All Vulnerabilities

IBM WebSphere Application Server is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
SAP NetWeaver JAVA AS UDDI Component XXE Vulnerability (CVE-2016-4014)
 Severity:    
 Date Published:  15 Sep 2016
XML external entity (XXE) vulnerability in the UDDI component in SAP NetWeaver JAVA AS 7.4 allows remote attackers to cause a denial of service via a crafted XML request.
Apache Jetspeed Cross-Site Scripting (XSS) Vulnerability (CVE-2016-0712)
 Severity:    
 Date Published:  15 Sep 2016
Cross-site scripting (XSS) vulnerability in Apache Jetspeed before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to portal.
Adobe Reader DC Memory Corruption Vulnerability (CVE-2016-1077)
 Severity:    
 Date Published:  15 Sep 2016
Adobe Acrobat and Reader is prone to a memory corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial of service condition.
Adobe Acrobat and Reader are prone to an information disclosure vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial of service states.
Adobe Acrobat and Reader are prone to an information disclosure vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial of service states.
Adobe Flash Player Use After Free Vulnerability (CVE-2016-4231)
 Severity:    
 Date Published:  15 Sep 2016
Adobe Flash Player is prone to a use after free vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial of service condition.
Adobe Flash Player Sensitive Data Exposure Vulnerability (CVE-2016-4232)
 Severity:    
 Date Published:  15 Sep 2016
Adobe Flash Player is prone to an unspecified sensitive data exposure vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial of service states.
WordPress Fastest Cache Plugin Local File Inclusion Vulnerability
 Severity:    
 Date Published:  15 Sep 2016
Fastest Cache WordPress plugin is vulnerable to Local File Inclusion vulnerability.An attacker can exploit this issue to run arbitrary PHP code on the target system.
WordPress Email Users Plugin Cross Site Scripting Vulnerability
 Severity:    
 Date Published:  15 Sep 2016
A Cross-Site Scripting vulnerability was found in the Email Users WordPress Plugin. This vulnerability allows an attacker to perform a actions such as stealing Administrators' session tokens. An attacker has to lure the user into opening a malicious website to exploit this vulnerability.