All Vulnerabilities
Adobe Acrobat And Reader Font Stream Parsing Out-Of-Bounds Read Information Discl...
Severity: 
Date Published: 29 Sep 2016
Adobe Flash Player allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via unspecified vectors.
Symfony Yaml::parse Function Remote Code Execution Vulnerability (CVE-2013-1348)
Severity: 
Date Published: 29 Sep 2016
The Yaml::parse function in Symfony 2.0.x before 2.0.22 remote attackers to execute arbitrary PHP code via a PHP file, a different vulnerability than CVE-2013-1397.
Microsoft Office Memory Corruption Vulnerability (CVE-2016-3357)
Severity: 
Date Published: 29 Sep 2016
A memory corruption vulnerability exists in Microsoft Office. An attacker who successfully exploited this vulnerability could use a specially crafted file to perform remote code execution in the security context of the current user.
Microsoft Edge Memory Corruption Vulnerability (CVE-2016-3294)
Severity:
Date Published: 29 Sep 2016
Microsoft Edge is prone to a memory corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application.
HP Operations Manager Remote Unauthorized Access Vulnerability (CVE-2009-3843)
Severity:
Date Published: 29 Sep 2016
HP Operations Manager 8.10 on Windows contains a "hidden account" in the XML file that specifies Tomcat users, which allows remote attackers to conduct unrestricted file upload attacks, and thereby execute arbitrary code, by using the org.apache.catalina.manager.HTMLManagerServlet class to make requests to manager/html/upload.
Apache Tomcat Application Manager Default Ovwebusr Password Vulnerability
Severity:
Date Published: 29 Sep 2016
HP Operations Manager has a default password of OvW*busr1 for the ovwebusr account, which allows remote attackers to execute arbitrary code via a session that uses the manager role to conduct unrestricted file upload attacks against the /manager servlet in the Tomcat servlet container.
Adobe Flash Player Use After Free Vulnerability (CVE-2016-4228)
Severity:
Date Published: 29 Sep 2016
Adobe Flash Player is prone to a use after free vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial of service condition.
Adobe Acrobat And Reader Font Stream Parsing Out-Of-Bounds Read Information Discl...
Severity:
Date Published: 29 Sep 2016
Adobe Flash Player allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via unspecified vectors.
Adobe Acrobat And Reader FlateDecode Parsing Out-Of-Bounds Read Information Discl...
Severity:
Date Published: 29 Sep 2016
Adobe Flash Player allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via unspecified vectors.
Adobe Acrobat And Reader FlateDecode Parsing Out-Of-Bounds Read Information Discl...
Severity:
Date Published: 29 Sep 2016
Adobe Flash Player allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via unspecified vectors.
Featured Stories
The Mirage of AI Programming: Hallucinations and Code IntegrityThe adoption of large language models (LLMs) and Generative Pre-trained Transformers (GPTs), such as ChatGPT, by leading firms like Microsoft, Nuance, Mix and Google CCAI Insights, drives the industry towards a series of transformative changes. As the use of these new technologies becomes prevalent, it is important to understand their key behavior, advantages, and the risks they present.Read more
Open RAN: Attack of the xAppsThis article discusses two O-RAN vulnerabilities that attackers can exploit. One vulnerability stems from insufficient access control, and the other arises from faulty message handlingRead more
A Closer Exploration of Residential Proxies and CAPTCHA-Breaking ServicesThis article, the final part of a two-part series, focuses on the details of our technical findings and analyses of select residential proxies and CAPTCHA-solving services.Read more
How Residential Proxies and CAPTCHA-Solving Services Become Agents of AbuseThis article, the first of a two-part series, provides insights on how abusers and cybercriminals use residential proxies and CAPTCHA-solving services to enable bots, scrapers, and stuffers, and proposes security countermeasures for organizations.Read more