13538 matches found
Microsoft Edge security bypass (MS15-094: CVE-2015-2484)
A tampering vulnerability has been reported in Microsoft Edge. The vulnerability is due to improper misuse of the COM interface. A remote attacker can exploit this issue by enticing a user to open a specially crafted web-page with an affected version of Edge...
Microsoft Windows Media Center Remote Code Execution (MS15-100: CVE-2015-2509)
A flaw has been reported in Windows Media Center when parsing MCL files. This flaw could allow malicious users to execute arbitrary code on a target Windows system by enticing the victim to open a specially crafted Media Center file...
Revived Wire Media PHP File Manager Username Backdoor
An attacker might use a backdoor which exists in PHP File Manager's user database. A successful exploitation might allow the attacker to create an administrator user on vulnerable installations or to run arbitrary code...
Microsoft Internet Explorer Memory Corruption (MS15-094: CVE-2015-2498)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory. A remote attacker can exploit this issue by enticing a victim to view a specially crafted website with an affecte...
Microsoft Internet Explorer Memory Corruption (MS15-094: CVE-2015-2485)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to the way Internet Explorer handle element identifiers since it fails to detect a specific failure case which can be abused to corrupt arbitrary memory. A remote attacker can exploit...
Microsoft Internet Explorer Memory Corruption (MS15-094: CVE-2015-2487)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...
Microsoft Internet Explorer Memory Corruption (MS15-094: CVE-2015-2486)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory . A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page...
Microsoft Internet Explorer Memory Corruption (MS15-094: CVE-2015-2499)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer dealing with an object that can cause an out-of-bound memory access. A remote attacker can exploit this issue by enticing a user to open a...
Microsoft Internet Explorer Information Disclosure (MS15-094: CVE-2015-2483)
An information disclosure vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in Microsoft Internet Explorer while handling unsafe command line parameters. A remote attacker can exploit this issue by enticing a user to open a specially crafted...
Microsoft Windows OpenType Font Parsing Denial Of Service (MS15-097: CVE-2015-2506)
A denial of service vulnerability exists in Microsoft Windows. The vulnerability is caused when the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts. A remote attacker can exploit this issue by enticing a target user to open a specially crafted file...
Microsoft Internet Explorer Memory Corruption (MS15-094: CVE-2015-2493)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...
Microsoft Windows Journal Remote Code Execution (MS15-098: CVE-2015-2513)
A remote code execution vulnerability has been reported in Microsoft Windows Journal. The vulnerability is due to the way Windows Journal processes specially crafted jnt files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted jnt file...
Matt Wright FormMail Multiple cross-site scripting (XSS) vulnerabilities (CVE-2009-1776; CVE-2009-1777)
FormMail is prone to an HTTP-response-splitting vulnerability and multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user, steal...
Ajax File Browser settings.inc.php File Inclusion (CVE-2007-4921)
A remote file inclusion vulnerability has been reported in Ajax File Browser. The vulnerability is due to lack of sanitization for user-supplied data. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected systems...
Form Mail Script Formmail.inc.php File Inclusion (CVE-2005-0678)
A PHP remote file inclusion vulnerability has been reported in Form Mail Script. A remote attacker could trigger this flaw by executing an arbitrary PHP code after modifying the scriptroot to reference a URL on a remote web server that contains the code...
Microsoft Edge Memory Corruption (MS15-094: CVE-2015-2488; CVE-2015-2488)
A remote code execution vulnerability has been reported in Microsoft Edge. The vulnerability is due to an error in the way that Microsoft Edge accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a user to open a...
WordPress All-in-One Migration Plugin Export
An unauthenticated download vulnerability has been reported in WordPress All-in-One Migration Plugin. Successful exploitation of this vulnerability would allow a remote attacker to receive the affected system's database...
Tropicalm Crowell Resource RESPATH File Inclusion (CVE-2007-2530)
A remote file inclusion vulnerability has been reported in Tropicalm Crowell Resource. The vulnerability is due to lack of sanitization for user-supplied data. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected systems...
WordPress Theme Photocrati SQL Injection (CVE-2015-2216)
An SQL injection has been reported in WordPress Theme Photocrati. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
Focus SIS staticpath File Inclusion (CVE-2007-4807)
A remote file inclusion vulnerability has been reported in Focus SIS. The vulnerability is due to lack of sanitization for user-supplied data. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected systems...
Malicious Mail Payload Containing JavaScript Downloader
Certain malicious executable files can be hidden using js downloader file. A remote attacker could exploit this vulnerability to entice unsuspecting users to execute arbitrary files...
Nmap Scripting Engine Scanner Over HTTP Request
Nmap Scripting Engine is a vulnerability scanning product. Remote attackers can use Nmap Scripting Engine to detect vulnerabilities on a target server...
AjaxPortal di.php File Inclusion (CVE-2009-2262)
A remote file inclusion vulnerability has been reported in AjaxPortal. The vulnerability is caused due to improper handling of crafted URL using the "pathtoserverdata" parameter. Successful exploitation will let the remote attacker to execute arbitrary PHP code...
Muieblackcat PHP Scanner
Muieblackcat is a vulnerability scanning product. Remote attackers can use Muieblackcat to detect vulnerabilities on a target server...
FTP ftpchk3.php File Upload
A file upload vulnerability has been reported in FTP servers. The uploaded file is ftpchk3.php which contains a virus. This virus changes all web files, PHP, HTML, Javascript and TPL files in CMS systems to add a malicious script into the site. Successful exploitation of this vulnerability could...
Mozilla Products Malformed GIF Buffer Overflow (CVE-2005-0399)
A vulnerability exists in the way Mozilla products parse certain extension blocks in GIF image files. A specially crafted value can trigger a heap-based buffer overflow. An attacker can exploit this flaw to execute arbitrary code on the target with the privileges of the currently logged in user...
NetIQ Security Solutions for ISeries SafeShellExecute Stack Buffer Overflow (CVE-2015-0795)
A vulnerability has been reported in NetIQ Security Solutions for ISeries. The vulnerability is due to a stack buffer overflow in the NetIQExecObject.NetIQExec ActiveX Control when processing parameters to the SafeShellExecute function. A remote attacker can exploit this vulnerability by enticing...
WordPress Business Intelligence Lite Plugin SQL Injection
An SQL injection vulnerability has been reported in WordPress Business Intelligence Lite Plugin. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
Adobe Flash Player Buffer Overflow (APSB15-19: CVE-2015-5132)
A buffer overflow vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...
Adobe Acrobat Reader Cross-Site Scripting (APSB15-15 : CVE-2015-5092)
A cross site vulnerability has been discover in Adobe Reader and Acrobat. A remote attacker could trigger this issue via a specially crafted HTTP request. Successful exploitation will allow the attacker to execute a cross-site scripting attack...
Adobe Flash Player Memory Corruption (APSB15-19: CVE-2015-5548)
A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue and lead to code execution...
Adobe Acrobat And Reader JavaScript API code execution (APSB15-15: CVE-2015-5085)
A Restrictions Bypass Privileged JavaScript API Execution Vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to the use of trusted function which provides certain privileges that allows overwriting objects. A remote attacker can exploit this vulnerability by enticing the...
Adobe Acrobat and Reader Integer Overflow (APSB15-15: CVE-2015-5108)
An integer overflow vulnerability has been reported in Adobe Acrobat and Reader. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a specially crafted PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF...
Adobe Acrobat and Reader Memory Leak (APSB15-15: CVE-2015-5107)
A memory leak vulnerability has been reported in Adobe Reader. The vulnerability is due to an error in Adobe Reader while handling specially crafted PDF files. A remote attacker can exploit this issue by enticing a target user to open a malicious website containing a specially crafted PDF file...
Adobe Reader and Acrobat Security Bypass (APSB15-15: CVE-2015-4449)
A Security Bypass vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a corrupted file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted file...
Adobe Acrobat and Reader Integer Overflow (APSB15-15: CVE-2015-5109)
An integer overflow vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Acrobat while parsing a specially crafted pdf file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted pdf file...
PHPInfo Large Input Cross-Site Scripting (CVE-2006-0996)
PHP is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site...
Mitsubishi MX Component v3 ActiveX Buffer Overflow (CVE-2013-3075)
A code execution vulnerability has been reported in Mitsubishi's MX PLC component. The vulnerability is due to insufficient validation of input by several functions. A remote attacker can exploit this vulnerability by enticing a user to visit a maliciously crafted website. This can lead to code...
Adobe Acrobat and Reader Denial of Service (APSB15-15: CVE-2015-5091)
A denial of service vulnerability has been reported in Adobe Acrobat and Reader. The vulnerability is due to invalid data. A remote attacker can exploit this issue by enticing a target user to open a specially crafted file...
Adobe Acrobat and Reader Memory Corruption (APSB15-15: CVE-2015-5105)
A memory corruption vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while converting a PCX file to PDF. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PCX file wit...
Adobe Acrobat and Reader Security Bypass (APSB15-15: CVE-2015-5089)
A security bypass vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a specially crafted PDF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted PDF file...
IBM Lotus Domino BMP Color Palette Stack Buffer Overflow (CVE-2015-1903)
A stack buffer overflow vulnerability has been reported in IBM Lotus Domino. The vulnerability is due to improper bounds checking while parsing a BMP image with an overly large color palette. A remote attacker could trigger this flaw by sending a specially crafted BMP file...
Adobe Reader and Acrobat JavaScript bypass security restrictions (APSB15-15 : CVE-2015-4451)
A remote code execution vulnerability has been reported in Adobe Acrobat and Reader. The vulnerability is due to the way Adobe Reader handles certain API functions, that could lead to bypass restrictions. A remote attacker can exploit this issue by enticing a target user to open a specially craft...
Adobe Acrobat And Reader JavaScript API Code Execution (APSB15-15: CVE-2015-4452)
A Restrictions Bypass Privileged JavaScript API Execution Vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to the use of trusted function which provides certain privileges that allows overwriting objects. A remote attacker can exploit this vulnerability by enticing the...
Adobe Flash Player Type Confusion (APSB15-19: CVE-2015-5562)
A type confusion vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file with an...
Adobe Flash Use After Free Code Execution (APSB15-19: CVE-2015-5551)
A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially craft...
Adobe Flash Player Type Confusion (APSB15-19: CVE-2015-5554)
A type confusion vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file with an...
Adobe Flash Player Memory Corruption (APSB15-19: CVE-2015-5564)
A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially craft...
Adobe Acrobat And Reader JavaScript API Code Execution (APSB15-15: CVE-2015-4435)
A Restrictions Bypass Privileged JavaScript API Execution Vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to the use of trusted function which provides certain privileges that allows overwriting objects. A remote attacker can exploit this vulnerability by enticing the...
Adobe Acrobat and Reader Security Bypass (APSB15-15: CVE-2015-5090)
A security bypass vulnerability has been reported in Adobe Acrobat and Reader. The vulnerability is due to an error in Adobe Acrobat and Reader while parsing a corrupted file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file...