All Vulnerabilities

RealNetworks Helix Server and Helix Mobile Server are prone to a remote heap buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the application or cause denial-of-service condition.

A local privilege escalation vulnerability was discovered in Microsoft Windows. It allows normal users to gain administrator privileges.

Directory traversal vulnerability in Elasticsearch before 1.6.1 allows remote attackers to read arbitrary files via unspecified vectors related to snapshot API calls.

Microsoft .NET Framework 1.1 SP1, 2.0 SP1 and SP2, 3.5, 3.5 SP1, 3.5.1, and 4.0, as used for ASP.NET in Microsoft Internet Information Services (IIS), provides detailed error codes during decryption attempts, which allows remote attackers to decrypt and modify encrypted View State (aka __VIEWSTATE) form data, and possibly forge cookies or read application files, via a padding oracle attack, aka "ASP.NET Padding Oracle Vulnerability."

Adobe Flash Player is prone to a heap overflow vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial of service condition.

An information disclosure vulnerability was discovered within Internet explorer when handling a specially crafted EMF file. A successful exploitation of this issue would allow an attacker to disclose information on the remote filesystem through a malicious web page.

A memory corruption vulnerability exists in Microsoft Office. An attacker who successfully exploited this vulnerability could use a specially crafted file to perform remote code execution in the security context of the current user.

There is an unknown Java unserialization vulnerability in third-party Java libraries that could be used to remotely exploit Java based web applications. Serialization is a process in which an object is converted to a stream of bytes in order to store or transmit that object to memory or a file. The process in which serialized data is extracted is called unserialization and it can lead to major security issues if not handled properly.

Microsoft Internet Explorer and Edge are prone to an unspecified memory corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application.

Microsoft Windows PDF is prone to a remote information-disclosure vulnerability. Attackers can exploit this issue to gain access to sensitive information that may aid in further attacks.