CVE-2024-26169

Windows Error Reporting Service Elevation of Privilege Vulnerability Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

CVE-2024-23296

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 17.4 and iPadOS 17.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited. Recen...

CVE-2024-27199

In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible Rapid7 Analysis Overview CVE-2024-27199 is an authentication bypass vulnerability in the web component of TeamCity that arises from a path traversal issue CWE-22 and has a CVSS base score ...

CVE-2023-7024

Heap buffer overflow in WebRTC in Google Chrome prior to 120.0.6099.129 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

CVE-2023-41993

The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7. Recent assessments: Assessed...

CVE-2023-35311

Microsoft Outlook Security Feature Bypass Vulnerability Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

CVE-2022-3038

Use after free in Network Service in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

CVE-2022-22071

Possible use after free when process shell memory is freed using IOCTL munmap call and process initialization is in progress in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music Recent...

CVE-2022-24664

PHP Everywhere = 2.0.3 included functionality that allowed execution of PHP Code Snippets via WordPress metaboxes, which could be used by any user able to edit posts. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

CVE-2020-16896

An information disclosure vulnerability exists in Remote Desktop Protocol RDP when an attacker connects to the target system using RDP and sends specially crafted requests, aka ‘Windows Remote Desktop Protocol RDP Information Disclosure Vulnerability’. Recent assessments: 0J3lack0 at November 27,...

CVE-2020-14942

Tendenci 12.0.10 allows unrestricted deserialization in apps\helpdesk\views\staff.py. Recent assessments: kevthehermit at June 21, 2020 7:03pm UTC reported: Outline Untrusted data from the client side is used to create a python pickled object. This can lead to full RCE and compromise of the host...

CVE-2020-1143: Win32k Use-After-Free

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or...

CVE-2020-6819

Under certain conditions, when running the nsDocShell destructor, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thunderbird 68.7.0, Firefox 74.0.1, and Firefox ESR 68.6.1. Recent assessments: gwillcox-r7 at...

CVE-2020-8467

Remote code execution vulnerability against Trend Micro Apex One 2019 and OfficeScan XG Recent assessments: bwatters-r7 at April 14, 2020 1:56pm UTC reported: Security products are notorious targets for attack because for them to perform their function, they must be elevated, so gaining execution...

CVE-2020-0041

In bindertransaction of binder.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

Internet Explorer RCE through scripting engine memory corruption (IE 9, 10, 11)

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka ‘Scripting Engine Memory Corruption Vulnerability’. This CVE ID is unique from CVE-2019-1426, CVE-2019-1427, CVE-2019-1428. Recent assessments: busterb at November...

CVE-2019-1385

An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files.To exploit this vulnerability, an authenticated attacker would need to run a specially crafted application to elevate...

CVE-2019-1405

An elevation of privilege vulnerability exists when the Windows Universal Plug and Play UPnP service improperly allows COM object creation, aka ‘Windows UPnP Service Elevation of Privilege Vulnerability’. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker...

CVE-2019-15043

In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use. This makes it possible to run a denial of service attack against the server running Grafana. Recent assessments: h0ffayyy at September 26, 2020 6:21pm UTC reported: The Dashboard Snapshot API allows an...

CVE-2019-1579

Remote Code Execution in PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11-h1 and earlier, and PAN-OS 8.1.2 and earlier with GlobalProtect Portal or GlobalProtect Gateway Interface enabled may allow an unauthenticated remote attacker to execute arbitrary code. Recent assessments: busterb at July 24, 2019...

VLC zlib_decompress_extra Double Free Vulnerability

VLC media player is a free and open-source portable cross-platform media player software developed by the VideoLAN project. VLC is available for desktop operating systems and mobile platforms, such as Android, iOS, iPadOS, Wizen, Windows 10 Mobile, and Windows Phone. It is also available on digit...

CVE-2019-1064

An elevation of privilege vulnerability exists when Windows AppX Deployment Service AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. To...

CVE-2019-0863

An elevation of privilege vulnerability exists in the way Windows Error Reporting WER handles files, aka ‘Windows Error Reporting Elevation of Privilege Vulnerability’. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

CVE-2019-0753

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka ‘Scripting Engine Memory Corruption Vulnerability’. This CVE ID is unique from CVE-2019-0739, CVE-2019-0752, CVE-2019-0862. Recent assessments: Assessed Attacker...

LibreOffice Macro Code Execution

It was found that libreoffice before versions 6.0.7 and 6.1.3 was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document, which when opened by LibreOffice, would execute a Python method from a script i...

CVE-2018-8611

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka “Windows Kernel Elevation of Privilege Vulnerability.” This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server...

CVE-2018-15133

In Laravel Framework through 5.5.40 and 5.6.x through 5.6.29, remote code execution might occur as a result of an unserialize call on a potentially untrusted X-XSRF-TOKEN value. This involves the decrypt method in Illuminate/Encryption/Encrypter.php and PendingBroadcast in...

CVE-2018-4990

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Double Free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. Recent assessments: gwillcox-r7 at November...

CVE-2018-0172

A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerability exists because the affected...

CVE-2018-0158

A vulnerability in the Internet Key Exchange Version 2 IKEv2 module of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service DoS condition. The vulnerability is due to...

CVE-2017-11292

Adobe Flash Player version 27.0.0.159 and earlier has a flawed bytecode verification procedure, which allows for an untrusted value to be used in the calculation of an array index. This can lead to type confusion, and successful exploitation could lead to arbitrary code execution. Recent...

CVE-2015-2291

1 IQVW32.sys before 1.3.1.0 and 2 IQVW64.sys before 1.3.1.0 in the Intel Ethernet diagnostics driver for Windows allows local users to cause a denial of service or possibly execute arbitrary code with kernel privileges via a crafted a 0x80862013, b 0x8086200B, © 0x8086200F, or d 0x80862007 IOCTL...

CVE-2017-9554

An information exposure vulnerability in forgetpasswd.cgi in Synology DiskStation Manager DSM before 6.1.3-15152 allows remote attackers to enumerate valid usernames via unspecified vectors. Recent assessments: h00die at May 21, 2020 2:01pm UTC reported: Vulnerability is trivial to exploit. Send ...

CVE-2017-6738

The Simple Network Management Protocol SNMP subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these...

CVE-2017-6740

The Simple Network Management Protocol SNMP subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these...

CVE-2017-0243

Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka “Microsoft Office Remote Code Execution Vulnerability”. This CVE ID is unique from CVE-2017-8570. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed...

CVE-2017-0226

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka “Internet Explorer Memory Corruption Vulnerability.” This CVE ID is unique from CVE-2017-0222. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker...

CVE-2016-3235

Microsoft Visio 2007 SP3, Visio 2010 SP2, Visio 2013 SP1, Visio 2016, Visio Viewer 2007 SP3, and Visio Viewer 2010 mishandle library loading, which allows local users to gain privileges via a crafted application, aka “Microsoft Office OLE DLL Side Loading Vulnerability.” Recent assessments:...

CVE-2015-7755

Juniper ScreenOS 6.2.0r15 through 6.2.0r18, 6.3.0r12 before 6.3.0r12b, 6.3.0r13 before 6.3.0r13b, 6.3.0r14 before 6.3.0r14b, 6.3.0r15 before 6.3.0r15b, 6.3.0r16 before 6.3.0r16b, 6.3.0r17 before 6.3.0r17b, 6.3.0r18 before 6.3.0r18b, 6.3.0r19 before 6.3.0r19b, and 6.3.0r20 before 6.3.0r21 allows...

CVE-2015-5123

Use-after-free vulnerability in the BitmapData class in the ActionScript 3 AS3 implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installatio...

CVE-2015-1671

The Windows DirectWrite library, as used in Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2; Office 2007 SP3 and 2010 SP2; Live Meeting 2007 Console; Lync 2010; Lync 2010 Attendee; Lync 2013 SP1; Lync Basic 2013 SP1; Silverlight 5 before 5.1.40416.00; and Silverlight 5...

Microsoft Internet Explorer Use-After-Free Vulnerability

Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via vectors involving crafted JavaScript code, CMarkup, and the onpropertychange attribute of a script element, as exploited in the wild in January and February 2014. Recent...

CVE-2014-0496

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.9 and 11.x before 11.0.06 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors...

CVE-2013-6282

The 1 getuser and 2 putuser API functions in the Linux kernel before 3.5.5 on the v6k and v7 ARM platforms do not validate certain addresses, which allows attackers to read or modify the contents of arbitrary kernel memory locations via a crafted application, as exploited in the wild against...

CVE-2013-2094

The perfsweventinit function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perfeventopen system call. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacke...

CVE-2009-1123

The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 does not properly validate changes to unspecified kernel objects, which allows local users to gain privileges via a crafted application, aka “Windows Kernel Desktop...

CVE-2008-3431

The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METHODNEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to gain privileges by opening the \.\VBoxDrv device and...

CVE-2025-0108

An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to bypass the authentication otherwise required by the PAN-OS management web interface and invoke certain PHP scripts. While invoking these PH...

CVE-2024-8190

An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before allows a remote authenticated attacker to obtain remote code execution. The attacker must have admin level privileges to exploit this vulnerability. Recent assessments: Assessed Attacker...

CVE-2023-45249

Remote command execution due to use of default passwords. The following products are affected: Acronis Cyber Infrastructure ACI before build 5.0.1-61, Acronis Cyber Infrastructure ACI before build 5.1.1-71, Acronis Cyber Infrastructure ACI before build 5.2.1-69, Acronis Cyber Infrastructure ACI...