All Vulnerabilities
Microsoft Windows Session Object Elevation Of Privilege Vulnerability (CVE-2016-3...
Severity: 
Date Published: 15 Sep 2016
Windows session object elevation of privilege vulnerability exist in the way that Windows handles session objects. A locally authenticated attacker who successfully exploited the vulnerability could hijack the session of another user.
Microsoft Windows Information Disclosure Vulnerability (CVE-2016-3352)
Severity:
Date Published: 15 Sep 2016
An information disclosure vulnerability exists when Windows fails to properly validate NTLM Single Sign-On (SSO) requests during Microsoft Account (MSA) login sessions. To exploit the vulnerability, an attacker would have to trick a user into browsing to a malicious web site or UNC path, or convince a user to load a malicious document that initiates an NTLM SSO validation request without the consent of the user.
Microsoft Win32k Elevation Of Privilege Vulnerability (CVE-2016-3348)
Severity:
Date Published: 15 Sep 2016
An elevation of privilege vulnerability exist in the way that Windows kernel-mode drivers handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Microsoft Scripting Engine Memory Corruption Vulnerability (CVE-2016-3377)
Severity:
Date Published: 15 Sep 2016
Microsoft Scripting Engine is prone to a memory corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application.
Microsoft Scripting Engine Memory Corruption Vulnerability (CVE-2016-3375)
Severity:
Date Published: 15 Sep 2016
Microsoft Scripting Engine is prone to a memory corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application.
Microsoft Office Memory Corruption Vulnerability (CVE-2016-3381)
Severity:
Date Published: 15 Sep 2016
A remote code execution vulnerability exists in Microsoft Office software that is caused when the Office software improperly handles objects in memory while parsing specially crafted Office files. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.
Microsoft Office Memory Corruption Vulnerability (CVE-2016-3365)
Severity:
Date Published: 15 Sep 2016
A remote code execution vulnerability exists in Microsoft Office software that is caused when the Office software improperly handles objects in memory while parsing specially crafted Office files. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.
Microsoft Office Memory Corruption Vulnerability (CVE-2016-3364)
Severity:
Date Published: 15 Sep 2016
A remote code execution vulnerability exists in Microsoft Office software that is caused when the Office software improperly handles objects in memory while parsing specially crafted Office files. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.
Microsoft Office Memory Corruption Vulnerability (CVE-2016-3363)
Severity:
Date Published: 15 Sep 2016
A remote code execution vulnerability exists in Microsoft Office software that is caused when the Office software improperly handles objects in memory while parsing specially crafted Office files. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.
Microsoft Office Memory Corruption Vulnerability (CVE-2016-3362)
Severity:
Date Published: 15 Sep 2016
A remote code execution vulnerability exists in Microsoft Office software that is caused when the Office software improperly handles objects in memory while parsing specially crafted Office files. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.
Featured Stories
The Mirage of AI Programming: Hallucinations and Code IntegrityThe adoption of large language models (LLMs) and Generative Pre-trained Transformers (GPTs), such as ChatGPT, by leading firms like Microsoft, Nuance, Mix and Google CCAI Insights, drives the industry towards a series of transformative changes. As the use of these new technologies becomes prevalent, it is important to understand their key behavior, advantages, and the risks they present.Read more
Open RAN: Attack of the xAppsThis article discusses two O-RAN vulnerabilities that attackers can exploit. One vulnerability stems from insufficient access control, and the other arises from faulty message handlingRead more
A Closer Exploration of Residential Proxies and CAPTCHA-Breaking ServicesThis article, the final part of a two-part series, focuses on the details of our technical findings and analyses of select residential proxies and CAPTCHA-solving services.Read more
How Residential Proxies and CAPTCHA-Solving Services Become Agents of AbuseThis article, the first of a two-part series, provides insights on how abusers and cybercriminals use residential proxies and CAPTCHA-solving services to enable bots, scrapers, and stuffers, and proposes security countermeasures for organizations.Read more