All Vulnerabilities

Multiple elevation of privilege vulnerabilities exist when the Windows VHDMP kernel driver fails to properly handle user access to certain files. An attacker who successfully exploited the vulnerabilities could manipulate files in locations not intended to be available to the user.
Multiple elevation of privilege vulnerabilities exist when the Windows VHDMP kernel driver fails to properly handle user access to certain files. An attacker who successfully exploited the vulnerabilities could manipulate files in locations not intended to be available to the user.
A remote code execution vulnerability exists in ImageMagick and GraphicsMagick when software fails to parse the crafted image file properly. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.
Magento SQL Injection Vulnerability
 Severity:    
 Date Published:  24 Nov 2016
SQL injection vulnerability in Magento 1.9.1.0 CE and 1.14.1.0 EE allows remote attackers to execute arbitrary SQL commands.
A denial of service flaw was found in the way the SSL/TLS protocol, defined processing of ALERT packets during an SSL handshake. An attacker could use this flaw to DoS servers compiled against cryptographic libraries, which do not allocate an extra thread to process ClientHello packets.
A denial-of-service vulnerability exists in the Network Time Protocol daemon (NTPD). An attacker can exploit this vulnerability by sending a crafted NTP request to the vulnerable service. Successful exploitation can cause the NTP process to terminate with an assertion failure, leading to a denial-of-service condition.
Adobe Flash Player Use After Free Vulnerability (CVE-2016-7864)
 Severity:    
 Date Published:  16 Nov 2016
Adobe Flash Player is prone to a use after free vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial of service condition.
Adobe Flash Player Use After Free Vulnerability (CVE-2016-7863)
 Severity:    
 Date Published:  16 Nov 2016
Adobe Flash Player is prone to a use after free vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial of service condition.
Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3324)
 Severity:    
 Date Published:  16 Nov 2016
Microsoft Internet Explorer is prone to a memory corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application.
Microsoft Internet Explorer and Edge are prone to a memory corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application.

Featured Stories