All Vulnerabilities

A use-after-free vulnerability was discovered in Microsoft Windows. Successful exploitation of this issue may allow attackers to execute arbitrary code.

Mozilla Firefox is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and execute arbitrary code in the context of the application.

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. An attacker could leverage this to execute arbitrary code under the context of the QuickTime player.

The ExceptionDelegator component in Apache Struts before 2.2.3.1 interprets parameter values as OGNL expressions during certain exception handling for mismatched data types of properties, which allows remote attackers to execute arbitrary Java code via a crafted parameter.

A memory corruption vulnerability was discovered in Microsoft Windows. Successful exploitation of this issue might lead to local privilege escalation.

An uninitialized reference vulnerability has been found in PHP. A remote attacker can exploit this vulnerability by sending a crafted file to a service that processes tar files. A successful attack could result in arbitrary code execution on the vulnerable server.

An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system. An attacker who successfully exploited this vulnerability could use the retrieved information to circumvent Address Space Layout Randomization (ASLR) in Windows, which helps guard against a broad class of vulnerabilities.

An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system. An attacker who successfully exploited this vulnerability could use the retrieved information to circumvent Address Space Layout Randomization (ASLR) in Windows, which helps guard against a broad class of vulnerabilities.

A use-after-free vulnerability was discovered in Microsoft Windows. Successful exploitation of this issue may allow attackers to execute arbitrary code.

An elevation of privilege vulnerability exists in Windows when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.