CVE-2019-0696

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'...

Information disclosure

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0755, CVE-2019-0767, CVE-2019-0775, CVE-2019-0782...

Description of the security update for the remote code execution vulnerability in Windows Embedded POSReady 2009: April 9, 2019

Description of the security update for the remote code execution vulnerability in Windows Embedded POSReady 2009: April 9, 2019 Summary A remote code execution vulnerability exists in the manner in which the VBScript engine handles objects in memory. To learn more about the vulnerability, go to...

CVE-2019-0685

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka ‘Win32k Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2019-0803, CVE-2019-0859. Recent assessments: Assessed Attacker Value: 0 Assessed...

Remote code execution

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'Windows VBScript Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0665, CVE-2019-0667, CVE-2019-0772...

CVE-2019-0612

A security feature bypass vulnerability exists when Click2Play protection in Microsoft Edge improperly handles flash objects. By itself, this bypass vulnerability does not allow arbitrary code execution, aka 'Microsoft Edge Security Feature Bypass Vulnerability'...

Security feature bypass

A security feature bypass vulnerability exists when Click2Play protection in Microsoft Edge improperly handles flash objects. By itself, this bypass vulnerability does not allow arbitrary code execution, aka 'Microsoft Edge Security Feature Bypass Vulnerability'...

CVE-2019-0612

CVE-2019-0612 is a security feature bypass in Microsoft Edge where Click2Play protection improperly handles Flash objects. The bypass does not by itself enable arbitrary code execution, but can undermine the protection mechanism. Affected product: Microsoft Edge on Windows; vulnerable component: ...

The vulnerability of the PHPMailer library, related to incorrect input data validation, allows attackers to inject objects into the system.

The vulnerability of the PHPMailer library is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to inject objects into the system...

VulnCheck KEV: CVE-2019-0784

A remote code execution vulnerability exists in the way that the ActiveX Data objects ADO handles objects in memory, aka 'Windows ActiveX Remote Code Execution Vulnerability'...

CVE-2017-18365

The Management Console in GitHub Enterprise 2.8.x before 2.8.7 has a deserialization issue that allows unauthenticated remote attackers to execute arbitrary code. This occurs because the enterprise session secret is always the same, and can be found in the product's source code. By sending a...

Deserialization of untrusted data

The Management Console in GitHub Enterprise 2.8.x before 2.8.7 has a deserialization issue that allows unauthenticated remote attackers to execute arbitrary code. This occurs because the enterprise session secret is always the same, and can be found in the product's source code. By sending a...

(0Day) Hewlett Packard Enterprise Intelligent Management Center TopoMsgServlet Java Reflection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

UBUNTU-CVE-2018-16838

A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access...

CVE-2018-16838

A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access...

CVE-2018-16838

A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access...

CVE-2018-16838

CVE-2018-16838 describes a flaw in the sssd Group Policy Objects (GPOs) handling. If the GPOs are not readable because of overly strict server-side permissions, SSSD erroneously allows all authenticated users to log in instead of denying access. The connected documents (e.g., MiracleLinux AXSA ad...

CVE-2018-16838

A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access...

Exploit for Path Traversal in Rubyonrails Rails

Rails-doubletap-exploit RCE on Rails 5.2.2 using a path trave...

The vulnerability of the application programming interface for accessing ActiveX Data Objects (ADO) on Windows operating systems allows a perpetrator to execute arbitrary code.

The vulnerability of the application programming interface for accessing ActiveX Data Objects ADO on Windows operating systems exists due to errors in object handling in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...