3 results (0.007 seconds)

CVSS: 10.0EPSS: 53%CPEs: 22EXPL: 1

Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.0.0.194 on Windows and OS X and before 11.2.202.468 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in June 2015. Desbordamiento de buffer basado en memoria dinámica en Adobe Flash Player anterior a 13.0.0.296 y 14.x hasta 18.x anterior a 18.0.0.194 en Windows y OS X y anterior a 11.2.202.468 en Linux permite a atacantes remotos ejecutar código arbitrario a través de vectores no especificados, tal y como fue utilizado activamente en junio del 2015. Heap-based buffer overflow vulnerability in Adobe Flash Player allows remote attackers to execute code. • https://www.exploit-db.com/exploits/37536 http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00020.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00025.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00002.html http://marc.info/?l=bugtraq&m=144050155601375&w=2 http://rhn.redhat.com/errata/RHSA-2015-1184.html http://www.securityfocus.com/bid/75371 http://www.securitytracker.com/id/1032696 https://bugzilla.redhat.com/show_bug. • CWE-787: Out-of-bounds Write •

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0

Unspecified vulnerability in HP Virtual Connect Enterprise Manager (VCEM) 6.0 and 6.1 allows remote attackers to read arbitrary files via unknown vectors. Vulnerabilidad no especificada en HP Virtual Connect Enterprise Manager (VCEM) v6.0 y v6.1 permite a atacantes remotos leer archivos de su elección a través de vectores desconocidos. • http://marc.info/?l=bugtraq&m=128776031714107&w=2 http://secunia.com/advisories/41926 http://www.securitytracker.com/id?1024631 http://www.vupen.com/english/advisories/2010/2759 •

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0

Cross-site scripting (XSS) vulnerability in HP Virtual Connect Enterprise Manager for Windows before 6.1 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en HP Virtual Connect Enterprise Manager para Windows anterior a v6.1, permite a atacantes remotos inyectar código web o HTML de su elección a través de vectores desconocidos • http://secunia.com/advisories/40552 http://www.securitytracker.com/id?1024181 http://www.vupen.com/english/advisories/2010/1797 http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02283465&admit=109447626+1279054975923+28353475 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •