All Vulnerabilities

Microsoft Win32k Elevation Of Privilege Vulnerability (CVE-2016-3266)
 Severity:    
 Date Published:  12 Oct 2016
A local privilege escalation vulnerability was discovered within the Win32k-GDI component of Microsoft Windows. It can be triggered locally by manipulating the graphics properties of a window. Successful exploitation of this issue might lead to a malicious user elevating his user privileges in a vulnerable system.
Microsoft Office Memory Corruption Vulnerability (CVE-2016-7193)
 Severity:    
 Date Published:  12 Oct 2016
An Office RTF remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle RTF files. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.
Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3383)
 Severity:    
 Date Published:  12 Oct 2016
Microsoft Internet Explorer is prone to a memory corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application.
Microsoft Internet Explorer and Edge are prone to a memory corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application.
Joomla Cross Site Scripting Vulnerability (CVE-2013-3059)
 Severity:    
 Date Published:  12 Oct 2016
Cross-site scripting (XSS) vulnerability in the Voting plugin in Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Joomla Cross Site Scripting Vulnerability (CVE-2013-3058)
 Severity:    
 Date Published:  12 Oct 2016
Cross-site scripting (XSS) vulnerability in Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
HP SiteScope DNS Tool Command Injection Vulnerability
 Severity:    
 Date Published:  12 Oct 2016
A command injection vulnerability exists in the DNS Tool of HP SiteScope allowing an attacker to execute arbitrary commands in the context of the service.
Open redirect vulnerability in the AbstractAuthenticationFormServlet in the Auth Core (org.apache.sling.auth.core) bundle before 1.1.4 in Apache Sling allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the resource parameter, related to "a custom login form and XSS."
WordPress W3 Total Cache Plugin Cross Site Scripting Vulnerability
 Severity:    
 Date Published:  12 Oct 2016
A cross-site scripting (XSS) vulnerability exists in W3 Total Cache plugin, used in WordPress and other products, allow remote attackers to execute same-origin JavaScript functions via crafted parameter.
WordPress Piwik Plugin Persistent Cross Site Scripting Vulnerability
 Severity:    
 Date Published:  12 Oct 2016
A cross-site scripting (XSS) vulnerability exists in Piwik plugin, used in WordPress and other products, allow remote attackers to execute same-origin JavaScript functions via crafted parameter.