All Vulnerabilities

  • Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-0040)
     Severity:    
     Publish Date:  16 December 2016
    < div id="listDescVul"class="pane showpane noborder" >
    Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0018, CVE-2015-0037, and CVE-2015-0066.
  • WordPress WP-EMail Plugin Cross Site Scripting Vulnerability
     Severity:    
     Publish Date:  24 November 2016
    < div id="listDescVul"class="pane showpane noborder" >
    A Cross Site Scripting vulnerability has been reported in WordPress WP-EMail Plugin. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary script code on the affected website.
  • WordPress Check Email Plugin Cross Site Scripting Vulnerability
     Severity:    
     Publish Date:  24 November 2016
    < div id="listDescVul"class="pane showpane noborder" >
    A Cross-Site Scripting vulnerability was found in the Check Email WordPress Plugin. This issue allows an attacker to perform a wide variety of actions, such as stealing Administrators' session tokens, or performing arbitrary actions on their behalf. In order to exploit this issue, the attacker has to lure/force a logged on WordPress Administrator into opening a malicious website.
  • PowerDNS Authoritative Server Packet Processing Denial Of Service Vulnerability
     Severity:    
     Publish Date:  24 November 2016
    < div id="listDescVul"class="pane showpane noborder" >
    PowerDNS is prone to a remote denial-of-service vulnerability. An attacker can leverage this issue to cause a denial-of-service condition; denying service to legitimate users.
  • OpenJPEG JPEG2000 MCC Record Code Execution Vulnerability (CVE-2016-8332)
     Severity:    
     Publish Date:  24 November 2016
    < div id="listDescVul"class="pane showpane noborder" >
    A buffer overflow in OpenJPEG causes arbitrary code execution when parsing a crafted image file. A specially crafted jpeg2000 file can cause an out of bound heap write resulting in heap corruption leading to arbitrary code execution.
  • Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7202)
     Severity:    
     Publish Date:  24 November 2016
    < div id="listDescVul"class="pane showpane noborder" >
    Microsoft Edge Scripting Engine is prone to a memory corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application.
  • < div id="listDescVul"class="pane showpane noborder" >
    PHP remote file inclusion vulnerability in ZeroBoard 4.1pl4 and earlier allows remote attackers to execute arbitrary PHP code by modifying the (1) _zb_path parameter to outlogin.php or (2) dir parameter to write.php to reference a URL on a remote web server that contains the code.
  • Ознакомиться со статьей   
  • WordPress Ultimate Membership Pro Plugin SQL Injection Vulnerability
     Severity:    
     Publish Date:  24 November 2016
    < div id="listDescVul"class="pane showpane noborder" >
    SQL injection vulnerability in WordPress ultimate membership pro plugin allows attackers to execute arbitrary SQL commands via unspecified vectors.
  • WordPress Ninja Forms Plugin SQL Injection Vulnerability
     Severity:    
     Publish Date:  24 November 2016
    < div id="listDescVul"class="pane showpane noborder" >
    SQL injection vulnerability in WordPress Ninja Forms Plugin allows attackers to execute arbitrary SQL commands via unspecified vectors.
  • WordPress Mobile Detector Plugin Arbitrary File Upload Vulnerability
     Severity:    
     Publish Date:  24 November 2016
    < div id="listDescVul"class="pane showpane noborder" >
    WordPress Mobile Detector Plugin is prone to an arbitrary file upload vulnerability because it fails to properly sanitise user-supplied input. An attacker may leverage this issue to upload arbitrary files to the affected computer. This can result in arbitrary code execution within the context of the vulnerable application.