All Vulnerabilities
Microsoft Edge Memory Corruption Vulnerability (CVE-2016-0191)
Severity: 
Date Published: 21 Sep 2016
Microsoft Edge is prone to an unspecified memory corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application.
Drupal RESTWS Module Page Callback Remote Code Execution Vulnerability
Severity: 
Date Published: 21 Sep 2016
A remote code execution vulnerability exists in RESTWS module for the Drupal. A remote unauthenticated attacker could exploit this vulnerability by sending a crafted HTTP request to the target server. Successful exploitation could allow the attacker to execute arbitrary code in the context of the web server.
Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2016-0059)
Severity:
Date Published: 21 Sep 2016
An information disclosure vulnerability exists in Internet Explorer when Hyperlink Object Library improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the system.
Oracle Database And Enterprise Manager Grid Control Remote Code Execution Vulnera...
Severity:
Date Published: 21 Sep 2016
Oracle Database and Enterprise Manager Grid Control is prone to a remote code-execution vulnerability. Successful exploits will allow attackers to execute arbitrary code within the context of the application.
Oracle Database Server DBMS_CDC_PUBLISH Multiple Procedure SQL Injection
Severity: 
Date Published: 21 Sep 2016
Unspecified vulnerability in the Change Data Capture component in Oracle Database 9.2.0.8 and 9.2.0.8DV allows remote authenticated users to affect confidentiality and integrity, related to SYS.DBMS_CDC_PUBLISH.
Adobe Acrobat DLL Loading Arbitrary Code Execution Vulnerability (CVE-2016-1008)
Severity:
Date Published: 21 Sep 2016
Adobe Acrobat and Reader are prone to a vulnerability that lets attackers execute arbitrary code. An attacker can exploit this issue by enticing a legitimate user into opening a pdf file from a network share or WebDAV location that contains a specially crafted Dynamic Linked Library (DLL) file.
Oracle MySQL Remote Code Execution Vulnerability (CVE-2016-6662)
Severity:
Date Published: 15 Sep 2016
A remote code execution vulnerability has been reported in MySQL database server. An authenticated remote user can send a specially crafted request to execute arbitrary code with root privileges on the target system.
HTTP CONNECT requests and 407 Proxy Authentication Required messages are not integrity protected and are susceptible to man-in-the-middle attacks. WebKit-based applications are additionally vulnerable to arbitrary HTML markup and JavaScript execution in the context of the originally requested domain.
Microsoft Windows Session Object Elevation Of Privilege Vulnerability (CVE-2016-3...
Severity:
Date Published: 15 Sep 2016
Windows session object elevation of privilege vulnerability exist in the way that Windows handles session objects. A locally authenticated attacker who successfully exploited the vulnerability could hijack the session of another user.
Microsoft Windows Session Object Elevation Of Privilege Vulnerability (CVE-2016-3...
Severity:
Date Published: 15 Sep 2016
Windows session object elevation of privilege vulnerability exist in the way that Windows handles session objects. A locally authenticated attacker who successfully exploited the vulnerability could hijack the session of another user.
Featured Stories
The Mirage of AI Programming: Hallucinations and Code IntegrityThe adoption of large language models (LLMs) and Generative Pre-trained Transformers (GPTs), such as ChatGPT, by leading firms like Microsoft, Nuance, Mix and Google CCAI Insights, drives the industry towards a series of transformative changes. As the use of these new technologies becomes prevalent, it is important to understand their key behavior, advantages, and the risks they present.Read more
Open RAN: Attack of the xAppsThis article discusses two O-RAN vulnerabilities that attackers can exploit. One vulnerability stems from insufficient access control, and the other arises from faulty message handlingRead more
A Closer Exploration of Residential Proxies and CAPTCHA-Breaking ServicesThis article, the final part of a two-part series, focuses on the details of our technical findings and analyses of select residential proxies and CAPTCHA-solving services.Read more
How Residential Proxies and CAPTCHA-Solving Services Become Agents of AbuseThis article, the first of a two-part series, provides insights on how abusers and cybercriminals use residential proxies and CAPTCHA-solving services to enable bots, scrapers, and stuffers, and proposes security countermeasures for organizations.Read more