13538 matches found
Firefox SVG Cross-Domain Cookie Setting (CVE-2016-9078)
A cross-domain Cookie vulnerability exists in Firefox. The vulnerability is due to the way that Firefox handles Cookie creation. A successful attack could lead to a execution of arbitrary code on the affected system...
Trend Micro OfficeScan Proxy.php Command Injection (CVE-2017-11394)
A command injection vulnerability exists in Trend Micro's OfficeScan. The vulnerability is due to improper validation of HTTP parameters within the Proxy.php script. A remote, authenticated attacker could exploit the vulnerability by sending a crafted request to the vulnerable system...
Microsoft Edge Use After Free (CVE-2017-8652)
A use-after-free vulnerability exists in Microsoft Edge. The vulnerability is due to improper access of objects in memory. A remote attacker can exploit this vulnerability by enticing a victim to open a maliciously crafted web page...
Mitsubishi Electric E-Designer SetupAlarm Font Stack Buffer Overflow (CVE-2017-9638)
A stack-based buffer overflow vulnerability exists in Mitsubishi's Electric E-Designer. The vulnerability is due to the missing input validation of the Font property of SetupAlarm section of the .mpa project file. A remote attacker can exploit this vulnerability by enticing a user to visit a...
HPE Intelligent Management Center dbman RestoreDBase Command Injection (CVE-2017-5817; CVE-2017-5819)
A command injection vulnerability exists in the dbman component of HPE Intelligent Management Center. The vulnerability exists due to missing validation of user-provided parameters when handling RestoreDBase commands for MSSQL and MySQL databases. A remote, unauthenticated attacker can exploit th...
McAfee SaaS Remote Command Execution
A Remote Command Execution exists in McAfee Security-as-a-Service SaaS. The vulnerability is due to a fail in parameter check. Successful exploitation may cause a remote code execution...
Dell Storage Manager EmWebsiteServlet Directory Traversal (CVE-2017-10949)
An information disclosure vulnerability exists in the Dell Storage Manager. The vulnerability is due to an input validation error in doGet method of the EmWebsiteServlet servlet. A remote, unauthenticated attacker could exploit the vulnerability by sending crafted packets to the target system...
Trend Micro Control Manager cmdHandlerLicenseManager SQL Injection (CVE-2017-11384)
An SQL injection vulnerability exists in Trend Micro Control Manager. The vulnerability is due to improper validation of the user-supplied input for cmdHandlerLicenseManager.dll. A remote, unauthenticated attacker could exploit this vulnerability by sending a crafted request to the target server...
Nitro Pro PDF Reader JavaScript API Remote Code Execution (CVE-2017-7442)
A Remote Code Execution Vulnerability exists in JavaScript API of Nitro and Nitro Pro PDF Reader. The vulnerability is due to the use of trusted function which provides certain privileges that allows overwriting objects. A remote attacker can exploit this vulnerability by enticing the user to ope...
Trend Micro SafeSync for Enterprise dead_local_device Command Injection
A command injection vulnerability exists in Trend Micro's SafeSync for Enterprise. The vulnerability is due to insufficient validation of the user-supplied parameters in the deadlocaldevice function. A remote, authenticated attacker could exploit this vulnerability by sending a crafted request to...
Nginx ngx_http_range_filter_module Integer Overflow (CVE-2017-7529)
An integer overflow vulnerability exists in Nginx. The vulnerability is due to insufficient validation of requested byte ranges...
PHP gdImageCreateFromGifCtx Out of Bounds Read (CVE-2017-7890)
An out of bounds read vulnerability exists in PHP. The vulnerability is due to improper handling of objects in memory within the gdImageCreateFromGifCtx function of gdgifin.c. A remote attacker could exploit this vulnerability by supplying a crafted image file to an application using the affected...
HPE Intelligent Management Center Imcwlandm Stack Buffer Overflow (CVE-2017-5804; CVE-2017-5805)
An integer underflow vulnerability exists in HPE Intelligent Management Center. The vulnerability is due to improper validation of the size field when parsing data. A remote, unauthenticated attacker can exploit this vulnerability by sending a maliciously crafted packet to the target server...
Suspicious Credential Harvesting
Compromised websites injected with malicious JavaScript, have been identified. Successful exploitation could result in remote code execution on the target system once the malicious page is loaded, leading to credential harvesting...
Apache Struts 2 Content-Disposition Remote Code Execution (CVE-2017-5638)
A remote code execution vulnerability exists in the Apache Struts2 using Jakarta multipart parser. An attacker could exploit this vulnerability by sending an invalid content-disposition as part of a file upload request. Successful exploitation could result in execution of arbitrary code on the...
Adobe Acrobat and Reader Security Bypass (APSB17-24: CVE-2017-3118)
A Security Bypass vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a corrupted file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted file...
Adobe Acrobat and Reader Use After Free (APSB17-24: CVE-2017-11254)
A use-after-free vulnerability exists in Adobe Acrobat and Acrobat Reader. The vulnerability is dueto an error while processing addAnnot method. A remote attacker could exploit this vulnerability by enticing a user to open a maliciously crafted document...
Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11249)
A Memory Corruption vulnerability exists in Enhanced Metafile Format. The vulnerability is due to an error in the way Adobe Acrobat and Reader parses EMF files. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted EMF file...
Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11242)
A memory corruption vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to the way Adobe Acrobat and Reader improperly processes specially crafted Enhanced Metafile EMF image format files. A remote attacker can exploit this issue by enticing a victim to open a specially...
Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11258)
A memory corruption vulnerability exists in Adobe Acrobat And Reader. The vulnerability is due to an error in the image conversion engine when processing Enhanced Metafile Format EMF private data. A remote attacker may exploit this vulnerability by using the out of bounds access for unintended...
Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11233)
A memory corruption vulnerability exists in Adobe Acrobat and Reader. the vulnerability is due to how the image conversion engine processes Enhanced Metafile Format EMF. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted EMF file with Adobe...
Adobe Flash Player Security Bypass (APSB17-23: CVE-2017-3085)
A security bypass vulnerability exists in Adobe Flash Player. The vulnerability is due to insufficient redirection checks when performing URL redirect. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file...
Adobe Acrobat and Reader Use After Free (APSB17-24: CVE-2017-3113)
A Use After Free vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a corrupted PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...
Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-3116; CVE-2017-11237)
A memory corruption vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a corrupted file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted file...
Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11255)
A memory corruption vulnerability exists in TIFF files. The vulnerability is due to how the image conversion engine processes TIFF files. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted TIFF file...
Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11243)
A memory corruption vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...
Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-3123)
A Memory Corruption exists in Enhanced Metafile Format. The vulnerability is due to insufficient bounds check while processing EMF file. Attacker can exploit the vulnerability by using the out of bounds access for unintended reads, writes or frees potentially leading to code corruption,...
Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11228)
A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to code stream specification components. A remote attacker might exploit this issue by creating an incomplete code stream which can cause memory corruption...
Adobe Acrobat And Reader Memory Corruption (APSB17-24: CVE-2017-11259)
A memory corruption vulnerability exists in Adobe Acrobat And Reader. The vulnerability is due to an error in the image conversion engine when processing Enhanced Metafile Format EMF private data. A remote attacker may exploit this vulnerability by using the out of bounds access for unintended...
Adobe Acrobat and Reader Use After Free (APSB17-24: CVE-2017-11256)
A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to how Adobe processes XFA layout. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file with Adobe Reader...
Adobe Acrobat and Reader Heap Overflow (APSB17-24: CVE-2017-11241)
A memory corruption vulnerability exists in Adobe Acrobat and Reader. the vulnerability is due to how the image conversion engine processes Enhanced Metafile Format EMF. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted EMF file with Adobe...
Adobe Flash Player Type Confusion (APSB17-23: CVE-2017-3106)
A type confusion overflow vulnerability exists in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...
Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11245)
A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while processing Enhanced Metafile Format EMF data. A remote attacker may exploit this vulnerability by using the out of bounds access for unintended reads, write...
Adobe Acrobat and Reader Heap Overflow (APSB17-24: CVE-2017-11211)
A Heap Overflow vulnerability exists in Adobe Reader and Acrobat. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted image file with Adobe Reader and Acrobat...
Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11248)
A Memory Corruption vulnerability exists in Enhanced Metafile Format. The vulnerability is due to an error in the way Adobe Acrobat and Reader parses EMF files. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted EMF file...
Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11222)
A memory corruption vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to the way Adobe processes embedded RPC data. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...
Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11244)
A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while processing Enhanced Metafile Format EMF data. A remote attacker may exploit this vulnerability by using the out of bounds access for unintended reads, write...
Adobe Acrobat and Reader Heap Overflow (APSB17-24: CVE-2017-3121)
A Heap Overflow vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted EMF file...
Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11217)
A memory corruption vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to the way Adobe Acrobat and Reader improperly processes specially crafted Enhanced Metafile EMF image format files. A remote attacker can exploit this issue by enticing a victim to open a specially...
Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11252)
A memory corruption vulnerability has been reported in Adobe Acrobat and Reader. The vulnerability is due to an error in Adobe Acrobat and Reader while parsing a corrupted file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...
Adobe Acrobat And Reader Use After Free (APSB17-24: CVE-2017-11223)
A use after free vulnerability exists in Adobe Acrobat And Reader. The vulnerability is due to a freed memory area being reused by another object. This provides a remote attacker with an unintended memory access -- potentially leading to code corruption, control-flow hijack, or information leak...
Adobe Acrobat and Reader Type Confusion (APSB17-24: CVE-2017-11257)
A type confusion overflow vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to how Adobe processes XFA layout. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...
Adobe Acrobat And Reader Use After Free (APSB17-24: CVE-2017-11224)
A use after free vulnerability exists in Adobe Acrobat And Reader. The vulnerability is due to a freed memory area being reused by another object. This provides a remote attacker with an unintended memory access -- potentially leading to code corruption, control-flow hijack, or information leak...
Adobe Acrobat and Reader Use After Free (APSB17-24: CVE-2017-11218)
A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...
Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11230)
A memory corruption vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to how Adobe processes JPEG format. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file with Adobe Reader...
Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11270)
A memory corruption vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to how the image conversion engine processes Enhanced Metafile Format EMF. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted EMF file with Adobe...
Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11269)
A memory corruption vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to how the image conversion engine processes Enhanced Metafile Format EMF. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted EMF file with Adobe...
Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11265)
A memory corruption vulnerability exists in Adobe Acrobat and Reader. A remote attacker may exploit this issue by enticing a target user to open a malicious PDF file with an affected version of Adobe Reader or Acrobat...
Adobe Acrobat and Reader Type Confusion (APSB17-24: CVE-2017-11221)
A type confusion overflow vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to the way Adobe processes font locations. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...
Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11251)
A memory corruption vulnerability has been reported in Adobe Acrobat and Reader. The vulnerability is due to an error in Adobe Acrobat and Reader while parsing a corrupted file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...