Information disclosure

An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft browsers, aka "Scripting Engine Information Disclosure Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge...

CVE-2018-8410

An elevation of privilege vulnerability exists when the Windows Kernel API improperly handles registry objects in memory, aka "Windows Registry Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows 8.1, Windows Server...

CVE-2018-8331

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Office...

Microsoft Windows DirectX Graphics Kernel Local Elevation of Privilege Vulnerability (CNVD-2018-21208)

Microsoft Windows is a series of operating systems released by Microsoft Corporation in the U.S. DirectX Graphics Kernel is one of the graphics kernel drivers. A security vulnerability in the Microsoft Windows DirectX Graphics DXGKRNL driver's handling of memory objects allows remote attackers to...

Microsoft Windows Kernel Local Information Disclosure Vulnerability (CNVD-2019-00348)

Microsoft Windows 10 and others are a series of operating systems released by Microsoft Corporation in the U.S. Windows kernel is one of the Windows system kernels. An information disclosure vulnerability exists in Microsoft Windows kernel, which arises from a program's failure to properly handle...

Windows Kernel Information Disclosure Vulnerability

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. An authenticated attacker could exploit this vulnerability by...

Windows Kernel Information Disclosure Vulnerability

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. An authenticated attacker could exploit this vulnerability by...

Foreman < 1.14.0 Information Disclosure Vulnerability

Foreman is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:theforeman:foreman";...

CVE-2016-7077

foreman before 1.14.0 is vulnerable to an information leak. It was found that Foreman form helper does not authorize options for associated objects. Unauthorized user can see names of such objects if their count is less than 6...

PT-2023-10677 · Samba +3 · Samba +3

Name of the Vulnerable Software and Affected Versions: Samba affected versions not specified Description: An information leak issue was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved...

UBUNTU-CVE-2018-8005

When there are multiple ranges in a range request, Apache Traffic Server ATS will read the entire object from cache. This can cause performance problems with large objects in cache. This affects versions 6.0.0 to 6.2.2 and 7.0.0 to 7.1.3. To resolve this issue users running 6.x users should upgra...

CVE-2018-8005

When there are multiple ranges in a range request, Apache Traffic Server ATS will read the entire object from cache. This can cause performance problems with large objects in cache. This affects versions 6.0.0 to 6.2.2 and 7.0.0 to 7.1.3. To resolve this issue users running 6.x users should upgra...

SAP Business Objects Financial Consolidation Cross-Site Scripting Vulnerability (CNVD-2018-17911)

SAP Business Objects is a suite of business intelligence software and enterprise performance solutions from SAP, Germany. The program provides reporting, performance management, and data base functions. financial Consolidation is one of the tools used to connect financial systems. A cross-site...

SAP BusinessObjects Business Intelligence Cross-Site Request Forgery Vulnerability

SAP BusinessObjects Business Intelligence is a suite of business intelligence software and enterprise performance solutions from SAP. The product has report generation, analysis, data visualization and other functions. A cross-site request forgery vulnerability exists in SAP BusinessObjects...

Design/Logic Flaw

Pimcore allows XSS via Users, Assets, Data Objects, Video Thumbnails, Image Thumbnails, Field-Collections, Objectbrick, Classification Store, Document Types, Predefined Properties, Predefined Asset Metadata, Quantity Value, and Static Routes functions...

CVE-2018-14059

Pimcore allows XSS via Users, Assets, Data Objects, Video Thumbnails, Image Thumbnails, Field-Collections, Objectbrick, Classification Store, Document Types, Predefined Properties, Predefined Asset Metadata, Quantity Value, and Static Routes functions...

CVE-2018-14059

Pimcore allows XSS via Users, Assets, Data Objects, Video Thumbnails, Image Thumbnails, Field-Collections, Objectbrick, Classification Store, Document Types, Predefined Properties, Predefined Asset Metadata, Quantity Value, and Static Routes functions...

CVE-2018-14059

CVE-2018-14059 corresponds to a Pimcore XSS vulnerability exposed in Pimcore 5.2.3 and earlier and affects multiple entry points: Users, Assets, Data Objects, Video/Image Thumbnails, Field-Collections, Objectbrick, Classification Store, Document Types, Predefined Properties, Predefined Asset Meta...

Google Chrome < 61.0.3163.79 Multiple Vulnerabilities

Binary data 700345.pasl...

Progress Telerik JustAssembly and JustDecompile Code Execution Vulnerabilities

Progress Telerik JustAssembly and JustDecompile are both products of Progress Software, Inc. Progress Telerik JustAssembly is a code diff checking and decompilation tool.JustDecompile is an open source Decompile is an open source decompilation engine. A security vulnerability exists in Progress...