All Vulnerabilities

An information disclosure vulnerability exists when Internet Explorer and Microsoft Edge improperly discloses the contents of its memory. An attacker could use the vulnerability to gain information about the system that could be combined with other attacks to compromise the system.
RedHat JBoss Enterprise Application Platform Block Access To Status Servlet
 Severity:    
 Date Published:  07 Sep 2016
A vulnerability has been reported in JBoss Enterprise Application Platform that could be exploited by remote attackers to view potentially confidential information. The vulnerability is due to an insecure design that allows unauthorized access to the status servlet. Remote, unauthenticated attackers could exploit this vulnerability through unspecified attack vector(s).
Adobe Flash Player Heap Overflow Vulnerability (CVE-2016-1001)
 Severity:    
 Date Published:  07 Sep 2016
Adobe Flash Player is prone to a heap overflow vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial of service condition.
A remote code execution vulnerability exists in Internet Explorer scripting engine when it improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Oracle Database Server LT.ROLLBACKWORKSPACE SQL Injection
 Severity:    
 Date Published:  07 Sep 2016
Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
McAfee ePolicy Orchestrator Multiple XXE Vulnerabilities
 Severity:    
 Date Published:  07 Sep 2016
XML external entity (XXE) vulnerability in McAfee ePolicy Orchestrator (ePO) before 4.6.9 and 5.x before 5.1.2 allows remote authenticated users to read arbitrary files via the conditionXML parameter to the taskLogTable to orionUpdateTableFilter.do. It also uses the same secret key across different customers' installations, which allows attackers to obtain the administrator password by leveraging knowledge of the encrypted password.
The XSLT component in Apache Camel before 2.11.4 and 2.12.x before 2.12.3 allows remote attackers to read arbitrary files and possibly have other unspecified impact via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
Microsoft Windows OLE Remote Code Execution Vulnerability (CVE-2016-0153)
 Severity:    
 Date Published:  07 Sep 2016
A remote code execution vulnerability exists in Microsoft Windows OLE when Microsoft Word improperly handles specially crafted word document. An attacker who successfully exploited this vulnerability could cause arbitrary code to execute in the context of the current user.
Adobe Flash Player Use After Free Vulnerability (CVE-2016-4230)
 Severity:    
 Date Published:  07 Sep 2016
Adobe Flash Player is prone to a use after free vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial of service condition.
Adobe Flash Player Use After Free Vulnerability (CVE-2016-4229)
 Severity:    
 Date Published:  07 Sep 2016
Adobe Flash Player is prone to a use after free vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial of service condition.