All Vulnerabilities

Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-0040)
 Severity:    
 Date Published:  16 Dec 2016
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0018, CVE-2015-0037, and CVE-2015-0066.
WordPress WP-EMail Plugin Cross Site Scripting Vulnerability
 Severity:    
 Date Published:  24 Nov 2016
A Cross Site Scripting vulnerability has been reported in WordPress WP-EMail Plugin. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary script code on the affected website.
WordPress Check Email Plugin Cross Site Scripting Vulnerability
 Severity:    
 Date Published:  24 Nov 2016
A Cross-Site Scripting vulnerability was found in the Check Email WordPress Plugin. This issue allows an attacker to perform a wide variety of actions, such as stealing Administrators' session tokens, or performing arbitrary actions on their behalf. In order to exploit this issue, the attacker has to lure/force a logged on WordPress Administrator into opening a malicious website.
PowerDNS is prone to a remote denial-of-service vulnerability. An attacker can leverage this issue to cause a denial-of-service condition; denying service to legitimate users.
OpenJPEG JPEG2000 MCC Record Code Execution Vulnerability (CVE-2016-8332)
 Severity:    
 Date Published:  24 Nov 2016
A buffer overflow in OpenJPEG causes arbitrary code execution when parsing a crafted image file. A specially crafted jpeg2000 file can cause an out of bound heap write resulting in heap corruption leading to arbitrary code execution.
Microsoft Edge Scripting Engine is prone to a memory corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application.
PHP remote file inclusion vulnerability in ZeroBoard 4.1pl4 and earlier allows remote attackers to execute arbitrary PHP code by modifying the (1) _zb_path parameter to outlogin.php or (2) dir parameter to write.php to reference a URL on a remote web server that contains the code.
WordPress Ultimate Membership Pro Plugin SQL Injection Vulnerability
 Severity:    
 Date Published:  24 Nov 2016
SQL injection vulnerability in WordPress ultimate membership pro plugin allows attackers to execute arbitrary SQL commands via unspecified vectors.
WordPress Ninja Forms Plugin SQL Injection Vulnerability
 Severity:    
 Date Published:  24 Nov 2016
SQL injection vulnerability in WordPress Ninja Forms Plugin allows attackers to execute arbitrary SQL commands via unspecified vectors.
WordPress Mobile Detector Plugin Arbitrary File Upload Vulnerability
 Severity:    
 Date Published:  24 Nov 2016
WordPress Mobile Detector Plugin is prone to an arbitrary file upload vulnerability because it fails to properly sanitise user-supplied input. An attacker may leverage this issue to upload arbitrary files to the affected computer. This can result in arbitrary code execution within the context of the vulnerable application.