Microsoft Edge Spoofing Vulnerability (CNVD-2019-02771)

Microsoft Windows 10 and others are operating systems released by Microsoft Corporation USA.Edge is one of the default browsers that comes with the system. A spoofing vulnerability exists in Microsoft Edge that stems from the program's failure to properly process HTML content. A remote attacker c...

The vulnerability of the Windows operating system’s kernel allows a hacker to execute arbitrary code with elevated privileges.

The vulnerability of the Windows operating system’s kernel is related to errors in processing objects in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code with elevated privileges using a specially created application...

The vulnerability in the implementation of the Microsoft Server Message Block 2.0 network protocol on Windows operating systems allows a perpetrator to disclose protected information.

The vulnerability of the Microsoft Server Message Block 2.0 SMBv2 network protocol in Windows operating systems is related to errors in processing input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose sensitive information with the help of speciall...

The vulnerability of the Internet Explorer browser, caused by errors in script processing, allows a hacker to perform a cross-site scripting attack.

The vulnerability of the Internet Explorer browser security function arises due to errors in script processing. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using a specially crafted web page...

The vulnerability of the form development tool for data input based on XML, Microsoft InfoPath, arises from errors in object processing in memory, allowing attackers to execute arbitrary code.

The vulnerability of the form development tool for input data based on XML is due to an operation going beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted file...

Design/Logic Flaw

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 820 and SD 820A, the input to RPMB write response function is a buffer from HLOS that needs to be authenticated using HMAC and then processed. However, some of the processing...

PostgreSQL Information Disclosure Vulnerability-01 (Feb 2018) - Windows

PostgreSQL is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2017-12318

A vulnerability in the TCP state machine of Cisco RF Gateway 1 devices could allow an unauthenticated, remote attacker to prevent an affected device from delivering switched digital video SDV or video on demand VoD streams, resulting in a denial of service DoS condition. The vulnerability is due ...

CVE-2017-12318

A vulnerability in the TCP state machine of Cisco RF Gateway 1 devices could allow an unauthenticated, remote attacker to prevent an affected device from delivering switched digital video SDV or video on demand VoD streams, resulting in a denial of service DoS condition. The vulnerability is due ...

Cisco RF Gateway 1 TCP Connection Denial of Service Vulnerability

A vulnerability in the TCP state machine of Cisco RF Gateway 1 devices could allow an unauthenticated, remote attacker to prevent an affected device from delivering switched digital video SDV or video on demand VoD streams, resulting in a denial of service DoS condition. The vulnerability is due ...

Adobe Acrobat and Reader Out-of-bounds Read (APSB17-36: CVE-2017-16409)

A memory corruption vulnerability exists in Adobe Acrobat And Reader. The vulnerability is due to an error in the image conversion engine when processing Enhanced Metafile Format EMF private data. A remote attacker may exploit this vulnerability by using the out of bounds access for unintended...

The vulnerability of JavaScript handlers in the Microsoft Edge browser for the Windows operating system, allowing a perpetrator to execute arbitrary code

The vulnerability of Microsoft Edge’s JavaScript handlers arises from an operation going beyond the buffer boundaries due to a memory object processing error. Exploiting this vulnerability allows a remote attacker to execute arbitrary code in the context of the current user...

Authentication flaw

A vulnerability in the web-based GUI of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication and execute actions with administrator privileges. The vulnerability is due to a processing error in the role-based access control RBAC of URLs. An attacker could...

Cisco cBR-8 Converged Broadband Router vty Integrity Vulnerability

A vulnerability in Cisco IOS XE Software running on Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause a configuration integrity change to the vty line configuration on an affected device. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptio...

Cisco cBR-8 Converged Broadband Router vty Integrity Vulnerability

A vulnerability in Cisco IOS XE Software running on Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause a configuration integrity change to the vty line configuration on an affected device. The vulnerability is due to a logic processing error that exis...

The vulnerability of the International Components for Unicode library allows a attacker to trigger a service failure or execute arbitrary code.

The vulnerability of the resolveImplicitLevels function in the implementation of the Unicode Bidirectional Algorithm of the International Components for Unicode library is related to errors in number processing. Exploiting this vulnerability can allow a malicious actor to cause service failures o...

The vulnerability of the Firefox browser, which allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability exists in the NSS Network Security Services library of Mozilla for Mozilla Firefox, due to incorrect processing of ASN.1 values in X.509 certificates. Exploiting this vulnerability allows malicious actors to replace RSA signatures with specially crafted certificates. This...

PT-2016-3294

Name of the Vulnerable Software and Affected Versions Xen affected versions not specified Description The issue is related to an incomplete fix, allowing guest OS users to obtain sensitive information from uninitialized locations in host OS kernel memory. This is due to not enabling memory and I/...

OpenJDK: Inet6Address class IPv6 address processing errors (Libraries, 8015743)

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, 6u60 and earlier, 5.0u51 and earlier, and Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries...

Apache HTTP Server mod_log_config Denial of Service (CVE-2014-0098)

A denial of service vulnerability has been reported in Apache HTTP server. The vulnerability is due to a log processing error in the modlogconfig module. A remote, unauthenticated attacker can leverage this vulnerability by sending a malicious request to the target server...