All Vulnerabilities
Joomla Huge-IT Catalog Extension SQLi And XSS Vulnerability (CVE-2016-1000119)
Severity:
Date Published:  09 Nov 2016
Reflected Cross Site Scripting (XSS) and SQL Injection vulnerabilities have been found in the Huge-IT catalog extension for Joomla. Successful exploitation of these vulnerabilities could allow an attacker to compromise the target website.
IBM WebSphere Application Server Cross Site Scripting Vulnerability (CVE-2016-304...
Severity:
Date Published:  09 Nov 2016
Cross-site scripting (XSS) vulnerability in the Web UI in IBM WebSphere Application Server (WAS) Liberty before 16.0.0.3 allows remote authenticated users to inject arbitrary web script or HTML via vectors involving OpenID Connect clients.
HP Network Node Manager ovspmd.exe Buffer Overflow Vulnerability
Severity:
Date Published:  09 Nov 2016
HP OpenView Network Node Manager (OV NNM) ovw.dll is prone to a buffer overflow vulnerability. A successful exploitation of this vulnerability could allow remote attackers to execute arbitrary code via a long message.
Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2016-3298)
Severity:
Date Published:  09 Nov 2016
An information disclosure vulnerability exists when Internet Explorer improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the system.
Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-3386)
Severity:
Date Published:  09 Nov 2016
Microsoft Edge scripting engine is prone to a memory corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application.
Adobe Acrobat And Reader Information Disclosure Vulnerability (CVE-2016-1078)
Severity:
Date Published:  09 Nov 2016
Adobe Acrobat and Reader are prone to an information disclosure vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial of service states.
JBoss Seam Parameterized EL Expressions Remote Code Execution Vulnerability
Severity:
Date Published:  09 Nov 2016
JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language (EL) expressions, which allows remote attackers to execute arbitrary code via a crafted URL. NOTE: The vulnerability exists only when the Java Security Manager is not configured properly.
Microsoft Windows PDF Library Remote Code Execution Vulnerability (CVE-2016-3374)
Severity:
Date Published:  09 Nov 2016
A remote code execution vulnerability exists in Microsoft Windows PDF library. An attacker who successfully exploited this vulnerability could cause arbitrary code to execute in the context of the current user.
An elevation of privilege vulnerability exists in Windows when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in kernel mode.
Microsoft Windows PDF Library Remote Code Execution Vulnerability (CVE-2016-3370)
Severity:
Date Published:  09 Nov 2016
A remote code execution vulnerability exists in Microsoft Windows PDF library. An attacker who successfully exploited this vulnerability could cause arbitrary code to execute in the context of the current user.