The host is installed with Apple iTunes before 12.9.2 or Apple iCloud before 7.9 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fail to properly handle a memory corruption issue. Successful exploitation could allow attackers to perform arbitrary code execution.
The host is installed with Apple iTunes before 12.9.2 or Apple iCloud before 7.9 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fail to properly handle a memory corruption issue. Successful exploitation could allow attackers to perform arbitrary code execution.
The host is installed with Apple iTunes before 12.9.2 or Apple iCloud before 7.9 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fail to properly handle a logic issue. Successful exploitation could allow attackers to perform arbitrary code execution.
An information disclosure vulnerability exists where certain modes of the search function in Microsoft SharePoint Server are vulnerable to cross-site search attacks (a variant of cross-site request forgery, CSRF). When users are simultaneously logged in to Microsoft SharePoint Server and visit a malicious web page, the attacker can, through standard browser functionality, induce the browser to inv ...
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted authentication request to an affected SharePoint server. An attacker who successfully exploited this vulnerability could execute malicious code on a vulnerable server in the context of the SharePoint application pool account.
To exploit this vulnerability, an authenticated ...
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacker who successfully exploited the vulnerability could then perform cross-site scrip ...
The host is installed with Winamp 5.6 or earlier version and is prone to multiple integer overflow vulnerabilities. The flaws are present in in_midi plugin, which fails to handle invalid MIDI files. Successful exploitation allow remote attackers to trigger an integer overflow condition.
The host is installed with Winamp 5.6 or earlier version and is prone to multiple integer overflow vulnerabilities. The flaws are present in in_nsv plugin, which fails to parse the Table of Contents (TOC) correctly. Successful exploitation allow remote attackers to execute arbitrary code using sn NSV stream or NSV file.
The host is installed with PHP and is prone to format string vulnerability. A flaw in present in phar_object.c, which improperly calls zend_throw_exception_ex() function when format string specifiers are passed in an argument to a class method. Successful exploitation could allow remote attackers to execute arbitrary code, obtain sensitive information or cause a denial of service.
The host is installed with PHP and is prone to integer overflow vulnerability. A flaw is present in the numfmt_get_symbol function, which fails to handle invalid arguments. Successful exploitation could allow remote attacker to cause denial of service.