13538 matches found
Adobe Acrobat And Reader Use-After-Free (APSB14-28: CVE-2014-8455)
A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...
Adobe Reader Memory Corruption (APSB14-28: CVE-2014-8460) - ver 2
Adobe Reader is vulnerable to a buffer overflow while parsing the font data. The access violation occurs because the number of subroutines for the embedded font is larger than the size of the subroutine array which leads to a crash...
Morfeus Security Scanner
Morfeus is a vulnerability scanning product. Remote attackers can use Morfeus to detect vulnerabilities on a target server...
Adobe Flash Player Use After Free Code Execution (APSB14-27: CVE-2014-8443)
A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error while loading specially crafted SWF files. A remote attacker can exploit this issue by enticing the victim to open a specially crafted SWF file...
Web Clients Cookie Arbitrary Website Redirection
An unsolicited redirection vulnerability has been reported. The vulnerability is due to a design flaw which allows attackers to redirect users to arbitrary websites...
Adobe Acrobat And Reader Use-After-Free (APSB14-28: CVE-2014-9165)
A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file. Successful exploitatio...
Adobe Flash Player Improper File Validation (APSB15-01: CVE-2015-0301)
An improper file validation issue has been reported in Adobe Flash Player. The vulnerability occurs when the Flash Broker application allows malicious dlls or exes files to be written to one of the whitelisted directories. such a malicious dll dropped in these directories could be used to deliver...
GD Graphics Library PNG Buffer Overflow (CVE-2004-0941)
There is a vulnerability in the way GD Graphics Library parses PNG image files. A malicious file with specially crafted fields can trigger a heap-based buffer overflow. An attacker can exploit this vulnerability to create a denial of service condition or execute arbitrary code...
Microsoft Windows Media Player ASX Playlist Parsing Buffer Overflow - ver 2 (CVE-2006-6134)
A buffer overflow vulnerability has been reported in Microsoft Windows Media Player. The vulnerability is due to a buffer overflow error when processing malformed ASX file. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Multiple Web Servers Archived Link Information Disclosure
An information disclosure vulnerability has been reported in some Linux servers. By uploading a specially crafted compressed archive file a remote attacker may leverage this vulnerability to gain access to sensitive information. Successful exploitation will allow the attacker to gain access to...
Adobe Reader Javascript API Information Disclosure (APSB14-28: CVE-2014-8448)
An information disclosure vulnerability has been reported in Adobe Reader. The vulnerability is due to an error in the way Adobe Reader handles specially crafted PDF files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted PDF file...
OpenSSL Ephemeral ECDH Cipher Suite Handshake Downgrade (CVE-2014-3572)
A vulnerability has been detected in the way OpenSSL handles TLS handshakes involving certain cipher suites. An attacker might leverage this vulnerability to impersonate a server and intercept secure communications...
Netscape NSS Library Record Parsing Buffer Overflow (CVE-2004-0826)
A vulnerability exists in Netscape Network Security Services NSS library's SSLv2 message parsing routines...
WordPress VideoWhisper Live Streaming Integration Plugin Unrestricted File Upload (CVE-2014-1905)
An unauthorized file upload vulnerability has been reported in VideoWhisper Live Streaming Integration plugin for WordPress. A remote attacker could exploit this vulnerability by uploading a file to a server running the vulnerable application. Successful exploitation of this vulnerability could...
Magnitude Exploit Kit Landing Page
Magnitude exploit kit is a web exploit kit that operates by delivering malicious payload to the victim's computer. Remote attackers can infect users with Magnitude exploit kit by enticing them to visit a malicious web page. Successful infection will allow the attacker to perform Remote Code...
Astrum Exploit Kit Landing Page
Astrum exploit kit is a web exploit kit that operates by delivering malicious payload to the victim's computer. Remote attackers can infect users with Astrum exploit kit by enticing them to visit a malicious web page. Successful infection will allow the attacker to perform Remote Code Execution o...
Gondad Exploit Kit Landing Page
Gondad exploit kit is a web exploit kit that operates by delivering malicious payload to the victim's computer. Remote attackers can infect users with Gondad exploit kit by enticing them to visit a malicious web page. Successful infection will compromise the security of all data on the victim's...
Angler Exploit Kit Landing Page - Ver 2
Angler exploit kit is a web exploit kit that operates by delivering malicious payload to the victim's computer. Remote attackers can infect users with Angler exploit kit by enticing them to visit a malicious web page. Successful infection will allow the attacker to perform Remote Code Execution o...
Sweet Orange Exploit Kit Landing Page
Sweet Orange exploit kit is a web exploit kit that operates by delivering malicious payload to the victim's computer. Remote attackers can infect users with Sweet Orange exploit kit by enticing them to visit a malicious web page. Successful infection will allow the attacker to perform Remote Code...
Creative Software AutoUpdate Engine CTSUEng.ocx ActiveX Control Buffer Overflow (CVE-2008-0955)
A remote code execution vulnerability has been reported inCreative Software AutoUpdate Engine. The vulnerability is due to boundary errors within the AutoUpdate Engine ActiveX control CTSUEng.ocx. A remote attacker can exploit this vulnerability by enticing a user to open a malicious web page...
Angler Exploit Kit Landing Page
Angler exploit kit is a web exploit kit that operates by delivering malicious payload to the victim's computer. Remote attackers can infect users with Angler exploit kit by enticing them to visit a malicious web page. Successful infection will allow the attacker to perform Remote Code Execution o...
Angler Exploit Kit Landing Page URL
Angler exploit kit is a web exploit kit that operates by delivering malicious payload to the victim's computer. Remote attackers can infect users with Angler exploit kit by enticing them to visit a malicious web page. Successful infection will allow the attacker to perform Remote Code Execution o...
Wordpress Ajax Store Locator Arbitrary File Download
An arbitrary file download vulnerability exists in Wordpress Ajax Store Locator. The vulnerability is due to a parameter arriving from user input, which is not properly sanitized. A remote attacker might gain access to arbitrary files using a specially crafted request...
Adobe Flash Player Memory Corruption (APSB14-27: CVE-2014-0587)
A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...
WordPress Symposium Plugin Unauthenticated Shell Upload (CVE-2014-10021)
WordPress Symposium plugin allows user to upload files without proper validation of file type. Successful exploitation of this issue may allow execution of arbitrary code on a vulnerable system...
ManageEngine NetFlow Analyzer And IT360 Multiple servlets Arbitrary File Download (CVE-2014-5445)
An arbitrary file download vulnerability exists in ManageEngine Netflow Analyzer and IT360. The vulnerability is due to lack of authentication and insufficient input validation of the schFilePath parameter sent to servlets in HTTP requests. A remote unauthenticated attacker can download arbitrary...
ActualScripts ActualAnalyzer Cookie Command Execution
A command execution vulnerability exists in ActualAnalyzer. The vulnerability is due to insufficient input validation when handling cookie values. A remote unauthenticated attacker can exploit this vulnerability by sending an HTTP request with a crafted cookie value. Successful exploitation could...
Adobe Flash Player Memory Corruption (APSB14-24: CVE-2014-8441)
A memory corruption vulnerability has been reported in Adobe Flash Player. Successful exploitation of this vulnerability may allow the attacker to access unmapped memory on the target system...
Advantech WebAccess SCADA webeye.ocx ip_address Parameter Buffer Overflow - ver 2 (CVE-2014-8388)
A stack buffer overflow exists in Advantech's WebAccess SCADA software. The vulnerability is due to insufficient input validation of the ipaddress parameter contained in the webeye.ocx ActiveX control, a part of the WebAccess Client. A remote, unauthenticated attacker could exploit this...
Advantech ADAMView Display Properties Parameter Remote Code Execution (CVE-2014-8386)
A remote code execution vulnerability has been reported in Advantech ADAMView. The vulnerability is due to insufficient validation of display properties from a file. A remote attacker can exploit this vulnerability by enticing a user to download and process a maliciously crafted file...
Adobe Acrobat and Reader Stack Buffer Overflow (APSB13-02: CVE-2013-0610)
A stack overflow vulnerability has been reported in Adobe Acrobat and Reader. The vulnerability is due to an error in Adobe Acrobat and Reader while parsing a specially crafted file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file...
Peercast URL Format String Exploit Code Execution - Ver2 (CVE-2005-1806)
A code execution vulnerability has been reported in Peercast. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Wireshark ENTTEC DMX Data Buffer Overflow - Ver2 (CVE-2010-4538)
A buffer overflow vulnerability has been reported in Wireshark. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Php libpath Parameter PHP Code Execution - Ver2 (CVE-2006-1688)
A code execution vulnerability has been reported in Squery. An attacker could exploit this vulnerability via a URL in the libpath parameter to scripts in the lib directory including ase.php, devi.php, doom3.php, et.php, flashpoint.php, gameSpy.php, gameSpy2.php, gore.php, gsvari.php, halo.php,...
OpenSSL DTLS Retransmission Denial of Service - Ver2 (CVE-2013-6450)
A denial-of-service vulnerability has been reported in OpenSSL Project OpenSSL. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
AltN WebAdmin USER Buffer Overflow - Ver2 (CVE-2003-0471)
A buffer overflow vulnerability has been reported in Alt-N Webadmin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Firefox wyciwyg Cache Manipulation Flaw Information Disclosure - Ver2 (CVE-2007-3656)
An information disclosure vulnerability has been reported in Mozilla Firefox. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...
SIP Display Field CrossSite Scripting - Ver2 (CVE-2007-2191)
A cross-site scripting vulnerability has been reported in Freepbx. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
Mozilla Firefox documentwrite Buffer Overflow - Ver2 (CVE-2010-3179)
A buffer overflow vulnerability has been reported in Mozilla Firefox, Mozilla Thunderbird and Mozilla SeaMonkey. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Mozilla Firefox Javascript Engine Code Execution - Ver2 (CVE-2006-3806)
A code execution vulnerability has been reported in Mozilla Firefox, Mozilla Thunderbird and Mozilla SeaMonkey. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
MediaDescriptiondispvalue DoS - Ver2 (CVE-2006-3897)
A denial-of-service vulnerability has been reported in Microsoft Internet Explorer. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
Facebook Photo Uploader ActiveX Control FileMask Method Buffer Overflow - Ver2 (CVE-2008-0660)
Facebook is a social networking website which allows its users to publish their photos. The website publishes an ActiveX control, ImageUploader4.ocx, to assist photo uploading. A buffer overflow vulnerability exists in the Facebook Photo Uploader ActiveX control. The flaw is due to a boundary err...
SAP GUI TabOne ActiveX Control Caption List Buffer Overflow - Ver2 (CVE-2008-4827)
The SAP GUI is the GUI client in SAP's 3-tier architecture of database, application server and client. The SAP GUI family is available for Windows, Java, and HTML/Internet Transaction Server ITS environment. There exists a buffer overflow vulnerability in the SAP GUI. Remote attackers can exploit...
Internet Explorer WMF CreateBrushIndirect DoS - Ver2 (CVE-2006-4071)
A denial-of-service vulnerability has been reported in Microsoft Windows XP and Microsoft Windows Server 2003. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
BEA WebLogic SSL Handling Denial of Service weblogic attack - Ver2 (CVE-2004-2424)
A denial-of-service vulnerability has been reported in BEA Systems WebLogic Server. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
Android 26 Kernel Level SD card Write Denial of Service - Ver2 (CVE-2013-1773)
A denial-of-service vulnerability has been reported in Linux kernel before version 3.3. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
Internet Explorer OnLoad Event Memory Corruption (MS11-081) - Ver2 (CVE-2011-1997)
A memory corruption vulnerability has been reported in Internet Explorer. The vulnerability is due to an error in the way IE accesses objects that have been deleted. A remote attacker may exploit this vulnerability by enticing a user to open a malicious web-page. Successful exploitation may cause...
Microsoft Fax Cover Page Editor Buffer Overflow - Ver2 (CVE-2010-4701)
A heap buffer overflow vulnerability has been discovered in Microsoft Windows Fax Services. The Windows Fax Service is a component that allows a Windows system to act as a Fax server. One of the tools within this fax suite is the Fax Console, which allows a user to monitor the sending and receivi...
Apache HTTP Server mod_dav MERGE Request Denial of Service - Ver2 (CVE-2013-1896)
A denial of service vulnerability has been reported in the moddav component of Apache HTTP Server. The vulnerability is due to a NULL pointer dereference when processing a MERGE request with a URI whose source href points to a non-DAV configured URI. A remote attacker can send a crafted HTTP...
Windows Explorer (explorer.exe) AVI Right Click Denial of Service - Ver2 (CVE-2007-0562)
A denial-of-service vulnerability has been reported in Microsoft Windows Explorer. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...