All Vulnerabilities

  • IBM Domino LDAP Server Remote Execution Vulnerability (CVE-2015-0117)
     嚴重性:    
     公告日期:  2017年1月11日
    The LDAP Server in IBM Domino 8.5.x before 8.5.3 FP6 IF6 and 9.x before 9.0.1 FP3 IF1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
  • Drupal Core system.temporary Information Disclosure Vulnerability (CVE-2016-7572)
     嚴重性:    
     公告日期:  2017年1月11日
    Drupal Core is prone to a information disclosure vulnerability. The vulnerability is due to insufficient access control on the ability to download a full configuration export. A remote, authenticated user can exploit this vulnerability by sending a crafted request to the target. Successful exploitation could lead to disclosure of sensitive information.
  • NetIQ Access Information Disclosure Vulnerability (CVE-2014-5215)
     嚴重性:    
     公告日期:  2016年12月21日
    NetIQ Access Manager (NAM) allows remote authenticated administrators to discover service-account passwords via a request to roma/jsp/volsc/monitoring/dev_services.jsp or roma/jsp/debug/debug.jsp.
  • Microsoft Windows Remote Code Execution Vulnerability (CVE-2016-3368)
     嚴重性:    
     公告日期:  2016年12月21日
    A code execution vulnerability exists in Microsoft Windows. The vulnerability is due to the way objects are handled in memory. A remote attacker with domain credentials can exploit this vulnerability by sending specially crafted requests to the target server. Successful exploitation will allow an attacker to execute arbitrary code with elevated privileges.
  • Microsoft Windows Graphics Remote Code Execution Vulnerability (CVE-2016-7272)
     嚴重性:    
     公告日期:  2016年12月21日
    A remote code execution vulnerability was discovered in Microsoft Windows Graphics component. A successful exploitation of this issue could allow an attacker to execute arbitrary code on the remote system.
  • ISC BIND Multiple DNS Cookies Denial Of Service Vulnerability (CVE-2016-2088)
     嚴重性:    
     公告日期:  2016年12月21日
    A denial-of-service vulnerability has been reported in ISC BIND. The vulnerability is due to improperly processing DNS cookies. A remote attacker could exploit this vulnerabilities by sending a maliciously crafted DNS packet to a target BIND server. Successful exploitation could lead to a denial-of-service condition.
  • Drupal Coder Module Remote Code Execution Vulnerability
     嚴重性:    
     公告日期:  2016年12月21日
    Drupal Coder module prone to a remote code execution vulnerability. The vulnerability is due to improper input validation on user-supplied input. A remote, unauthenticated attacker could exploit this vulnerability by sending crafted requests to the target server. A Successful exploitation of this vulnerability could allow the attacker to execute arbitrary code in the context of the process.
  • Adobe Flash Player Use After Free Vulnerability (CVE-2016-7892)
     嚴重性:    
     公告日期:  2016年12月21日
    Adobe Flash Player is prone to a use after free vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial of service condition.
  • Adobe Flash Player Use After Free Vulnerability (CVE-2016-7879)
     嚴重性:    
     公告日期:  2016年12月21日
    Adobe Flash Player is prone to a use after free vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial of service condition.
  • Adobe Flash Player Use After Free Vulnerability (CVE-2016-7878)
     嚴重性:    
     公告日期:  2016年12月21日
    Adobe Flash Player is prone to a use after free vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial of service condition.