All Vulnerabilities

PREVIOUS
PREVIOUS
Microsoft Windows PDF Information Disclosure Vulnerability (CVE-2016-3215)
 Severity:    
 Date Published:  05 Oct 2016
Microsoft Windows PDF is prone to a remote information-disclosure vulnerability. Attackers can exploit this issue to gain access to sensitive information that may aid in further attacks.
Read more
Microsoft Office Information Disclosure Vulnerability (CVE-2016-3234)
 Severity:    
 Date Published:  05 Oct 2016
An out of bound memory access vulnerability was discovered within Microsoft Office. Successful exploitation of this vulnerability could allow an attacker to leak sensitive information that could be used to bypass memory protections such as ASLR and leverage the attack to execute arbitrary code on the remote system.
Read more
Novell File Reporter NFRAgent.exe Absolute Path Traversal Vulnerability
 Severity:    
 Date Published:  05 Oct 2016
Absolute path traversal vulnerability in NFRAgent.exe in Novell File Reporter allows remote attackers to read arbitrary files via a /FSF/CMD request with a full pathname in a PATH element of an SRS record.
Read more
Microsoft Active Directory Federation Services XSS Elevation Of Privilege Vulnera...
 Severity:    
 Date Published:  05 Oct 2016
Cross-site scripting (XSS) vulnerability in Microsoft Active Directory Federation Services allows remote attackers to inject arbitrary web script or HTML via a crafted request.
Read more
IIS MX_STATS_LogLine NSIISlog.DLL Buffer Overflow
 Severity:    
 Date Published:  05 Oct 2016
Buffer overflow in the streaming media component for logging multicast requests in the ISAPI for the logging capability of Microsoft Windows Media Services (nsiislog.dll), as installed in IIS 5.0, allows remote attackers to execute arbitrary code via a large POST request to nsiislog.dll.
Read more
Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-4251)
 Severity:    
 Date Published:  05 Oct 2016
Adobe Acrobat and Reader are prone to an unspecified memory corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial of service states.
Read more
Adobe Flash Player Heap Overflow Vulnerability (CVE-2015-8446)
 Severity:    
 Date Published:  05 Oct 2016
A heap overflow vulnerability exists in Adobe Flash Player. A remote attacker can exploit this vulnerability by enticing a target user to open a crafted file. A successful attack could result in arbitrary code execution in the security context of the target user. Failed exploit attempts will likely result in denial of service states.
Read more
Apache Struts OGNL Expression Injection Vulnerability
 Severity:    
 Date Published:  05 Oct 2016
Apache Struts 2 before 2.3.14.2 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the (1) URL or (2) A tag. NOTE: this issue is due to an incomplete fix for CVE-2013-1966.
Read more
Microsoft Windows Graphics Component Remote Code Execution Vulnerability (CVE-201...
 Severity:    
 Date Published:  05 Oct 2016
A remote code execution vulnerability exists in Microsoft Windows Graphics Component when it's improperly handles specially crafted EMF files. An attacker who successfully exploited this vulnerability could cause arbitrary code to execute in the context of the current user.
Read more
Microsoft XML Core Services XMLHttpRequest 'SetCookie2' Header Information Disclo...
 Severity:    
 Date Published:  29 Sep 2016
Microsoft XML Core Services, as used in Microsoft Expression Web, Office, Internet Explorer 6 and 7, and other products, does not properly restrict access from web pages to Set-Cookie2 HTTP response headers, which allows remote attackers to obtain sensitive information from cookies via XMLHttpRequest calls.
Read more
PREVIOUS
PREVIOUS

Featured Stories

View All