-2015-1941)
A directory traversal vulnerability exists in IBM Tivoli Storage Manager FastBack Server. The vulnerability is due to insufficient input validation of parameters in opcode 1329 requests. A remote unauthenticated attacker could exploit this vulnerability by sending crafted requests to port...
WordPress W3 Total Cache and W3 Super Cache PHP Code Execution (CVE-2013-2010)
A remote code execution vulnerability has been reported in WordPress W3 Total and Super Cache Plugins. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary code on the affected system...
WordPress W3 Total Cache Security Credentials Hash Extract
A hash extract vulnerability has been reported in WordPress W3 Total Cache Plugin. Successful exploitation of this vulnerability would allow a remote attacker to obtain username and password hashes from affected WordPress servers...
AlienVault Unified Security Management av-forward Deserialization Remote Code Execution
A remote code execution vulnerability has been reported in AlienVault Unified Security Management, specifically the av-forward service. The vulnerability is due to deserialization of objects from untrusted sources. A remote unauthenticated attacker could exploit this vulnerability by sending a...
Dell Foundation Services Root Certificate Man-in-the-Middle Attack
A security bypass vulnerability exists in Dell Foundation Services, as a result of using an insecure certificate eDellRoot. Successful exploitation would allow attackers to decrypt and manipulate online traffic between other parties...
IBM WebSphere Application Server Commons-Collections Library Remote Code Execution (CVE-2015-7450)
A remote code execution vulnerability has been reported in IBM WebSphere Application Server. The vulnerability is due deserialization of untrusted data while having the vulnerable version of Apache Commons-Collections library in the code path. A remote, unauthenticated attacker can exploit this...
ManageEngine OpManager SubmitQuery IntegrationUser SQL Code Execution (CVE-2015-7765; CVE-2015-7766)
An SQL code execution vulnerability exists in ManageEngine OpManager. By sending crafted requests to an affected server, a remote attacker can exploit this vulnerability to execute arbitrary SQL commands with Administrator privileges which can further lead to arbitrary code execution in the...
Reprise License Manager edit_lf_process Directory Traversal
A directory traversal vulnerability exists in the Reprise License Manager. The vulnerability is due to insufficient input validation while processing HTTP requests to the "/goform/editlfprocess" URI. A remote unauthenticated attacker can leverage this vulnerability by sending crafted HTTP request...