Microsoft Windows Event Viewer CVE-2019-0948 Information Disclosure Vulnerability

Description Microsoft Windows Event Viewer is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows ...

GNU Compiler Collection Security Bypass Vulnerability

The GNU Compiler Collection GCC is an open source compiler for programming languages from the GNU Project. A security vulnerability exists in GNU GCC versions 4.1 through 8. An attacker could exploit the vulnerability to bypass security protections...

Adobe Acrobat/Reader Out-of-Bounds Read Vulnerability (CNVD-2019-26011)

Adobe Reader also known as Acrobat Reader is a PDF file reader developed by Adobe.Adobe Acrobat is a PDF editing software developed by Adobe. Adobe Acrobat/Reader has an out-of-bounds read vulnerability. An attacker can exploit this vulnerability to obtain information...

Logic Flaw Vulnerability in Daishantron Mall System

Shanghai Shangchuang Network Technology Co., Ltd. is an independent e-commerce service and technology provider with development strength. There is a logic flaw vulnerability in the Dascommerce Mall system, which can be exploited by attackers to obtain sensitive information...

CVE-2019-9137

DaviewIndy 8.98.7 and earlier versions have a Integer overflow vulnerability, triggered when the user opens a malformed Image file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution...

Starbucks App Has Information Leakage Vulnerability

Starbucks APP is the official client software of Starbucks. Starbucks APP has an information disclosure vulnerability that can be exploited by attackers to obtain sensitive information...

SmartFTP Client Denial of Service Vulnerability

SmartFTP is an FTP client tool. A denial of service vulnerability exists in SmartFTP client version 9.0.2615.0, which can be exploited by attackers to conduct denial of service attacks...

Arbitrary File Deletion Vulnerability in MLECMS Backend

MLECMS is a professional website building system based on PHP+MYSQL as the core development. There is an arbitrary file deletion vulnerability in the MLECMS backend. An attacker can exploit the vulnerability to delete arbitrary files...

Intel Saffron MemoryBase Elevation of Privilege Vulnerability

Intel Saffron MemoryBase is a memory base kit for Saffron from Intel Corporation USA. A security vulnerability exists in Intel Saffron MemoryBase versions prior to 11.4. An attacker could exploit the vulnerability to elevate privileges and access sensitive information...

Google Android System Information Disclosure Vulnerability (CNVD-2018-12649)

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. An information disclosure vulnerability exists in the System component of Google Android. An attacker can exploit this vulnerability to obtain information...

Denial of Service Vulnerability in Extreme Office 2017 Version 1.0.3.3

Extreme Office is an independently controlled office learning software developed by Beijing Haiteng Times Technology Co. Extreme Office 2017 suffers from a denial of service vulnerability when dealing with special doc files, which can be exploited by attackers to cause a denial of service attack...

Google Android Qualcomm component elevation of privilege vulnerability (CNVD-2017-36518)

Android is a free and open source Linux-based operating system led and developed by Google Inc. and the Open Handset Alliance. An elevation of privilege vulnerability exists in the Qualcomm component of the Google Android GUD mobicore driver. An attacker can exploit this vulnerability to achieve...

Huawei UMA Product Cross-Site Scripting Vulnerability

Huawei Unified Maintenance Audit UMA is a unified IT core resource operation and maintenance management and security audit platform designed for carriers, government, finance, electric power and large enterprises. A cross-site scripting vulnerability exists in the Huawei UMA product. Due to...

Flexera Software FlexNet Manager Suite Local Elevation of Privilege Vulnerability

FlexNet Manager Suite is a comprehensive and proven next-generation hardware asset management, software asset management, certificate compliance and software certificate optimization solution from Flexera Software, USA. A local elevation of privilege vulnerability exists in Flexera Software FlexN...

Synchronet BBS Denial of Service Vulnerability

Synchronet BBS is a BBS software system. Synchronet BBS is vulnerable to a denial of service vulnerability. It allows attackers to exploit the vulnerability to launch denial of service attacks...

IVPN Client for Windows Elevation of Privilege Vulnerability

IVPN Client for Windows is a virtual private network service from IVPN that runs on the windows platform and is designed for personal use. An elevation of privilege vulnerability exists in IVPN Client for Windows. An attacker can exploit this vulnerability to gain elevated privileges...

Google Chrome Omnibox Address Forgery Vulnerability (CNVD-2017-02098)

Google Chrome is a popular web browser. An address forgery vulnerability exists in Google Chrome Omnibox, which allows remote attackers to exploit the vulnerability to build malicious WEB pages that can be tricked into parsing and can deceive users...

IBM WebSphere Application Server Denial of Service Vulnerability (CNVD-2017-01036)

IBM WebSphere Application Server WAS is an application server product developed and distributed by IBM in the U.S. It is a platform for Java EE and Web services applications, and is the foundation of the IBM WebSphere software platform. A denial of service vulnerability exists in IBM WebSphere...

ImageMagick Denial of Service Vulnerability (CNVD-2017-00188)

ImageMagick is a free software for creating, editing, and compositing images.The use of most of ImageMagick's features comes from the command line tools. A denial of service vulnerability exists in ImageMagick. An attacker can exploit this vulnerability to cause a denial of service...

Moodle Information Disclosure Vulnerability (CNVD-2016-11544)

Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment, developed by Dr. Martin Dougiamas of Australia. Moodle has an information disclosure vulnerability that can be exploited by attackers ...