13538 matches found
DIY-CMS blog mod SQL Injection (CVE-2011-5140)
An SQL injection vulnerability has been reported in DIY-CMS blog mod. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
PhpGedView File Inclusion and PHP Code Injection Vulnerabilities (CVE-2011-0405)
PhpGedView is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and to execute arbitrary local scripts in the context of the webserver process...
Adobe Flash Player Memory Corruption (APSB15-19: CVE-2015-5126)
A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...
Google Android Stagefright 3GPP Integer Underflow (CVE-2015-3828)
A remote code execution vulnerability, known as Stagefright Vulnerability, has been reported in Android devices core. The vulnerability is due to an integer underflow condition in multiple MP4 atoms. Successful exploitation would allow an attacker to execute arbitrary code on the target system...
Google Android Stagefright 3GPP Metadata Buffer Overread (CVE-2015-3826)
A denial of service vulnerability ,known as Stagefright Vulnerability, has been reported in Android devices core. The vulnerability is due to a buffer overread in 3GPP Metadata. Successful exploitation could result in a denial of service condition...
Google Android Stagefright MP4 Multiple Atoms Integer Underflow (CVE-2015-1539; CVE-2015-3827)
A remote code execution vulnerability, known as Stagefright Vulnerability, has been reported in Android devices core. The vulnerability is due to an integer underflow condition in multiple MP4 atoms. Successful exploitation would allow an attacker to execute arbitrary code on the target system...
Adobe Flash Player Use After Free Code Execution (APSB15-19: CVE-2015-3107; CVE-2015-5565)
A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error while loading specially crafted SWF files. A remote attacker can exploit this issue by enticing the victim to open a specially crafted SWF file...
Google Android Stagefright MP4 Multiple Atoms Integer Overflow (CVE-2015-1538; CVE-2015-3824; CVE-2015-3829; CVE-2015-3864)
A remote code execution vulnerability, known as Stagefright Vulnerability, has been reported in Android devices core. The vulnerability is due to an integer overflow condition in multiple MP4 atoms. Successful exploitation would allow an attacker to execute arbitrary code on the target or to crea...
Adobe Flash Use After Free Code Execution (APSB15-19: CVE-2015-5130)
A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially craft...
Adobe Flash Player Security Bypass (APSB15-19: CVE-2015-5125)
A security bypass vulnerability has been reported in Adobe Flash Player. The vulnerability is due to insufficient security restrictions while handling specially crafted SWF files. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file using...
Turnkey Web Tools PHP Live Helper 1.8 Remote File Inclusion (CVE-2006-1477)
A file inclusion vulnerability has been reported in Turnkey Web Tools PHP Live Helper. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Tembria Server Monitor Denial of Service (CVE-2010-1316)
A buffer overflow vulnerability has been reported in Tembria Server Monitor. The vulnerability is due to unknown function of the file index.asp. The manipulation with an unknown input leads to a buffer overflow vulnerability...
Microsoft Office Memory Corruption (MS15-081: CVE-2015-2477)
A remote code execution vulnerability exists in Microsoft Office. The vulnerability is caused when the Office software fails to properly validate templates. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file...
Microsoft Internet Explorer Information Disclosure (MS15-079: CVE-2015-2423)
An information disclosure vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in Microsoft Internet Explorer while handling unsafe command line parameters. A remote attacker can exploit this issue by enticing a user to open a specially crafted...
Microsoft Graphics Component Remote Code Execution (MS15-080: CVE-2015-2458)
Remote code execution vulnerabilities exist in Microsoft Windows. The vulnerability is due to an error in the way Microsoft Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts. A remote attacker can exploit this issue by enticing a victim to open a specially...
Microsoft Graphics Component Remote Code Execution (MS15-080: CVE-2015-2432)
Remote code execution vulnerabilities exist in Microsoft Windows Graphics Component. The vulnerability is due to an error in the way Microsoft Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts. A remote attacker can exploit this issue by enticing a victim to...
Microsoft Office Memory Corruption (MS15-081: CVE-2015-2469)
A remote code execution vulnerability exists in Microsoft Office. The vulnerability is due to an error in handling of an uninitialized or deleted object. A remote attacker can exploit this issue by enticing a victim to open a specially crafted office file...
Microsoft Graphics Component Remote Code Execution (MS15-080: CVE-2015-2462)
A remote code execution vulnerability has been reported in Windows Graphics Component. The vulnerability is due to the way Windows components handle specially crafted TTF files. A remote attacker can exploit this issue by enticing a user to view TTF files in shared content...
Microsoft Graphics Component Remote Code Execution (MS15-080: CVE-2015-2463)
A remote code execution vulnerability has been reported in Windows Graphics Component. The vulnerability is due to the way Windows components handle specially crafted TTF files. A remote attacker can exploit this issue by enticing a user to view TTF files in shared content...
Microsoft Graphics Component Remote Code Execution (MS15-080: CVE-2015-2461)
A remote code execution vulnerability has been reported in Windows Graphics Component. The vulnerability is due to the way Windows components handle specially crafted OTF files. A remote attacker can exploit this issue by enticing a user to view OTF files in shared content...
Microsoft Office Integer Underflow (MS15-081: CVE-2015-2470)
A remote code execution vulnerability exists in Microsoft Office. The vulnerability is caused when the Office software improperly handles objects in memory while parsing specially crafted Office files. A remote attacker can exploit this issue by enticing a user to open a specially crafted office...
Microsoft Internet Explorer Memory Corruption (MS15-079: CVE-2015-2442)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...
Microsoft Graphics Component Remote Code Execution (MS15-080: CVE-2015-2435)
A remote code execution vulnerability has been reported in Windows Graphics Component. The vulnerability is due to the way Windows components handle specially crafted TTF files. A remote attacker can exploit this issue by enticing a user to open a maliciously crafted TTF file...
Microsoft Internet Explorer Memory Corruption (MS15-079: CVE-2015-2443)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory. A remote attacker can exploit this issue by enticing a victim to view a specially crafted website with an affecte...
Microsoft Internet Explorer Memory Corruption (MS15-079: CVE-2015-2446)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in memory allocation while handling certain JavaScript objects. A remote attacker can exploit this issue by enticing a victim to view a specially crafted website with an...
Microsoft Internet Explorer Memory Corruption (MS15-079: CVE-2015-2448)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...
Microsoft Office Memory Corruption (MS15-081: CVE-2015-2468)
A remote code execution vulnerability exists in Microsoft Office. The vulnerability is due to an error in the way Microsoft Office improperly handles objects in memory while parsing specially crafted files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted...
Microsoft Internet Explorer Memory Corruption (MS15-079: CVE-2015-2444)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...
Microsoft Office Graphics Component Remote Code Execution (MS15-080: CVE-2015-2431)
A remote code execution vulnerability exists in Microsoft Office. The vulnerability is due to an error in the way Microsoft Office improperly handles objects in memory while parsing specially crafted files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted...
Microsoft Office Component Use After Free (MS15-081: CVE-2015-1642)
A remote code execution vulnerability has been reported in Microsoft Office. The vulnerability is due to an error in the way Microsoft Office improperly handles objects in memory while parsing specially crafted Office files. A remote attacker can exploit this issue by enticing a user to open a...
Microsoft Windows OpenType Font Parsing Remote Code Execution (MS15-080: CVE-2015-2459)
A remote code execution vulnerability has been reported in Microsoft Windows. The vulnerability is due to an error in the way the OpenType Font OTF driver handles objects in memory. A remote attacker can exploit this issue by enticing a target user to open a specially crafted .otf file or web pag...
Microsoft Internet Explorer Memory Corruption (MS15-079: CVE-2015-2450)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...
Microsoft Office Memory Corruption (MS15-081: CVE-2015-2467)
A remote code execution vulnerability exists in Microsoft Office. The vulnerability is due to an error in the way Microsoft Office improperly handles objects in memory while parsing specially crafted files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted...
Microsoft Internet Explorer Memory Corruption (MS15-079: CVE-2015-2452)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...
Microsoft Graphics Component Remote Code Execution (MS15-080: CVE-2015-2455)
A remote code execution vulnerability has been reported in Microsoft Windows Graphics Component. The vulnerability is due to the way Windows components handle specially crafted TTF files. A remote attacker can exploit this issue by enticing a user to view TTF files in shared content...
Microsoft Graphics Component Remote Code Execution (MS15-080: CVE-2015-2464)
A remote code execution vulnerability has been reported in Windows Graphics Component. The vulnerability is due to the way Windows components handle specially crafted TTF files. A remote attacker can exploit this issue by enticing a user to view TTF files in shared content...
Microsoft Internet Explorer Memory Corruption (MS15-079: CVE-2015-2451)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...
Microsoft Graphics Component Remote Code Execution (MS15-080:CVE-2015-2456)
A remote code execution vulnerability has been reported in Windows Graphics Component. The vulnerability is due to the way Windows components handle specially crafted TTF files. A remote attacker can exploit this issue by enticing a user to view TFF files in shared content...
Microsoft Windows OpenType Font Parsing Remote Code Execution (MS15-080: CVE-2015-2460)
A remote code execution vulnerability has been reported in Microsoft Windows. The vulnerability is due to an error in the way the OpenType Font OTF driver handles objects in memory. A remote attacker can exploit this issue by enticing a target user to open a specially crafted web page or email...
Microsoft Windows Kernel Bitmap Handling Use After Free (MS15-061: CVE-2015-1722)
Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges and corrupt kernel memory...
Belkin Wireless Router Security Authentication Bypass (CVE-2008-1244)
An authentication bypass vulnerability exists in Belkin routers firmware. The vulnerability is due to the executable "/cgi-bin/setupdns.exe" which does not require authentication. This allows remote attackers to perform administrative actions without authentication...
TP-LINK WR1043N Multiple Cross-Site Request Forgery (CVE-2013-2645)
Multiple cross-site request forgery CSRF vulnerabilities on the TP-LINK WR1043N router with firmware TL-WR1043NDV1120405 allow remote attackers to hijack the authentication of administrators for requests...
Adobe Flash Player Type Confusion (APSB15-16: CVE-2015-3122)
A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a type confusion condition while handling a malformed SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file. Successful...
Adobe Acrobat and Reader Information Disclosure (APSB15-15: CVE-2014-8450)
An Information Disclosure vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to the support of PDF standard in GotoE and GotoR actions that can be used to navigate to either an embedded resource GotoE or external resource GotoR without user interaction. Attacker...
ManageEngine Multiple Products Multiple SQL Injections (CVE-2014-7868)
An SQL injection vulnerability exists in ManageEngine OpManager, Social IT Plus and IT360. The vulnerability is due to insufficient input validation of the OPMBVNAME parameter when processing requests using the APMBVHandler servlet. A remote attacker can exploit this vulnerability to inject and...
Mozilla Firefox Same Origin Violation And Local File Access (2015-78; CVE-2015-4495)
Same origin violation and local file access vulnerability has been reported in Mozilla Firefox. The vulnerability is due to the mechanism that enforces JavaScript context separation and Firefox's PDF Viewer. Successful exploitation of this vulnerability could allow an attacker to read and obtain...
D-Link DIR-636L Remote Command Injection and Authentication Bypass (CVE-2015-1187)
Remote command injection and authentication bypass vulnerabilities exist in D-Link routers. The vulnerabilities are due to incorrectly filtering input on the 'ping' and 'fwupgrade' tools which allows to inject arbitrary commands into the router and file upload without authentication. A remote...
Adobe Flash Player Memory Corruption (APSB15-16: CVE-2015-3134)
A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted FLV file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted FLV file...
SolarWinds Storage Manager AuthenticationFilter Policy Bypass
A policy bypass vulnerability has been reported in SolarWinds Storage Manager. The vulnerability is due to an issue where the AuthenticationFilter class fails to properly authenticate users prior to processing requests.A remote unauthenticated user can exploit this vulnerability by sending a...
Adobe Flash Use After Free Code Execution (APSB15-16: CVE-2015-3124)
A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially craft...