All Vulnerabilities

Microsoft Edge Scripting Engine is prone to a memory corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application.
active_support/core_ext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly restrict casts of string values, which allows remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service (memory and CPU consumption) involving nested XML entity references, by leveraging Action Pack support for (1) YAML type conversion or (2) Symbol type conversion.
Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-6941)
 Severity:    
 Date Published:  16 Dec 2016
Adobe Acrobat and Reader are prone to an unspecified memory corruption vulnerability. Attackers can exploit the vulnerability to do code corruption, control-flow hijack, or information leak attack.
A type confusion vulnerability was discovered in Microsoft Internet Explorer and Microsoft Edge. A successful exploitation of this issue could allow an attacker to execute arbitrary code on the remote system.
Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0063)
 Severity:    
 Date Published:  16 Dec 2016
Microsoft Internet Explorer is prone to a memory corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application.
The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application's GET handler by using a different method.
Joomla Core Security Bypass Vulnerability (CVE-2016-8870)
 Severity:    
 Date Published:  16 Dec 2016
Joomla Core is prone to multiple security-bypass vulnerabilities. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions, this may aid in launching further attacks.
Internet Explorer Memory Corruption Vulnerability (CVE-2013-3120)
 Severity:    
 Date Published:  16 Dec 2016
Microsoft Internet Explorer is prone to a memory corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application.
Microsoft Edge Memory Corruption Vulnerability (CVE-2015-6168)
 Severity:    
 Date Published:  16 Dec 2016
Microsoft Edge is prone to an unspecified memory corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application.
Microsoft Internet Explorer and Edge are prone to a memory corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application.

Featured Stories