Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before…

Lighttpd 1.4.56 through 1.4.58 allows a remote attacker to cause a denial of service (CPU consu…

Windows Kernel Elevation of Privilege Vulnerability

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

Buffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an i…

Microsoft Streaming Service Elevation of Privilege Vulnerability

In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input to mod_auth_digest can cause th…

The ASN1_TYPE_cmp function in crypto/asn1/a_type.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.…

The aspath_put function in bgpd/bgp_aspath.c in Quagga before 1.2.2 allows remote attackers to …

An exploitable code execution vulnerability exists in the JPEG2000 Stripe Decoding functionalit…

The exif_process_unicode function in ext/exif/exif.c in PHP before 5.4.37, 5.5.x before 5.5.21,…

There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure …

Windows DWM Core Library Elevation of Privilege Vulnerability

There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL before …

NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote…

Off-by-one error in the phar_parse_zipfile function in ext/phar/zip.c in PHP before 5.5.30 and …

The exif_convert_any_to_int function in ext/exif/exif.c in PHP before 5.6.30, 7.0.x before 7.0.…

The setup_group function in bfd/elf.c in libbfd in GNU binutils 2.24 and earlier allows remote …

The dtls1_listen function in d1_lib.c in OpenSSL 1.0.2 before 1.0.2a does not properly isolate …

Internet Connection Sharing (ICS) Remote Code Execution Vulnerability

A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APO…

A Security Feature Bypass vulnerability exists in MSR JavaScript Cryptography Library that is c…

This vulnerability allows remote attackers to execute arbitrary code on affected installations …

LAquis SCADA Versions 4.1.0.3870 and prior has an untrusted pointer dereference vulnerability, …

PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5…

drivers/net/r8169.c in the r8169 driver in the Linux kernel 2.6.32.3 and earlier does not prope…

Microsoft is aware of vulnerabilities in the third party Agere Modem driver that ships natively…

In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due t…

The fbComposite function in fbpict.c in the Render extension in the X server in X.Org X11R7.1 a…

The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse…

A flaw was found in moodle where logic used to count failed login attempts could result in the …

library/glob.html in the Python 2 and 3 documentation before 2016 has potentially misleading in…

In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts func…

Win32k Elevation of Privilege Vulnerability

A vulnerability has been identified in JT2Go (All versions < V13.1.0.2), Teamcenter Visualizati…

A stack-based buffer overflow in handle_request function in DHT.c in toxcore 0.1.9 through 0.1.…

Windows DWM Core Library Elevation of Privilege Vulnerability

ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setloca…

Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection wh…