16763 matches found
Microsoft Office Excel Chart Object Use-After-Free Information Disclosure Vulnerability
This vulnerability allows remote attackers to read freed memory on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within processing of...
IBM Tivoli Storage Manager FastBack Server Opcode 1329 Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of IBM Tivoli Storage Manager FastBack. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of opcode 1329. By sending a crafted packet...
Adobe Acrobat Reader ScriptBridgeUtils Javascript API Restrictions Bypass Vulnerability
This vulnerability allows remote attackers to bypass API restrictions on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within ScriptBridgeUtils...
Novell Zenworks Rtrlet doPost Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Zenworks. By default, authentication is not required to exploit this vulnerability. The specific flaw exists within the doPost method of the Rtrlet class. The issue lies in the failure to...
Apple OS X IOKit IOHIDSecurePromptClient Heap Buffer Overflow Privilege Escalation Vulnerability
This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Apple OS X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within IOKit IOHIDSecurePromptClien...
SolarWinds Server and Application Monitor TSUnicodeGraphEditorControl graphManager.load Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SolarWinds Server and Application Monitor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exis...
Rockwell Automation Connected Components Workbench RA.ViewElements.Grid.1 Arbitrary Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Rockwell Automation Connected Components Workbench. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific...
Microsoft Internet Explorer CSS Quotes Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how...
Hewlett-Packard Network Node Manager ovopi.dll Option -D Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within ovopi.dll which listens by default on a UDP port 696. When parsin...
Microsoft Internet Explorer CMarkup Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Adobe Reader replace() Heap Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the replace...
Juniper Network and Security Manager XDB Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Juniper Network and Security Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the XDB service. The issue lies in the ability to connect to the...
Microsoft Internet Explorer CElement::GetClassCacheArray Improper Indexing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Hewlett-Packard Intelligent Management Center IctDownloadServlet Information Disclosure Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the IctDownloadServlet servlet. This servlet contains a...
Hewlett-Packard Intelligent Management Center FaultDownloadServlet Information Disclosure Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the FaultDownloadServlet servlet. This servlet contains ...
Microsoft Internet Explorer Js::PathTypeHandlerBase Improper Indexing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Microsoft Internet Explorer CTreeNode Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
(Pwn2Own) Microsoft Internet Explorer Protected Mode Bypass Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
(Pwn2Own) Adobe Flash Display Object Memory Corruption Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...
Advantech WebAccess bwocxrun.ocx OpenUrlToBuffer Information Disclosure Vulnerability
This vulnerability allows remote attackers to access arbitrary files on vulnerable installations of Advantech WebAccess. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Symantec Workspace Streaming Agent XMLRPC Request putFile Method Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Workspace Streaming. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SWS Agent asagent.exe component. By sending a crafted XMLRPC request ...
(Pwn2Own\Pwn4Fun) Apple OS X Graphics Driver Memory Corruption Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple OS X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Intel graphics...
SolarWinds Server and Application Monitor PEstrarg1 ActiveX Heap Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SolarWinds Server and Application Monitor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exis...
(Pwn2Own) Mozilla Firefox TypeObject Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...
(Pwn2Own) Mozilla Firefox Pop-Up Blocker Bypass Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the pop-up...
Microsoft Internet Explorer HtmlLayout Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Microsoft Internet Explorer CMarkup Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Microsoft Internet Explorer CDomRange Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
WellinTech KingScada KingGraphic kxClientDownload ActiveX Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of WellinTech KingScada KingGraphics. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...
(Mobile Pwn2Own) Samsung Apps/WatchON WebView JavaScript Bridge Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Apps and Samsung WatchOn. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...
(Mobile Pwn2Own) Apple iOS Safari DocumentOrderedMap Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...
HP Virtual User Generator EmulationAdmin Service getReport Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Virtual User Generator. Authentication is not required to exploit this vulnerability. The specific flaw exists in the handling of requests to the EmulationAdmin web service. This service exposes...
HP SiteScope issueSiebelCmd SOAP Request Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP SiteScope. Authentication is not required to exploit this vulnerability. The specific flaw exists within the issueSiebelCmd web method. A remote attacker can abuse this web method in order to...
Hewlett-Packard Intelligent Management Center APM monitorId SQL Injection Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the APM module's AppDataDaoImpl class. The monitorId parameter does n...
HP PCM+ SNAC Registration Server UpdateDomainControllerServlet Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP PCM Plus. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UpdateDomainControllerServlet. This servlet improperly sanitizes the 'adCert' argument...
Microsoft Internet Explorer CWindow Destructor Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Hewlett-Packard Network Node Manager I pmd.exe Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Network Node Manager i. Authentication is not required to exploit this vulnerability. The specific flaw exists within pmd.exe, which listens by default on TCP port 162. By sending a specially...
Microsoft Internet Explorer selectAll/RemoveFormat execCommand Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Microsoft Internet Explorer runtimeStyle Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Hewlett-Packard Data Protector Cell Manager crs.exe Opcode 234 Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Data Protector. Authentication is not required to exploit this vulnerability. The specific flaw exists within crs.exe which listens by default on a random TCP port. When parsing opcode 234, the...
Hewlett-Packard Data Protector Cell Manager crs.exe Opcode 305 Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Data Protector. Authentication is not required to exploit this vulnerability. The specific flaw exists within crs.exe which listens by default on a random TCP port. When parsing opcode 305, the...
Hewlett-Packard Data Protector Cell Manager crs.exe Multiple Opcodes Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Data Protector. Authentication is not required to exploit this vulnerability. The specific flaw exists within crs.exe which listens by default on a random TCP port. When parsing opcodes...
Apple QuickTime enof Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of a...
Apple QuickTime dref Volume Name Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of a...
Webkit.org Webkit string.replace Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Webkit implements...
Novell ZENworks Mobile Management DUSAP.php Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell ZENworks Mobile Management . Authentication is not required to exploit this vulnerability. The specific flaw exists within DUSAP.php, which receives a 'language' variable which later is used...
Mozilla Firefox ListenerManager Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing o...
Microsoft .NET Framework EncoderParameters.ConvertToMemory Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft .NET Framework. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Oracle Java WebStart Changing System Properties Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists because it is possible to...
Microsoft Internet Explorer OnRowsInserted Event Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...