All Vulnerabilities

  • phpMyAdmin SQL Injection Vulnerability (CVE-2016-6611)
     Severity:    
     Publish Date:  11 January 2017
    < div id="listDescVul"class="pane showpane noborder" >
    phpMyAdmin is prone to a sql-injection vulnerability. Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. phpMyAdmin 4.6.x versions prior to 4.6.4, 4.4.x versions prior to 4.4.15.8 and 4.0.x versions prior to 4.0.10.17 are vulnerable.
  • phpMyAdmin Directory Traversal Vulnerability (CVE-2016-6614)
     Severity:    
     Publish Date:  11 January 2017
    < div id="listDescVul"class="pane showpane noborder" >
    phpMyAdmin is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. Remote attackers may use a specially crafted request with directory-traversal sequences ('../') to retrieve sensitive information. This may aid in further attacks. phpMyAdmin 4.6.x prior to 4.6.4, 4.4.x prior to 4.4.15.8 and 4.0.x prior to 4.0.10.17 are vulnerable.
  • Moodle Cross Site Scripting Vulnerability (CVE-2016-9188)
     Severity:    
     Publish Date:  11 January 2017
    < div id="listDescVul"class="pane showpane noborder" >
    Moodle is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Moodle 3.1.2 and prior versions are vulnerable.
  • Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7200)
     Severity:    
     Publish Date:  11 January 2017
    < div id="listDescVul"class="pane showpane noborder" >
    Microsoft Edge Scripting Engine is prone to a memory corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application.
  • Microsoft Office Information Disclosure Vulnerability (CVE-2016-7264)
     Severity:    
     Publish Date:  11 January 2017
    < div id="listDescVul"class="pane showpane noborder" >
    An information disclosure vulnerability exists in Microsoft Office when Microsoft Office fails to properly handle office files. An attacker who successfully exploited this vulnerability could use a specially crafted file to perform code execution in the context of the current user.
  • PHPMailer Remote Code Execution Vulnerabilities
     Severity:    
     Publish Date:  11 January 2017
    < div id="listDescVul"class="pane showpane noborder" >
    PHPMailer prone to a remote code execution vulnerability. A remote, unauthenticated attacker could exploit this vulnerability by sending crafted requests to the target server. A Successful exploitation of this vulnerability could allow the attacker to execute arbitrary code in the context of the web server user and remotely compromise the target web application.
  • Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2014-1785)
     Severity:    
     Publish Date:  11 January 2017
    < div id="listDescVul"class="pane showpane noborder" >
    Microsoft Internet Explorer is prone to a memory corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application.
  • Ознакомиться со статьей   
  • SwiftMailer Remote Code Execution Vulnerability (CVE-2016-10074)
     Severity:    
     Publish Date:  11 January 2017
    < div id="listDescVul"class="pane showpane noborder" >
    SwiftMailer is prone to a remote code execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial of service condition.
  • PHP Use After Free Remote Code Execution Vulnerability (CVE-2016-7479)
     Severity:    
     Publish Date:  11 January 2017
    < div id="listDescVul"class="pane showpane noborder" >
    PHP is prone to a use after free vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial of service condition.
  • PHP Remote Denial Of Service Vulnerability (CVE-2016-7478)
     Severity:    
     Publish Date:  11 January 2017
    < div id="listDescVul"class="pane showpane noborder" >
    PHP is prone to a vulnerability which allows a remote attacker to unserialize a pathological exception object. Attackers can exploit this issue to cause a denial of service condition.