20 matches found
Transform Your Data Security Posture – Learn from SoFi's DSPM Success
As cloud technology evolves, so does the challenge of securing sensitive data. In a world where data duplication and sprawl are common, organizations face increased risks of non-compliance and unauthorized data breaches. Sentra's DSPM Data Security Posture Management emerges as a comprehensive...
Access Control Unauthorized access to restricted functions setWithdrawalDelayBlocks
Lines of code Vulnerability details Impact By exploiting the owner's role through social engineering, an attacker could theoretically gain indirect control over any functions that require owner authorization. Specifically, the ability to manipulate withdrawal delays and other critical security...
Cross-site Scripting (XSS) - Stored
Description The stored XSS vulnerability found in the caliber-web application is a security flaw that allows an attacker to execute malicious code in a user's browser. The vulnerability affects the "/ajax/pathchooser/" endpoint and is present in the "path" parameter, which is sent via the GET...
Microsoft Edge Chakra Scripting Engine CVE-2019-0567 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft Internet Explorer Scripting Engine CVE-2018-8296 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Internet...
Indication of Compromise: Another Key Practice for GDPR Compliance
In this ongoing blog series on preparing for complying with the EU’s General Data Protection Regulation GDPR, we’ve explained the importance of having solid, foundational security practices like asset management and threat prioritization. Today, we’ll discuss how another such practice can help...
Microsoft ChakraCore Scripting Engine CVE-2018-0873 Remote Memory Corruption Vulnerability
Description Microsoft ChakraCore is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore...
Microsoft Internet Explorer and Edge CVE-2017-11894 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer and Edge are prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currentl...
Microsoft Edge and Microsoft Internet Explorer CVE-2017-8524 Remote Memory Corruption Vulnerability
Description Microsoft Edge and Microsoft Internet Explorer are prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affecte...
Microsoft Internet Explorer and Edge CVE-2016-0110 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer and Edge are prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currentl...
Microsoft Internet Explorer CVE-2015-1742 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Internet Explorer CVE-2014-4134 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Internet Explorer CVE-2014-2802 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successfully exploiting this issue may allow attackers to execute arbitrary code in the context of the application. Failed exploit attempts will result in denial-of-service conditions. Internet explorer ...
Microsoft Internet Explorer CVE-2014-1773 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successfully exploiting this issue may allow attackers to execute arbitrary code in the context of the application. Failed exploit attempts will result in denial-of-service conditions. Internet Explorer ...
Microsoft Internet Explorer CVE-2014-2764 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successfully exploiting this issue may allow attackers to execute arbitrary code in the context of the application. Failed exploit attempts will result in denial-of-service conditions. Internet explorer ...
Microsoft Internet Explorer CVE-2013-3206 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability due to a use-after-free error. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Microsoft Interne...
Microsoft Word CVE-2013-3850 Remote Memory Corruption Vulnerability
Description Microsoft Word is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...
Adobe Acrobat and Reader CVE-2013-0604 Remote Heap Based Buffer Overflow Vulnerability
Description Adobe Acrobat and Reader are prone to a remote heap-based buffer-overflow vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. Note...
Microsoft Excel Array Out Of Bounds Access CVE-2011-1274 Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability due to a boundary condition error. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the...
Microsoft Publisher (CVE-2010-3954) Memory Corruption Remote Code Execution Vulnerability
Description Microsoft Publisher is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user into opening a specially crafted Publisher file. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of t...