All Vulnerabilities
Microsoft XML Core Services XMLHttpRequest 'SetCookie2' Header Information Disclo...
Severity:
Date Published:  29 Sep 2016
Microsoft XML Core Services, as used in Microsoft Expression Web, Office, Internet Explorer 6 and 7, and other products, does not properly restrict access from web pages to Set-Cookie2 HTTP response headers, which allows remote attackers to obtain sensitive information from cookies via XMLHttpRequest calls.
Adobe Flash Player Use After Free Vulnerability (CVE-2016-1109)
Severity:
Date Published:  29 Sep 2016
Adobe Flash Player is prone to a use after free vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial of service condition.
Adobe Flash Player Use After Free Vulnerability (CVE-2016-1106)
Severity:
Date Published:  29 Sep 2016
Adobe Flash Player is prone to a use after free vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial of service condition.
Adobe Flash Player Use After Free Vulnerability (CVE-2016-1097)
Severity:
Date Published:  29 Sep 2016
Adobe Flash Player is prone to a use after free vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial of service condition.
Adobe Flash Player Type Confusion Vulnerability (CVE-2016-1105)
Severity:
Date Published:  29 Sep 2016
Adobe Flash Player is prone to a type confusion vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial of service states.
Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-1102)
Severity:
Date Published:  29 Sep 2016
Adobe Flash Player is prone to an unspecified memory corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial of service states.
Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-1100)
Severity:
Date Published:  29 Sep 2016
Adobe Flash Player is prone to an unspecified memory corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial of service states.
Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-1099)
Severity:
Date Published:  29 Sep 2016
Adobe Flash Player is prone to an unspecified memory corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial of service states.
Adobe Flash Player Buffer Overflow Vulnerability (CVE-2016-1103)
Severity:
Date Published:  29 Sep 2016
Adobe Flash Player is prone to a buffer overflow vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial of service states.
Adobe Acrobat And Reader Font Stream Parsing Out-Of-Bounds Read Information Discl...
Severity:
Date Published:  29 Sep 2016
Adobe Flash Player allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via unspecified vectors.
Featured Stories
- Open RAN: Attack of the xAppsThis article discusses two O-RAN vulnerabilities that attackers can exploit. One vulnerability stems from insufficient access control, and the other arises from faulty message handlingRead more
- A Closer Exploration of Residential Proxies and CAPTCHA-Breaking ServicesThis article, the final part of a two-part series, focuses on the details of our technical findings and analyses of select residential proxies and CAPTCHA-solving services.Read more
- How Residential Proxies and CAPTCHA-Solving Services Become Agents of AbuseThis article, the first of a two-part series, provides insights on how abusers and cybercriminals use residential proxies and CAPTCHA-solving services to enable bots, scrapers, and stuffers, and proposes security countermeasures for organizations.Read more
- Abusing Argo CD, Helm, and Artifact Hub: An Analysis of Supply Chain Attacks in Cloud-Native ApplicationsWe provide an overview of cloud-native tools and examine how cybercriminals can exploit their vulnerabilities to launch supply chain attacks.Read more