Lucene search

K

Internet Security Security Vulnerabilities

cve
cve

CVE-2020-0968

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from...

7.5CVSS

8AI Score

0.389EPSS

2020-04-15 03:15 PM
934
In Wild
2
cve
cve

CVE-2020-0967

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from...

8.8CVSS

8.9AI Score

0.047EPSS

2020-04-15 03:15 PM
96
cve
cve

CVE-2020-0895

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'Windows VBScript Engine Remote Code Execution...

7.5CVSS

8.3AI Score

0.012EPSS

2020-04-15 03:15 PM
79
cve
cve

CVE-2020-0847

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution...

7.5CVSS

8.3AI Score

0.012EPSS

2020-03-12 04:15 PM
65
cve
cve

CVE-2020-0832

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827,...

7.5CVSS

7.8AI Score

0.017EPSS

2020-03-12 04:15 PM
97
cve
cve

CVE-2020-0830

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828,....

7.5CVSS

7.7AI Score

0.017EPSS

2020-03-12 04:15 PM
97
cve
cve

CVE-2020-0824

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka 'Internet Explorer Memory Corruption...

7.5CVSS

8.5AI Score

0.017EPSS

2020-03-12 04:15 PM
74
cve
cve

CVE-2020-0833

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827,...

7.5CVSS

7.8AI Score

0.017EPSS

2020-03-12 04:15 PM
96
cve
cve

CVE-2020-0768

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829,....

7.5CVSS

7.7AI Score

0.017EPSS

2020-03-12 04:15 PM
116
cve
cve

CVE-2020-10193

ESET Archive Support Module before 1294 allows virus-detection bypass via crafted RAR Compression Information in an archive. This affects versions before 1294 of Smart Security Premium, Internet Security, NOD32 Antivirus, Cyber Security Pro (macOS), Cyber Security (macOS), Mobile Security for...

7.5CVSS

7.5AI Score

0.001EPSS

2020-03-06 08:15 PM
85
cve
cve

CVE-2020-9362

The Quick Heal AV parsing engine (November 2019) allows virus-detection bypass via a crafted GPFLAG in a ZIP archive. This affects Total Security, Home Security, Total Security Multi-Device, Internet Security, Total Security for Mac, AntiVirus Pro, AntiVirus for Server, and Total Security for...

7.8CVSS

7.5AI Score

0.001EPSS

2020-02-24 04:15 PM
25
cve
cve

CVE-2020-9342

The F-Secure AV parsing engine before 2020-02-05 allows virus-detection bypass via crafted Compression Method data in a GZIP archive. This affects versions before 17.0.605.474 (on Linux) of Cloud Protection For Salesforce, Email and Server Security, and Internet...

5.5CVSS

5.5AI Score

0.001EPSS

2020-02-22 11:15 PM
84
cve
cve

CVE-2019-19694

The Trend Micro Security 2019 (15.0.0.1163 and below) consumer family of products is vulnerable to a denial of service (DoS) attack in which a malicious actor could manipulate a key file at a certain time during the system startup process to disable the product's malware protection functions or...

4.7CVSS

4.8AI Score

0.0004EPSS

2020-02-20 11:15 PM
71
cve
cve

CVE-2020-9320

Avira AV Engine before 8.3.54.138 allows virus-detection bypass via a crafted ISO archive. This affects versions before 8.3.54.138 of Antivirus for Endpoint, Antivirus for Small Business, Exchange Security (Gateway), Internet Security Suite for Windows, Prime, Free Security Suite for Windows, and.....

5.5CVSS

5.4AI Score

0.001EPSS

2020-02-20 10:15 PM
65
2
cve
cve

CVE-2020-9264

ESET Archive Support Module before 1296 allows virus-detection bypass via a crafted Compression Information Field in a ZIP archive. This affects versions before 1294 of Smart Security Premium, Internet Security, NOD32 Antivirus, Cyber Security Pro (macOS), Cyber Security (macOS), Mobile Security...

5.5CVSS

5.4AI Score

0.001EPSS

2020-02-18 03:15 PM
33
cve
cve

CVE-2020-0706

An information disclosure vulnerability exists in the way that affected Microsoft browsers handle cross-origin requests, aka 'Microsoft Browser Information Disclosure...

4.3CVSS

5.5AI Score

0.004EPSS

2020-02-11 10:15 PM
69
cve
cve

CVE-2020-0673

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0674, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713,...

7.5CVSS

7.9AI Score

0.973EPSS

2020-02-11 10:15 PM
115
In Wild
cve
cve

CVE-2020-0674

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713,...

7.5CVSS

7.9AI Score

0.973EPSS

2020-02-11 10:15 PM
1137
In Wild
13
cve
cve

CVE-2019-19697

An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 (v15) consumer family of products which could allow an attacker to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. An attacker must already have...

6.7CVSS

6.9AI Score

0.001EPSS

2020-01-18 12:15 AM
181
cve
cve

CVE-2019-20357

A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to create a malicious program to escalate privileges and attain persistence on a vulnerable...

7.8CVSS

7.7AI Score

0.001EPSS

2020-01-18 12:15 AM
178
cve
cve

CVE-2019-11997

A potential security vulnerability has been identified in HPE enhanced Internet Usage Manager (eIUM) versions 8.3 and 9.0. The vulnerability could be used for unauthorized access to information via cross site scripting. HPE has made the following software updates to resolve the vulnerability in...

6.1CVSS

5.9AI Score

0.001EPSS

2020-01-16 07:15 PM
39
cve
cve

CVE-2020-0640

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka 'Internet Explorer Memory Corruption...

7.5CVSS

8.7AI Score

0.021EPSS

2020-01-14 11:15 PM
111
cve
cve

CVE-2019-19820

An invalid pointer vulnerability in IOCTL Handling in the kyrld.sys driver in Kyrol Internet Security 9.0.6.9 allows an attacker to achieve privilege escalation, denial-of-service, and code execution via usermode because 0x9C402405 using METHOD_NEITHER results in a read...

7.8CVSS

7.7AI Score

0.0005EPSS

2020-01-10 05:15 PM
79
cve
cve

CVE-2016-5311

A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client due to a DLL-preloading....

7.8CVSS

7.3AI Score

0.002EPSS

2020-01-09 08:15 PM
29
cve
cve

CVE-2019-19693

The Trend Micro Security 2020 consumer family of products contains a vulnerability that could allow a local attacker to disclose sensitive information or to create a denial-of-service condition on affected installations. An attacker must first obtain the ability to execute low-privileged code on...

7.1CVSS

6.7AI Score

0.001EPSS

2019-12-20 04:15 PM
26
cve
cve

CVE-2019-11995

Security vulnerabilities in HPE UIoT version 1.2.4.2 could allow unauthorized remote access and access to sensitive data. HPE has addressed this issue in HPE UIoT: For customers with release UIoT 1.2.4.2 fixes are made available with 1.2.4.2 RP3 HF1. For customers with release older than 1.2.4.2,.....

7.5CVSS

7.6AI Score

0.001EPSS

2019-12-18 08:15 PM
24
cve
cve

CVE-2019-1485

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution...

7.5CVSS

8.3AI Score

0.02EPSS

2019-12-10 10:15 PM
76
cve
cve

CVE-2019-18190

Trend Micro Security (Consumer) 2020 (v16.x) is affected by a vulnerability in where null pointer dereference errors result in the crash of application, which could potentially lead to possible unsigned code execution under certain...

9.8CVSS

9.4AI Score

0.005EPSS

2019-12-09 07:15 PM
21
cve
cve

CVE-2019-15689

Kaspersky Secure Connection, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Security Cloud prior to version 2020 patch E have bug that allows a local user to execute arbitrary code via execution compromised file placed by an attacker with administrator rights. No privilege...

6.7CVSS

6.9AI Score

0.0004EPSS

2019-12-02 09:15 PM
54
cve
cve

CVE-2019-15628

Trend Micro Security (Consumer) 2020 (v16.0.1221 and below) is affected by a DLL hijacking vulnerability that could allow an attacker to use a specific service as an execution and/or persistence mechanism which could execute a malicious program each time the service is...

7.8CVSS

7.6AI Score

0.001EPSS

2019-12-02 04:15 PM
27
cve
cve

CVE-2019-15688

Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, Kaspersky Security Cloud up to 2020, the web protection component did not adequately inform the user about the threat of redirecting to an untrusted site....

6.1CVSS

6.2AI Score

0.001EPSS

2019-11-26 04:15 PM
36
cve
cve

CVE-2019-15685

Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, Kaspersky Security Cloud up to 2020, the web protection component allowed an attacker remotely disable such product's security features as private browsing and...

4.3CVSS

4.6AI Score

0.001EPSS

2019-11-26 04:15 PM
32
cve
cve

CVE-2019-15686

Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, Kaspersky Security Cloud up to 2020, the web protection component allowed an attacker remotely disable various anti-virus protection features. DoS,...

4.3CVSS

4.6AI Score

0.001EPSS

2019-11-26 04:15 PM
24
cve
cve

CVE-2019-15687

Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, Kaspersky Security Cloud up to 2020, the web protection component was vulnerable to remote disclosure of various information about the user's system (like...

6.5CVSS

6.3AI Score

0.004EPSS

2019-11-26 04:15 PM
30
cve
cve

CVE-2019-19197

IOCTL Handling in the kyrld.sys driver in Kyrol Internet Security 9.0.6.9 allows an attacker to achieve privilege escalation, denial-of-service, and code execution via usermode because 0x9C402401 using METHOD_NEITHER results in a read...

7.8CVSS

7.7AI Score

0.0005EPSS

2019-11-21 07:15 PM
37
cve
cve

CVE-2019-18215

An issue was discovered in signmgr.dll 6.5.0.819 in Comodo Internet Security through 12.0. A DLL Preloading vulnerability allows an attacker to implant an unsigned DLL named iLog.dll in a partially unprotected product directory. This DLL is then loaded into a high-privileged service before the...

7.8CVSS

7.4AI Score

0.002EPSS

2019-11-18 08:15 PM
60
cve
cve

CVE-2019-3648

A Privilege Escalation vulnerability in the Microsoft Windows client in McAfee Total Protection 16.0.R22 and earlier allows administrators to execute arbitrary code via carefully placing malicious files in specific locations protected by administrator...

6.7CVSS

6.8AI Score

0.0004EPSS

2019-11-13 09:15 AM
22
cve
cve

CVE-2019-1429

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1426, CVE-2019-1427,...

7.5CVSS

7.6AI Score

0.971EPSS

2019-11-12 07:15 PM
918
In Wild
6
cve
cve

CVE-2019-1390

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution...

7.5CVSS

8.8AI Score

0.012EPSS

2019-11-12 07:15 PM
59
cve
cve

CVE-2019-1371

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka 'Internet Explorer Memory Corruption...

7.5CVSS

8.6AI Score

0.021EPSS

2019-10-10 02:15 PM
60
cve
cve

CVE-2019-1357

A spoofing vulnerability exists when Microsoft Browsers improperly handle browser cookies, aka 'Microsoft Browser Spoofing Vulnerability'. This CVE ID is unique from...

4.3CVSS

6.3AI Score

0.001EPSS

2019-10-10 02:15 PM
67
cve
cve

CVE-2019-1238

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from...

6.4CVSS

8.2AI Score

0.012EPSS

2019-10-10 02:15 PM
62
cve
cve

CVE-2019-1239

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from...

7.5CVSS

8AI Score

0.012EPSS

2019-10-10 02:15 PM
48
cve
cve

CVE-2019-0608

A spoofing vulnerability exists when Microsoft Browsers does not properly parse HTTP content, aka 'Microsoft Browser Spoofing Vulnerability'. This CVE ID is unique from...

4.3CVSS

6.3AI Score

0.001EPSS

2019-10-10 02:15 PM
101
cve
cve

CVE-2019-1367

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from...

7.5CVSS

7.8AI Score

0.872EPSS

2019-09-23 08:15 PM
1055
In Wild
4
cve
cve

CVE-2019-1236

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from...

7.5CVSS

8.3AI Score

0.04EPSS

2019-09-11 10:15 PM
69
cve
cve

CVE-2019-1220

A security feature bypass vulnerability exists when Microsoft Browsers fail to validate the correct Security Zone of requests for specific URLs, aka 'Microsoft Browser Security Feature Bypass...

4.3CVSS

6AI Score

0.001EPSS

2019-09-11 10:15 PM
55
cve
cve

CVE-2019-1221

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption...

7.5CVSS

8AI Score

0.021EPSS

2019-09-11 10:15 PM
55
In Wild
cve
cve

CVE-2019-1208

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from...

7.5CVSS

8.3AI Score

0.04EPSS

2019-09-11 10:15 PM
81
cve
cve

CVE-2019-14686

A DLL hijacking vulnerability exists in the Trend Micro Security's 2019 consumer family of products (v15) Folder Shield component and the standalone Trend Micro Ransom Buster (1.0) tool in which, if exploited, would allow an attacker to load a malicious DLL, leading to elevated...

7.8CVSS

7.5AI Score

0.001EPSS

2019-08-21 08:15 PM
17
Total number of security vulnerabilities1925