All Vulnerabilities
Oracle Database Server DBMS_CDC_PUBLISH Multiple Procedure SQL Injection
Severity:
Date Published:  21 Sep 2016
Unspecified vulnerability in the Change Data Capture component in Oracle Database 9.2.0.8 and 9.2.0.8DV allows remote authenticated users to affect confidentiality and integrity, related to SYS.DBMS_CDC_PUBLISH.
Adobe Acrobat DLL Loading Arbitrary Code Execution Vulnerability (CVE-2016-1008)
Severity:
Date Published:  21 Sep 2016
Adobe Acrobat and Reader are prone to a vulnerability that lets attackers execute arbitrary code. An attacker can exploit this issue by enticing a legitimate user into opening a pdf file from a network share or WebDAV location that contains a specially crafted Dynamic Linked Library (DLL) file.
Oracle MySQL Remote Code Execution Vulnerability (CVE-2016-6662)
Severity:
Date Published:  15 Sep 2016
A remote code execution vulnerability has been reported in MySQL database server. An authenticated remote user can send a specially crafted request to execute arbitrary code with root privileges on the target system.
HTTP CONNECT requests and 407 Proxy Authentication Required messages are not integrity protected and are susceptible to man-in-the-middle attacks. WebKit-based applications are additionally vulnerable to arbitrary HTML markup and JavaScript execution in the context of the originally requested domain.
Microsoft Windows Session Object Elevation Of Privilege Vulnerability (CVE-2016-3...
Severity:
Date Published:  15 Sep 2016
Windows session object elevation of privilege vulnerability exist in the way that Windows handles session objects. A locally authenticated attacker who successfully exploited the vulnerability could hijack the session of another user.
Microsoft Windows Session Object Elevation Of Privilege Vulnerability (CVE-2016-3...
Severity:
Date Published:  15 Sep 2016
Windows session object elevation of privilege vulnerability exist in the way that Windows handles session objects. A locally authenticated attacker who successfully exploited the vulnerability could hijack the session of another user.
Microsoft Windows Information Disclosure Vulnerability (CVE-2016-3352)
Severity:
Date Published:  15 Sep 2016
An information disclosure vulnerability exists when Windows fails to properly validate NTLM Single Sign-On (SSO) requests during Microsoft Account (MSA) login sessions. To exploit the vulnerability, an attacker would have to trick a user into browsing to a malicious web site or UNC path, or convince a user to load a malicious document that initiates an NTLM SSO validation request without the consent of the user.
Microsoft Win32k Elevation Of Privilege Vulnerability (CVE-2016-3348)
Severity:
Date Published:  15 Sep 2016
An elevation of privilege vulnerability exist in the way that Windows kernel-mode drivers handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Microsoft Scripting Engine Memory Corruption Vulnerability (CVE-2016-3377)
Severity:
Date Published:  15 Sep 2016
Microsoft Scripting Engine is prone to a memory corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application.
Microsoft Scripting Engine Memory Corruption Vulnerability (CVE-2016-3375)
Severity:
Date Published:  15 Sep 2016
Microsoft Scripting Engine is prone to a memory corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application.