All Vulnerabilities

A remote code execution vulnerability exits in Apache Struts such that upon successful exploitation a malicious expression can be used to execute arbitrary code on server side when Dynamic Method Invocation is enabled.
glibc getaddrinfo Stack Based Buffer Overflow Vulnerability (CVE-2015-7547)
 Severity:    
 Date Published:  16 Dec 2016
Stack Based Buffer Overflow in glibc getaddrinfo allows attackers to execute arbitrary code via unspecified vectors.
Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-0040)
 Severity:    
 Date Published:  16 Dec 2016
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0018, CVE-2015-0037, and CVE-2015-0066.
WordPress WP-EMail Plugin Cross Site Scripting Vulnerability
 Severity:    
 Date Published:  24 Nov 2016
A Cross Site Scripting vulnerability has been reported in WordPress WP-EMail Plugin. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary script code on the affected website.
WordPress Check Email Plugin Cross Site Scripting Vulnerability
 Severity:    
 Date Published:  24 Nov 2016
A Cross-Site Scripting vulnerability was found in the Check Email WordPress Plugin. This issue allows an attacker to perform a wide variety of actions, such as stealing Administrators' session tokens, or performing arbitrary actions on their behalf. In order to exploit this issue, the attacker has to lure/force a logged on WordPress Administrator into opening a malicious website.
PowerDNS is prone to a remote denial-of-service vulnerability. An attacker can leverage this issue to cause a denial-of-service condition; denying service to legitimate users.
OpenJPEG JPEG2000 MCC Record Code Execution Vulnerability (CVE-2016-8332)
 Severity:    
 Date Published:  24 Nov 2016
A buffer overflow in OpenJPEG causes arbitrary code execution when parsing a crafted image file. A specially crafted jpeg2000 file can cause an out of bound heap write resulting in heap corruption leading to arbitrary code execution.
Microsoft Edge Scripting Engine is prone to a memory corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application.
PHP remote file inclusion vulnerability in ZeroBoard 4.1pl4 and earlier allows remote attackers to execute arbitrary PHP code by modifying the (1) _zb_path parameter to outlogin.php or (2) dir parameter to write.php to reference a URL on a remote web server that contains the code.
WordPress Ultimate Membership Pro Plugin SQL Injection Vulnerability
 Severity:    
 Date Published:  24 Nov 2016
SQL injection vulnerability in WordPress ultimate membership pro plugin allows attackers to execute arbitrary SQL commands via unspecified vectors.

Featured Stories