790 matches found
Microsoft Windows Device Management Enrollment Service Directory Junction Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...
Information disclosure
An out-of-bounds read information disclosure vulnerability in Trend Micro Apex One on-prem and SaaS, OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 and Services could allow an attacker to disclose sensitive information about a named pipe. Please note: an attacker must first obtain t...
Information disclosure
An out-of-bounds write information disclosure vulnerability in Trend Micro Apex One on-prem and SaaS, OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 and Services could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain...
CVE-2021-25248
An out-of-bounds read information disclosure vulnerability in Trend Micro Apex One on-prem and SaaS, OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 and Services could allow an attacker to disclose sensitive information about a named pipe. Please note: an attacker must first obtain t...
CVE-2021-25227
Trend Micro Antivirus for Mac 2021 Consumer is vulnerable to a memory exhaustion vulnerability that could lead to disabling all the scanning functionality within the application. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to...
Apple iOS FairplayIOKit Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of Apple iOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the FairplayIOK...
Linux Kernel setsockopt System Call Untrusted Pointer Dereference Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of Linux Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling...
CVE-2021-25224
A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-service on the affected product. The specific flaw exists within a manual scan component. An attacker must first obtain the ability to execu...
CVE-2021-25226
A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-service on the affected product. The specific flaw exists within a scan engine component. An attacker must first obtain the ability to execu...
CVE-2021-25225
A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-service on the affected product. The specific flaw exists within a scheduled scan component. An attacker must first obtain the ability to...
CVE-2021-25226
A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-service on the affected product. The specific flaw exists within a scan engine component. An attacker must first obtain the ability to execu...
CVE-2021-25224
A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-service on the affected product. The specific flaw exists within a manual scan component. An attacker must first obtain the ability to execu...
CVE-2021-25225
CVE-2021-25225 affects Trend Micro ServerProtect for Linux 3.0. The vulnerability is in the splx_schedule_scan component and is due to lack of validation of user-supplied data, which can lead to memory exhaustion and denial of service. Exploitation details vary by source: ZDI-21-086 describes rem...
CVE-2021-25225
A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-service on the affected product. The specific flaw exists within a scheduled scan component. An attacker must first obtain the ability to...
Microsoft Windows splwow64 Out-Of-Bounds Read Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the user-mode...
Microsoft Windows InstallService Directory Junction Denial-of-Service Vulnerability
This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within t...
Microsoft Windows AppX Deployment Service Directory Junction Denial-of-Service Vulnerability
This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within t...
Microsoft Windows AppX Deployment Service Directory Junction Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AppX Deploymen...
X.Org Server XkbSetMap Out-Of-Bounds Access Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of XkbSetM...
X.Org Server XkbSelectEvents Integer Underflow Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...