13538 matches found
Novell GroupWise WebAccess Cross-Site Scripting (CVE-2014-0611)
A cross-site scripting vulnerability exists in Novell GroupWise WebAccess. The vulnerability is due to lack of input validation when handling email attachments. A remote, unauthenticated attacker can exploit this vulnerability by enticing a target user to view crafted web content. A successful...
Adobe Flash Player Use After Free Remote Code Execution (APSB15-16: CVE-2015-3132)
A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially craft...
Adobe Acrobat and Reader Memory Corruption (APSB15-15: CVE-2015-5104)
A memory corruption vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a corrupted PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...
Adobe Acrobat and Reader Memory Corruption (APSB15-15: CVE-2015-5103)
A memory corruption vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a corrupted PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...
Adobe Flash Player Type Confusion (APSB15-16: CVE-2015-3120)
A type confusion vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file with an...
Adobe Acrobat and Reader Use-After-Free (APSB15-15: CVE-2015-5111; CVE-2015-5113)
A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...
Adobe Flash Player Memory Corruption (APSB15-16: CVE-2015-3130)
A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...
Adobe Acrobat and Reader Integer Overflow (APSB15-15: CVE-2015-5097)
An integer overflow vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Acrobat while parsing a specially crafted TIFF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted TIFF file...
Adobe Reader Memory Corruption (APSB15-15: CVE-2015-5100)
A memory corruption vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...
Adobe Acrobat And Reader Use-After-Free (APSB15-15: CVE-2015-5099)
A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...
Adobe Acrobat and Reader Memory Corruption (APSB15-15: CVE-2015-5101)
A memory corruption vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a corrupted PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...
Oracle Data Quality Trillium Based SetEntities Type Confusion (CVE-2015-0444)
A remote code execution vulnerability exists in Oracle Data Quality TSS12.LoaderWizard.lwctrl ActiveX control. The vulnerability is due to a type confusion when handling data passed to SetEntities. A remote attacker can exploit this vulnerability by enticing a user to access a maliciously crafted...
Adobe Acrobat and Reader Stack Underflow (APSB15-15: CVE-2015-5098)
A stack underflow vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to incorrect memory buffer allocation while parsing a corrupted EMF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted EMF file...
Adobe Acrobat and Reader Memory Corruption (APSB15-15: CVE-2015-5102)
A remote code execution vulnerability has been reported in Adobe Acrobat and Reader. The vulnerability is due to a use-after-free error in Adobe Reader and Acrobat while handling a specially crafted PDF file. A remote attacker can exploit this vulnerability by enticing a target user to open a...
Adobe Acrobat and Reader Use-After-Free Remote Code Execution (APSB15-15: CVE-2015-5095)
A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...
Adobe Acrobat And Reader JavaScript API code execution (APSB15-15: CVE-2015-5086)
A Restrictions Bypass Privileged JavaScript API Execution Vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to the use of trusted function which provides certain privileges that allows overwriting objects. A remote attacker can exploit this vulnerability by enticing the...
Adobe Acrobat and Reader Buffer Overflow (APSB15-15: CVE-2015-5093)
A buffer overflow vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to incorrect memory buffer allocation while parsing a corrupted PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...
Adobe Acrobat and Reader Memory Corruption (APSB15-15: CVE-2015-5094)
A memory corruption vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a corrupted PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...
GNU wget FTP Remote File Creation (CVE-2014-4877)
An input validation error exists in wget. The vulnerability can occur when wget retrieves files or directories over FTP that are or that contain symlinks. A remote attacker can exploit this vulnerability by creating a crafted FTP directory listing on a server and enticing a user to open the FTP...
ISC BIND Invalid TKEY Query Denial Of Service (CVE-2015-5477; CVE-2020-8625)
A denial of service vulnerability has been reported in ISC BIND DNS servers. The vulnerability is due to the way that the DNS server improperly handles invalid TKEY resource records. A remote attacker may exploit this issue by sending a specially crafted DNS query to a DNS server. Successful...
Multiple OS Malicious Shellcode Remote Code Execution
Numerous shellcodes exist that aim at exploiting remote machines, in order to take control over them or run malicious code. The download or transfer of these payloads might indicate an attack is underway...
Suspicious JavaScript Web Redirection
The page contains suspiciously obfuscated web redirection...
Angler Exploit Kit Landing Page Patterns
Angler exploit kit is a web exploit kit that operates by delivering malicious payload to the victim's computer. Remote attackers can infect users with Angler exploit kit by enticing them to visit a malicious web page. Successful infection will allow the attacker to perform Remote Code Execution o...
Adobe Acrobat and Reader Memory Corruption (APSB15-15: CVE-2015-5087)
A memory corruption vulnerability has been reported in Adobe Acrobat and Reader. The vulnerability is due to an error while loading a PDF containing a malicious JavaScript code. A remote attacker may exploit this issue by enticing a target user to open a malicious PDF file with an affected versio...
Adobe Acrobat and Reader Security Bypass (APSB15-15: CVE-2015-4447)
A security bypass vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a specially crafted PDF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted PDF file...
Adobe Acrobat and Reader Use After Free Code Execution (APSB15-15: CVE-2015-4448)
A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...
WordPress Comment SQL Injection (CVE-2015-2213)
An SQL injection vulnerability has been reported in WordPress Comments. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
WordPress post Request Privilege Escalation (CVE-2015-2212; CVE-2015-5623)
A privilege escalation vulnerability has been found in WordPress Post Request. An authenticated remote attacker may leverage this vulnerability to gain access From Subscriber to certain Editor capabilities of the vulnerable server...
ClamAV UPX File Handling Integer Overflow (CVE-2015-2170)
An integer overflow vulnerability exists in ClamAV Antivirus software. The vulnerability is due to an error in "upx.c" while parsing UPX-packed executable files. A remote attacker could exploit this vulnerability to cause a denial of service condition on the target system...
Adobe Flash Player Same Origin Policy Bypass (APSB15-16: CVE-2014-0578)
A security bypass vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...
Potentially Malicious Web Site
Some Web sites include heavily-obfuscated JavaScript code, hidden redirection iframe, and other methods to cause unintended browser behavior. This protection blocks such potentially-malicious code from being downloaded to the user's browser...
Adobe Flash Player Use After Free Remote Code Execution (APSB15-16: CVE-2015-3127; CVE-2015-3131)
A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially craft...
Adobe Flash Use After Free Code Execution (APSB15-16: CVE-2015-3128; CVE-2015-3136; CVE-2015-3137; CVE-2015-4428)
A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially craft...
PHP Multiple Function Stack Buffer Overflow (CVE-2015-3329; CVE-2016-10159)
A buffer overflow vulnerability exists in PHP. The vulnerability is due to improper bounds checking when handling .tar, .phar or .zip archives in the pharsetinode function or pharparsepharfile function. A remote attacker can exploit this vulnerability by providing a crafted .tar or .phar file to ...
IBM Lotus Notes Attachment Viewer UUE File Handling Buffer Overflow - ver 2 (CVE-2005-2618)
Lotus Notes is a client-server collaborative software and email system provided by IBM. The Lotus Notes email client application is capable of communicating with email servers over the SMTP, POP and IMAP protocols. There exists a buffer overflow vulnerability in IBM Lotus Notes Attachment Viewer...
Microsoft Office Remote Code Execution (MS15-059: CVE-2015-1759)
A remote code execution vulnerability exists in Microsoft Office. The vulnerability is due to improper handling of objects in memory while parsing a specially crafted Office file. A remote attacker could exploit this vulnerability by enticing the target user to open a specially crafted Office fil...
Microsoft Office Remote Code Execution (MS15-059: CVE-2015-1760)
A remote code execution vulnerability exists in Microsoft Office. The vulnerability is due to improper handling of objects in memory while parsing a specially crafted Office file. A remote attacker could exploit this vulnerability by enticing the target user to open a specially crafted Office fil...
Adobe Flash Player Type Confusion (APSB15-16: CVE-2015-3121)
A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a type confusion condition while handling a malformed SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file. Successful...
Fiesta Exploit Kit Landing Page
Fiesta is an exploit kit used by attackers targeting computer users. Remote attackers can infect users with Fiesta by enticing them to visit a malicious landing page...
cURL and libcurl Cookie Path Parsing Remote Code Execution (CVE-2015-3145)
A heap buffer underflow vulnerability exists in cURL and libcurl. The vulnerability is due error when parsing a cookie path in an HTTP response. A remote, unauthenticated attackers can exploit this vulnerability by enticing user to perform a cURL on a crafted URL or provide malicious HTTP respons...
Samsung Security Manager ActiveMQ Broker Service Multiple Vulnerabilities (CVE-2015-1499)
Multiple policy bypass vulnerabilities have been reported in Samsung Security Manager. The vulnerabilities are due to the permitting of unauthenticated PUT, MOVE and DELETE requests on the server. A remote unauthenticated attacker could exploit this vulnerability by sending a PUT, MOVE or DELETE...
Microsoft Windows Media Player Remote Code Execution (MS15-057; CVE-2015-1728)
A remote code execution vulnerability has been reported in Microsoft Windows Media Player. The vulnerability is due to an error in Microsoft Windows Media Player while handling specially crafted DataObjects. A remote attacker could trigger this flaw by convincing a victim to open a specially...
Adobe Flash Player Type Confusion (APSB15-16: CVE-2015-3119)
A type confusion vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file with an...
PHP phar_parse_tarfile method Integer Overflow (CVE-2015-4021)
An integer overflow vulnerability exists in PHP. The vulnerability is due to an issue with the parsing of TAR files by pharparsetarfile. A remote attacker can exploit the vulnerability by sending crafted data to a web application running a vulnerable version of PHP. Successful exploitation could...
Microsoft Windows ATMFD Font Driver Kernel Pool Overflow (MS15-078: CVE-2015-2426)
A flaw has been discovered in Microsoft Windows OTF files. Successful exploitation could lead to a kernel pool overflow when a system attempt to copy data results in memory corruption...
Panasonic Security API SDK MulticastAddr Stack Buffer Overflow (CVE-2015-4648)
A buffer overflow vulnerability exists in Panasonic Security API SDK, Ipropsapi.ipropsapiCtrl.1 ActiveX Control component. The vulnerability is due to a lack of boundary checks on a parameter passed to the MulticastAddr method. A remote attacker can exploit this vulnerability by enticing the vict...
Adobe Flash Player Memory Corruption (APSB15-16: CVE-2015-3117)
A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...
Adobe Flash Use After Free Code Execution (APSB15-16: CVE-2015-3118)
A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially craft...
HP LoadRunner launcher.dll Stack Buffer Overflow (CVE-2015-2110)
A stack buffer overflow vulnerability exists in HP LoadRunner. The vulnerability is due to insufficient validation of a length value in SSL communication with the HP LoadRunner. A remote unauthenticated attacker can exploit this vulnerability by sending a specially crafted request to the vulnerab...
WebUI mainfile.php Arbitrary Command Injection
An arbitrary command injection vulnerability exists in WebUI. The vulnerability is due to insufficient validation of multiple parameters in "mainfile.php" when handling HTTP requests. A remote, authenticated attacker can exploit this vulnerability by sending maliciously crafted input to the...