CVSS: 10.0EPSS: 53%CPEs: 22EXPL: 2CVE-2015-3113 – Adobe Flash Player Heap-Based Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2015-3113
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.0.0.194 on Windows and OS X and before 11.2.202.468 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in June 2015. Desbordamiento de buffer basado en memoria dinámica en Adobe Flash Player anterior a 13.0.0.296 y 14.x hasta 18.x anterior a 18.0.0.194 en Windows y OS X y anterior a 11.2.202.468 en Linux permite a atacantes remotos ejecutar código arbitrario a través de vectores no especificados, tal y como fue utilizado activamente en junio del 2015. Heap-based buffer overflow vulnerability in Adobe Flash Player allows remote attackers to execute code. • https://www.exploit-db.com/exploits/37536 http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00020.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00025.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00002.html http://marc.info/?l=bugtraq&m=144050155601375&w=2 http://rhn.redhat.com/errata/RHSA-2015-1184.html http://www.securityfocus.com/bid/75371 http://www.securitytracker.com/id/1032696 https://bugzilla.redhat.com/show_bug. • CWE-787: Out-of-bounds Write •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2010-1969
https://notcve.org/view.php?id=CVE-2010-1969
Cross-site scripting (XSS) vulnerability in HP Virtual Connect Enterprise Manager for Windows before 6.1 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en HP Virtual Connect Enterprise Manager para Windows anterior a v6.1, permite a atacantes remotos inyectar código web o HTML de su elección a través de vectores desconocidos • http://secunia.com/advisories/40552 http://www.securitytracker.com/id?1024181 http://www.vupen.com/english/advisories/2010/1797 http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02283465&admit=109447626+1279054975923+28353475 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •