74775 matches found
CVE-2015-1671
The Windows DirectWrite library, as used in Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2; Office 2007 SP3 and 2010 SP2; Live Meeting 2007 Console; Lync 2010; Lync 2010 Attendee; Lync 2013 SP1; Lync Basic 2013 SP1; Silverlight 5 before 5.1.40416.00; and Silverlight 5...
CVE-2015-0355
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service memory corruption via unspecified vectors, a different vulnerability than CVE-2015-0347,...
CVE-2013-6282
The 1 getuser and 2 putuser API functions in the Linux kernel before 3.5.5 on the v6k and v7 ARM platforms do not validate certain addresses, which allows attackers to read or modify the contents of arbitrary kernel memory locations via a crafted application, as exploited in the wild against...
CVE-2013-1308
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka “Internet Explorer Use After Free Vulnerability,” a different vulnerability than CVE-2013-1309 and...
CVE-2009-2936
DISPUTED The Command Line Interface aka Server CLI or administration interface in the master process in the reverse proxy server in Varnish before 2.1.0 does not require authentication for commands received through a TCP port, which allows remote attackers to 1 execute arbitrary code via a...
CVE-2007-5659
Multiple buffer overflows in Adobe Reader and Acrobat 8.1.1 and earlier allow remote attackers to execute arbitrary code via a PDF file with long arguments to unspecified JavaScript methods. NOTE: this issue might be subsumed by CVE-2008-0655. Recent assessments: Assessed Attacker Value: 0 Assess...
CVE-2025-30397
Access of resource using incompatible type ‘type confusion’ in Microsoft Scripting Engine allows an unauthorized attacker to execute code over a network. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2024-20399
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated user in possession of Administrator credentials to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that ar...
CVE-2024-3809
The Porto Theme – Functionality plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.0.9 via the ‘slideshowtype’ post meta. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute...
CVE-2024-29748
there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed...
CVE-2024-26169
Windows Error Reporting Service Elevation of Privilege Vulnerability Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2022–26923 aka Certifried
Active Directory Domain Services Elevation of Privilege Vulnerability. Recent assessments: cdelafuente-r7 at January 10, 2023 3:08pm UTC reported: This vulnerability enables a low-privileged user to escalate privileges in a default Active Directory environment with the Active Directory Certificat...
CVE-2023-33010
A buffer overflow vulnerability in the ID processing function in Zyxel ATP series firmware versions 4.32 through 5.36 Patch 1, USG FLEX series firmware versions 4.50 through 5.36 Patch 1, USG FLEX 50W firmware versions 4.25 through 5.36 Patch 1, USG20W-VPN firmware versions 4.25 through 5.36 Patc...
CVE-2023-21492
Kernel pointers are printed in the log file prior to SMR May-2023 Release 1 allows a privileged local attacker to bypass ASLR. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2021-38649
Open Management Infrastructure Elevation of Privilege Vulnerability Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2021-30983
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 15.2 and iPadOS 15.2. An application may be able to execute arbitrary code with kernel privileges. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2021-30563
Type Confusion in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2021-22652
Access to the Advantech iView versions prior to v5.7.03.6112 configuration are missing authentication, which may allow an unauthorized attacker to change the configuration and obtain code execution. Recent assessments: wvu-r7 at February 11, 2021 11:19pm UTC reported: The patch adds authenticatio...
CVE-2020-16013
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Recent assessments: gwillcox-r7 at November 22, 2020 2:37am UTC reported: Reported as exploited in the wild as part of Google’s 2020...
CVE-2020-16896
An information disclosure vulnerability exists in Remote Desktop Protocol RDP when an attacker connects to the target system using RDP and sends specially crafted requests, aka ‘Windows Remote Desktop Protocol RDP Information Disclosure Vulnerability’. Recent assessments: 0J3lack0 at November 27,...
CVE-2020-3569 - Denial of service vulnerability in Cisco IOS XR
Multiple vulnerabilities in the Distance Vector Multicast Routing Protocol DVMRP feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to either immediately crash the Internet Group Management Protocol IGMP process or make it consume available memory and eventually cras...
CVE-2020-15588
An issue was discovered in the client side of Zoho ManageEngine Desktop Central 10.0.552.W. An attacker-controlled server can trigger an integer overflow in InternetSendRequestEx and InternetSendRequestByBitrate that leads to a heap-based buffer overflow and Remote Code Execution with SYSTEM...
CVE-2020-14942
Tendenci 12.0.10 allows unrestricted deserialization in apps\helpdesk\views\staff.py. Recent assessments: kevthehermit at June 21, 2020 7:03pm UTC reported: Outline Untrusted data from the client side is used to create a python pickled object. This can lead to full RCE and compromise of the host...
CVE-2020-1143: Win32k Use-After-Free
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or...
CVE-2020-4429
IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 contains a default password for an IDRM administrative account. A remote attacker could exploit this vulnerability to login and execute arbitrary code on the system with root privileges. IBM X-Force ID: 180534...
CVE-2020-4428
IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, and 2.0.4 could allow a remote authenticated attacker to execute arbitrary commands on the system. IBM X-Force ID: 180533. Recent assessments: wvu-r7 at May 08, 2020 4:04pm UTC reported: Assessment for the related CVEs here:...
CVE-2020-8597 rhostname buffer overflow in pppd
eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eaprequest and eapresponse functions. Recent assessments: wvu-r7 at March 10, 2020 6:33pm UTC reported: AFAIK, it is common to enable full mitigations on the binary, with ASLR enabled on the system. While this doesn’...
CVE-2019-1405
An elevation of privilege vulnerability exists when the Windows Universal Plug and Play UPnP service improperly allows COM object creation, aka ‘Windows UPnP Service Elevation of Privilege Vulnerability’. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker...
CVE-2019-1385
An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files.To exploit this vulnerability, an authenticated attacker would need to run a specially crafted application to elevate...
VLC zlib_decompress_extra Double Free Vulnerability
VLC media player is a free and open-source portable cross-platform media player software developed by the VideoLAN project. VLC is available for desktop operating systems and mobile platforms, such as Android, iOS, iPadOS, Wizen, Windows 10 Mobile, and Windows Phone. It is also available on digit...
CVE-2019-1064
An elevation of privilege vulnerability exists when Windows AppX Deployment Service AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data. To...
CVE-2019-0903
A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface GDI handles objects in the memory, aka ‘GDI+ Remote Code Execution Vulnerability’. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2018-8298
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka “Scripting Engine Memory Corruption Vulnerability.” This affects ChakraCore. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8287, CVE-2018-8288,...
CVE-2018-0158
A vulnerability in the Internet Key Exchange Version 2 IKEv2 module of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service DoS condition. The vulnerability is due to...
CVE-2018-2392
Under certain conditions SAP Internet Graphics Server IGS 7.20, 7.20EXT, 7.45, 7.49, 7.53, fails to validate XML External Entity appropriately causing the SAP Internet Graphics Server IGS to become unavailable. Recent assessments: gwillcox-r7 at October 06, 2020 4:04pm UTC reported: This...
CVE-2017-11292
Adobe Flash Player version 27.0.0.159 and earlier has a flawed bytecode verification procedure, which allows for an untrusted value to be used in the calculation of an array index. This can lead to type confusion, and successful exploitation could lead to arbitrary code execution. Recent...
CVE-2015-2291
1 IQVW32.sys before 1.3.1.0 and 2 IQVW64.sys before 1.3.1.0 in the Intel Ethernet diagnostics driver for Windows allows local users to cause a denial of service or possibly execute arbitrary code with kernel privileges via a crafted a 0x80862013, b 0x8086200B, © 0x8086200F, or d 0x80862007 IOCTL...
CVE-2017-9554
An information exposure vulnerability in forgetpasswd.cgi in Synology DiskStation Manager DSM before 6.1.3-15152 allows remote attackers to enumerate valid usernames via unspecified vectors. Recent assessments: h00die at May 21, 2020 2:01pm UTC reported: Vulnerability is trivial to exploit. Send ...
CVE-2017-0226
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka “Internet Explorer Memory Corruption Vulnerability.” This CVE ID is unique from CVE-2017-0222. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker...
CVE-2015-7755
Juniper ScreenOS 6.2.0r15 through 6.2.0r18, 6.3.0r12 before 6.3.0r12b, 6.3.0r13 before 6.3.0r13b, 6.3.0r14 before 6.3.0r14b, 6.3.0r15 before 6.3.0r15b, 6.3.0r16 before 6.3.0r16b, 6.3.0r17 before 6.3.0r17b, 6.3.0r18 before 6.3.0r18b, 6.3.0r19 before 6.3.0r19b, and 6.3.0r20 before 6.3.0r21 allows...
Adobe Flash ID3 Decode Integer Overflow
Heap-based buffer overflow in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute...
CVE-2015-4902
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60 allows remote attackers to affect integrity via unknown vectors related to Deployment. Recent assessments: gwillcox-r7 at November 23, 2020 6:18pm UTC reported: Reported as exploited in the wild as part of Google’s 2020 0day...
CVE-2015-5123
Use-after-free vulnerability in the BitmapData class in the ActionScript 3 AS3 implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installatio...
CVE-2014-6332
OleAut32.dll in OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted web site, as...
Microsoft Internet Explorer Use-After-Free Vulnerability
Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via vectors involving crafted JavaScript code, CMarkup, and the onpropertychange attribute of a script element, as exploited in the wild in January and February 2014. Recent...
CVE-2013-4011
Multiple unspecified vulnerabilities in the InfiniBand subsystem in IBM AIX 6.1 and 7.1, and VIOS 2.2.2.2-FP-26 SP-02, allow local users to gain privileges via vectors involving 1 arp.ib or 2 ibstat. Recent assessments: timb-machine at March 05, 2021 12:44am UTC reported: Assessed Attacker Value:...
CVE-2009-1123
The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 does not properly validate changes to unspecified kernel objects, which allows local users to gain privileges via a crafted application, aka “Windows Kernel Desktop...
CVE-2008-3431
The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METHODNEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to gain privileges by opening the \.\VBoxDrv device and...
CVE-2025-31161
CrushFTP 10 before 10.8.4 and 11 before 11.3.1 allows authentication bypass and takeover of the crushadmin account unless a DMZ proxy instance is used, as exploited in the wild in March and April 2025, aka “Unauthenticated HTTPS port access.” A race condition exists in the AWS4-HMAC compatible wi...
CVE-2025-0108
An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to bypass the authentication otherwise required by the PAN-OS management web interface and invoke certain PHP scripts. While invoking these PH...