All Vulnerabilities

Microsoft Win32k Elevation Of Privilege Vulnerability (CVE-2016-7211)
 Severity:    
 Date Published:  20 Oct 2016
A use-after-free vulnerability was discovered in Microsoft Windows. Successful exploitation of this issue may allow attackers to execute arbitrary code.
Mozilla Firefox is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and execute arbitrary code in the context of the application.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. An attacker could leverage this to execute arbitrary code under the context of the QuickTime player.
The ExceptionDelegator component in Apache Struts before 2.2.3.1 interprets parameter values as OGNL expressions during certain exception handling for mismatched data types of properties, which allows remote attackers to execute arbitrary Java code via a crafted parameter.
Microsoft Win32k Elevation Of Privilege Vulnerability (CVE-2016-3341)
 Severity:    
 Date Published:  20 Oct 2016
A memory corruption vulnerability was discovered in Microsoft Windows. Successful exploitation of this issue might lead to local privilege escalation.
PHP TAR File Parsing Uninitialized Reference Vulnerability (CVE-2016-4343)
 Severity:    
 Date Published:  12 Oct 2016
An uninitialized reference vulnerability has been found in PHP. A remote attacker can exploit this vulnerability by sending a crafted file to a service that processes tar files. A successful attack could result in arbitrary code execution on the vulnerable server.
Microsoft Windows GDI+ Information Disclosure Vulnerability (CVE-2016-3262)
 Severity:    
 Date Published:  12 Oct 2016
An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system. An attacker who successfully exploited this vulnerability could use the retrieved information to circumvent Address Space Layout Randomization (ASLR) in Windows, which helps guard against a broad class of vulnerabilities.
Microsoft Windows GDI+ Information Disclosure Vulnerability (CVE-2016-3209)
 Severity:    
 Date Published:  12 Oct 2016
An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system. An attacker who successfully exploited this vulnerability could use the retrieved information to circumvent Address Space Layout Randomization (ASLR) in Windows, which helps guard against a broad class of vulnerabilities.
Microsoft Win32k Elevation Of Privilege Vulnerability (CVE-2016-7191)
 Severity:    
 Date Published:  12 Oct 2016
A use-after-free vulnerability was discovered in Microsoft Windows. Successful exploitation of this issue may allow attackers to execute arbitrary code.
Microsoft Win32k Elevation Of Privilege Vulnerability (CVE-2016-3270)
 Severity:    
 Date Published:  12 Oct 2016
An elevation of privilege vulnerability exists in Windows when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.