All Vulnerabilities

Adobe Flash Player allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via unspecified vectors.

Adobe Flash Player allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via unspecified vectors.

Adobe Flash Player allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via unspecified vectors.

Adobe Flash Player allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via unspecified vectors.

A Cross Site Scripting vulnerability has been found in the Events Made Easy WordPress plugin. By using this issue an attacker can create a specially crafted event which, when posted to WordPress, injects malicious JavaScript code into the application. This code will execute within the browser of any user who views the relevant application content.

Directory traversal vulnerability in the Web Administration tool in IBM Tivoli Directory Server (ITDS) before 6.1.0.74-ISS-ISDS-IF0074, 6.2.x before 6.2.0.50-ISS-ISDS-IF0050, and 6.3.x before 6.3.0.43-ISS-ISDS-IF0043 and IBM Security Directory Server (ISDS) before 6.3.1.18-ISS-ISDS-IF0018 and 6.4.x before 6.4.0.9-ISS-ISDS-IF0009 allows remote attackers to read arbitrary files via a .. (dot dot) in a URL.

An elevation of privilege vulnerability exist when the Windows Kernel API improperly allows a user to access sensitive registry information. An attacker who successfully exploited the vulnerability could gain access to user account information not intended for the user.

The Security component in Symfony 2.0.x before 2.0.25, 2.1.x before 2.1.13, 2.2.x before 2.2.9, and 2.3.x before 2.3.6 allows remote attackers to cause a denial of service (CPU consumption) via a long password that triggers an expensive hash computation.

The attemptAuthentication function in Component/Security/Http/Firewall/UsernamePasswordFormAuthenticationListener.php in Symfony before 2.3.41, 2.7.x before 2.7.13, 2.8.x before 2.8.6, and 3.0.x before 3.0.6 does not limit the length of a username stored in a session, which allows remote attackers to cause a denial of service (session storage consumption) via a series of authentication attempts with long, non-existent usernames.

Adobe Flash Player is prone to a use after free vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial of service condition.