Multiple DLL side loading vulnerabilities were found in various COM components. These issues can be exploited by loading various these components as an embedded OLE object. When instantiating a vulnerable object Windows will try to load one or more DLLs from the current working directory. If an attacker convinces the victim to open a specially crafted (Office) document from a directory also containing the attacker's DLL file, it is possible to execute arbitrary code with the privileges of the target user. This can potentially result in the attacker taking complete control of the affected system.
54a85ca989c4eaff178f934a3bf1f889b5563dba98e78c59197f8309e65b7406
MyBB version 1.8.6 suffers from multiple cross site scripting vulnerabilities.
09a5d3981d355ec0a29e90ee57d1093fb1ebc1eb4d6c9e3e9940a391386d94b3
A specially crafted HTTP response can cause the CHttpHeaderParser::ParseStatusLine method in WININET to read data beyond the end of a buffer. The size of the read can be controlled through the HTTP response. An attacker that is able to get any application that uses WININET to make a request to a server under his/her control may be able to disclose information stored after this memory block. This includes Microsoft Internet Explorer.
94c41624ff0f1959d2d6ec3ad4d68a44468068d2211d86e587904cea67366cf4
4images versions 1.7.13 and below suffer from a remote SQL injection vulnerability.
74de1ddc3bddc388cd27bca15944047be987925a71644ccbc0bf1a487955531b
Exponent CMS version 2.4.0 suffers from a remote blind SQL injection vulnerability.
efb6f348b4c97ed885446cc19619c0d5dcfbb991b1688207a51826ebad74cb58
Microsoft Internet Explorer versions 9, 10, and 11 suffer from an MSHTML PROPERTYDESC::HandleStyleComponentProperty out-of-bounds read.
69867369c8cff2f756daea66abcef97b67f77b7116041fb4cfb63a932b7b4769
Nero version 7.10.1.0 suffers from an unquoted service path privilege escalation vulnerability.
bad453dd996e32dcdd658e911ef7091ccb817266a006aad8aa09bc2e7fc877b3
e107 CMS version 2.1.2 suffers from a privilege escalation vulnerability.
73baba47c53c160ce7de24af40be1871e0c32ae23b42c9e50a5f1ec9f610bac5
A specially crafted script can cause the VBScript engine to read data beyond a memory block for use as a regular expression. An attacker that is able to run such a script in any application that embeds the VBScript engine may be able to disclose information stored after this memory block. This includes all versions of Microsoft Internet Explorer.
de2a5025554f64ba3382cd282b48b1d88c6ba27472d9213565816e814c3c7bdb
PCMan FTP server version 2.0.7 LIST command buffer overflow exploit.
ee8c05f9d31c111b08f65c859a19a515350d52b94b05b48a00dae728d3c59400
Droid4XService (Droid4XService.exe) installs as a service with an unquoted service path running with SYSTEM privileges. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system.
0a067f88b1ac621e2bddaaff892ce2e233e835a6b70cfc46bd1bb9a8eac8c45a
Verint Impact 360 version 11.1 suffers from an open redirection vulnerability.
90b86698e84b565bf822062eee3cb8a8a648d26b748b7e8d05a0febd3793bd37
Samsung Software Update Service, SWUpdateService (SWMAgent.exe), installs as a service with an unquoted service path running with SYSTEM privileges. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system.
fa631c32f50f71cbeace4cb98fbe8c2fe5df271cc347f3d1d9bc08165cc55e61
Adobe Connect and Desktop version 9.5.7 suffers from malicious script insertion vulnerabilities.
5d4defe17959d7dd2a5ced15d3b2e58a4576fed73b0d6f23e36ec599cada1d18
Avira Antivirus versions 15.0.21.86 and below suffer from a command execution vulnerability.
78a59e0dd369a5bd39deaf1ea862d4e542548155f19cd30868dfaf06d9060e7d
PCMan FTP server version 2.0.7 HELP command buffer overflow exploit.
1e931abe04a9035467fbd7383b1872edad0a0e560491380e1dd821c7353c4038
D-Link ADSL router DSL-2750E with firmware version SEA_1.07 suffers from a file disclosure vulnerability.
5b3e48e6c154c065a6f5f66894e16cc4b75f24024861e7e8a923afaa15523de3
NETGEAR ADSL router JNR2010 with firmware version 1.0.0.20 suffers from a file disclosure vulnerability.
89351c58412f573eab1041e77b42d338f8587baa062a618e9c0694a4fe1e544f
WordPress 404 to 301 plugin version 2.2.8 suffers from a persistent cross site scripting vulnerability.
caf5fe4e82197491c2d860c9c6183c6cfbe9f3b073eb49cb2472f0de886a1e21
NETGEAR ADSL router JNR1010 with firmware version 1.0.0.32 suffers from a file disclosure vulnerability.
2ab7d96798cb9335ad7bbafd60afd681b9e8ae3434614fef0cc6588d36f0c876
NETGEAR ADSL router WNR612v3 with firmware version 1.0.0.9 suffers from a file disclosure vulnerability.
83b45b90accee293fef2e2738d7d071e7d33c5436060f03cbbe988b3a89366eb
D-Link ADSL router DSL-2750U with firmware version IN_1.08 suffers from a file disclosure vulnerability.
782cca1a45e485462231cc414ff4e53635082360738f17a7ed29bd4d2cc96066
WordPress Calendar plugin version 1.3.7 suffers from a cross site scripting vulnerability.
ea052d53851c7851e99b09704105a6c6efd2ea912fa3031b5a38723b58c17e60
OpenGB version 1.2.3 suffers from a cross site scripting vulnerability.
f6310c6342bbd12490a1dae8f1fe7e75a53b1b536cfba1a4d9e2b735941c451c
The tcp_check_send_head function in include/net/tcp.h in the Linux kernel before 4.7.5 does not properly maintain certain SACK state after a failed data copy, which allows local users to cause a denial of service (tcp_xmit_retransmit_queue use-after-free and system crash) via a crafted SACK option.
a6ca122006a1200c7bde861b8e42d7ff62e7411987a0ab39b2b75bf23a794a1a