All Vulnerabilities

An information disclosure vulnerability was discovered within Internet explorer when handling a specially crafted EMF file. A successful exploitation of this issue would allow an attacker to disclose information on the remote filesystem through a malicious web page.
Microsoft Office Memory Corruption Vulnerability (CVE-2016-0010)
 Severity:    
 Date Published:  05 Oct 2016
A memory corruption vulnerability exists in Microsoft Office. An attacker who successfully exploited this vulnerability could use a specially crafted file to perform remote code execution in the security context of the current user.
Java Unserialize Remote Code Execution Vulnerability
 Severity:    
 Date Published:  05 Oct 2016
There is an unknown Java unserialization vulnerability in third-party Java libraries that could be used to remotely exploit Java based web applications. Serialization is a process in which an object is converted to a stream of bytes in order to store or transmit that object to memory or a file. The process in which serialized data is extracted is called unserialization and it can lead to major security issues if not handled properly.
Microsoft Internet Explorer and Edge are prone to an unspecified memory corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application.
Microsoft Windows PDF Information Disclosure Vulnerability (CVE-2016-3215)
 Severity:    
 Date Published:  05 Oct 2016
Microsoft Windows PDF is prone to a remote information-disclosure vulnerability. Attackers can exploit this issue to gain access to sensitive information that may aid in further attacks.
Microsoft Office Information Disclosure Vulnerability (CVE-2016-3234)
 Severity:    
 Date Published:  05 Oct 2016
An out of bound memory access vulnerability was discovered within Microsoft Office. Successful exploitation of this vulnerability could allow an attacker to leak sensitive information that could be used to bypass memory protections such as ASLR and leverage the attack to execute arbitrary code on the remote system.
Novell File Reporter NFRAgent.exe Absolute Path Traversal Vulnerability
 Severity:    
 Date Published:  05 Oct 2016
Absolute path traversal vulnerability in NFRAgent.exe in Novell File Reporter allows remote attackers to read arbitrary files via a /FSF/CMD request with a full pathname in a PATH element of an SRS record.
Cross-site scripting (XSS) vulnerability in Microsoft Active Directory Federation Services allows remote attackers to inject arbitrary web script or HTML via a crafted request.
IIS MX_STATS_LogLine NSIISlog.DLL Buffer Overflow
 Severity:    
 Date Published:  05 Oct 2016
Buffer overflow in the streaming media component for logging multicast requests in the ISAPI for the logging capability of Microsoft Windows Media Services (nsiislog.dll), as installed in IIS 5.0, allows remote attackers to execute arbitrary code via a large POST request to nsiislog.dll.
Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-4251)
 Severity:    
 Date Published:  05 Oct 2016
Adobe Acrobat and Reader are prone to an unspecified memory corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial of service states.