CVE-2019-0784

Technical details for CVE-2019-0784 are not publicly available in the provided documents; no confirmed affected products, versions, or fixes are listed. Monitor for updates from official sources as additional information may be published.

CVE-2019-0784

A remote code execution vulnerability exists in the way that the ActiveX Data objects ADO handles objects in memory, aka 'Windows ActiveX Remote Code Execution Vulnerability'...

VulnCheck KEV: CVE-2019-0784

A remote code execution vulnerability exists in the way that the ActiveX Data objects ADO handles objects in memory, aka 'Windows ActiveX Remote Code Execution Vulnerability'...

Microsoft Patch Tuesday — March 2019: Vulnerability disclosures and Snort coverage

Microsoft released its monthly security update today, disclosing a variety of vulnerabilities in several of its products. The latest Patch Tuesday covers 64 vulnerabilities, 17 of which are rated “critical,” 45 that are considered “important” and one “moderate” and “low” vulnerability each. This...

Windows ActiveX Remote Code Execution Vulnerability

A remote code execution vulnerability exists in the way that the ActiveX Data objects ADO handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the...

CVE-2018-17696

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Foxit Reader and Foxit PhantomPDF for Windows Memory Misreference Vulnerability (CNVD-2018-25202)

Foxit Reader for Windows is a Windows-based PDF document reader from China's Foxit Foxit Software Corporation.Foxit PhantomPDF for Windows is its commercial version. A memory misreference vulnerability exists in the handling of dataObjects in Foxit Reader 9.2.0.9297 and earlier versions and Foxit...

Foxit PDF Reader JavaScript Engine Remote Code Execution Vulnerability (CNVD-2018-20711)

Foxit PDF Reader is China's Foxit Foxit Software Corporation of a PDF document reader. JavaScript engine is one of the JavaScript scripting engine. A remote code execution vulnerability exists in the this.dataObjects object of the JavaScript engine in Foxit PDF Reader. A remote attacker can explo...

Design/Logic Flaw

Pimcore allows XSS via Users, Assets, Data Objects, Video Thumbnails, Image Thumbnails, Field-Collections, Objectbrick, Classification Store, Document Types, Predefined Properties, Predefined Asset Metadata, Quantity Value, and Static Routes functions...

CVE-2018-14059

Pimcore allows XSS via Users, Assets, Data Objects, Video Thumbnails, Image Thumbnails, Field-Collections, Objectbrick, Classification Store, Document Types, Predefined Properties, Predefined Asset Metadata, Quantity Value, and Static Routes functions...

CVE-2018-14059

CVE-2018-14059 corresponds to a Pimcore XSS vulnerability exposed in Pimcore 5.2.3 and earlier and affects multiple entry points: Users, Assets, Data Objects, Video/Image Thumbnails, Field-Collections, Objectbrick, Classification Store, Document Types, Predefined Properties, Predefined Asset Meta...

ILIAS Cross-Site Scripting Vulnerability (CNVD-2018-10349)

ILIAS is a Web-based learning management system developed by the ILIAS team. The system contains modules for course management, file sharing, and live chat. A cross-site scripting vulnerability exists in the error.php page in versions 5.3.x prior to ILIAS 5.3.4 and 5.2.x. A remote attacker can...

MariaDB and Percona XtraDB Cluster Denial of Service Vulnerability

MariaDB is a free and open source database management system developed by Monty Program Ab, Inc. and the MariaDB Foundation, Inc. and a forked version of MySQL using the Maria storage engine.Percona XtraDB Cluster is a package for creating MySQL clusters. A security vulnerability exists in the...

Infogram: Stored Cross-Site scripting in the infographics using Data Objects links

Description Hello. This stored XSScase is different from early reported 280495, but has a very similar root cause and reproduction steps. Upon pasting the link to the Text Object not in the Add Media section, like in previous report, we can intercept the request, and change the link source to the...

Microsoft Windows ADO Array-Type Parameter Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

RHEL 7 : squid (RHSA-2017:0182)

An update for squid is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Microsoft Windows ADO Recordset GetRows Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Microsoft Windows ADO Recordset Update Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

UBUNTU-CVE-2016-7405

The qstr method in the PDO driver in the ADOdb Library for PHP before 5.x before 5.20.7 might allow remote attackers to conduct SQL injection attacks via vectors related to incorrect quoting...

OWASP Mth3l3m3nt Framework - Penetration Testing Aiding Tool And Exploitation Framework

OWASP Mth3l3m3nt Framework is a penetration testing aiding tool and exploitation framework. It fosters a principle of attack the web using the web as well as pentest on the go through its responsive interface. Modules Packed in so far are: Payload Store Shell Generator PHP/ASP/JSP/JSPX/CFM Payloa...