13538 matches found
Microsoft Windows Server Memory Corruption (CVE-2019-0785)
A memory corruption vulnerability exists in Microsoft Windows server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Jenkins Core Directory Traversal (CVE-2019-10352)
A directory traversal vulnerability exists in Jenkins Core. Successful exploitation of this vulnerability could lead to arbitrary file write, and potentially leading to remote code execution...
Microsoft Windows Jet Database Remote Code Execution (CVE-2019-1249)
A remote code execution vulnerability exists in the Jet Database Engine component of Microsoft Windows. The vulnerability is due to improper handling of objects in memory. A remote attacker could exploit this vulnerability by enticing a target user into opening a crafted file. Successful...
Jenkins Pipeline Groovy Remote Code Execution (CVE-2019-1003001)
A remote code execution vulnerability exists in Jenkins pipeline groovy. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Graphics Device Interface Information Disclosure (CVE-2019-0614)
An information disclosure vulnerability exists in the Graphics Device Interface GDI component of Microsoft Windows. The vulnerability is due to improper handling of objects in memory. Successful exploitation of this vulnerability would allow remote attackers to gain access to sensitive informatio...
Microsoft Win32k Elevation of Privilege (CVE-2019-1408)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Flexense DiskBoss Enterprise Buffer Overflow (CVE-2018-5262)
A stack buffer overflow vulnerability exists in the web server of DiskBoss Enterprise. The vulnerability is due to the way DiskBoss Enterprise handles bounds checking. A remote, authenticated attack can lead to a stack buffer overflow...
Cisco Elastic Services Controller REST API Authentication Bypass (CVE-2019-1867)
An authentication bypass vulnerability exists in the REST API of Cisco Elastic Services Controller. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code with administrative privileges on the target machine...
Adobe Acrobat and Reader Integer Overflow (APSB19-41: CVE-2019-8101)
An integer overflow vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Palo Alto Networks GlobalProtect SSL VPN Remote Code Execution (CVE-2019-1579)
A Remote Code Execution vulnerability exists in Palo Alto Networks GlobalProtect SSL VPN Gateway. An unauthenticated attacker could exploit the vulnerability by sending a specially crafted request to a vulnerable SSL VPN target. Successful exploitation of this vulnerability would allow remote...
Microsoft Windows Elevation of Privilege (CVE-2019-1053)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows Kernel Elevation of Privilege (CVE-2019-1041)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Internet Explorer Scripting Engine Memory Corruption (CVE-2019-1005)
A memory corruption vulnerability exists in Microsoft Internet Explorer. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows Storage Service Elevation of Privilege (CVE-2019-0931)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Browser Scripting Engine Memory Corruption (CVE-2019-0884)
A memory corruption vulnerability exists in Microsoft Browser. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Acrobat and Reader Use After Free (APSB19-18: CVE-2019-7761)
A use-after-free vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows Kernel Information Disclosure (CVE-2019-0844)
An information disclosure vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...
HPE Moonshot Provisioning Manager Appliance Directory Traversal (CVE-2017-8976)
A directory traversal vulnerability exists in HPE Moonshot Provisioning Manager Appliance. The vulnerability is due to an input validation flaw when processing parameter. Successful exploitation could result in arbitrary code execution...
Microsoft Windows Data Sharing Service Elevation of Privilege (CVE-2019-0573)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Rockwell Automation Allen-Bradley PowerMonitor 1000 Cross-Site Scripting (CVE-2018-19615)
A XSS injection vulnerability exists in Rockwell Automation Allen-Bradley PowerMonitor login page. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary commands on the affected system...
Trend Micro Control Manager GetProductCategory SQL Injection (CVE-2018-3602)
An SQL injection vulnerability exists in the Trend Micro Control Manager. The vulnerability is due to improper validation of user-supplied input HTTP parameter...
NUUO NVRMini2 Remote Code Execution (CVE-2018-1149)
A buffer overflow vulnerability exists in the HTTP interface of NUUO's NVRMini2 Network Video Recording systems. A remote unauthenticated attacker may use this vulnerability to execute arbitrary code on the vulnerable server...
Microsoft Win32k Elevation of Privilege (CVE-2018-8282)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Apache HTTP Server Token Out Of Bounds Read (CVE-2017-5797) - Ver2
A out of bounds read vulnerability exists in Apache HTTP Server. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...
Microsoft Excel Remote Code Execution (CVE-2018-8248)
A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Win32k Elevation of Privilege (CVE-2018-8164)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft DirectX Graphics Kernel Elevation of Privilege (CVE-2018-8165)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows DNSAPI NSEC3 Heap-based Buffer Overflow (CVE-2017-11779) - Ver2
A heap-based buffer overflow vulnerability exists in the DNSAPI component of Microsoft Windows. The vulnerability is due to insufficient validation of certain components of NSEC3 records. A remote attacker could exploit this vulnerability by sending a malicious DNS response directly to the target...
Microsoft Internet Explorer Scripting Engine Memory Corruption (CVE-2018-1001)
A memory corruption vulnerability exists in Microsoft Internet Explorer. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Edge Chakra Scripting Engine Memory Corruption (CVE-2018-0990)
A memory corruption vulnerability exists in Microsoft Edge. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
WordPress Email Subscribers Newsletters Plugin Information Disclosure (CVE-2018-6015)
An Information Disclosure vulnerability exists in WordPress Email Subscribers & Newsletters plugin. Successful exploitation of this vulnerability would allow a remote attacker to the download the entire e-mail subscriber list from affected system...
Microsoft Windows Remote Code Execution (CVE-2018-0842)
A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Acrobat and Reader Heap Overflow (APSB18-02: CVE-2018-4910)
A buffer overflow vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Microsoft Scripting Engine Memory Corruption (CVE-2018-0858)
A memory corruption vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Edge Scripting Engine Memory Corruption (CVE-2017-0134)
A remote code execution vulnerability exists in Microsoft Edge. The vulnerability is due to the way the scripting engine handles objects in memory. A remote unauthenticated attacker could exploit this vulnerability by enticing the target user to open a specially crafted web page...
Microsoft Edge DoLoopBodyStart Out of Bounds Read (CVE-2017-11811)
An out-of-bounds read vulnerability exists in Microsoft Edge. The vulnerability is due to improper handling of objects in memory...
Microsoft Edge Scripting Engine Memory Corruption (CVE-2017-11800)
A Memory Corruption Vulnerability exists in Microsoft Edge. The vulnerability is due to the way JavaScript engine renders when handling objects in memory. A remote unauthenticated attacker could exploit this vulnerability by enticing the target user to open a specially crafted web page...
Microsoft Windows GDI Information Disclosure (CVE-2017-0190)
An information disclosure vulnerability exists in Microsoft Windows. The vulnerability is due to the way Windows Graphics Device InterfaceGDIhandles objects in memory. A remote attacker can exploit this vulnerability by enticing the target user to open a specially crafted file...
Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11260)
A memory corruption vulnerability exists in Adobe Acrobat And Reader. The vulnerability is due to an error in the image conversion engine when processing Enhanced Metafile Format EMF private data. A remote attacker may exploit this vulnerability by using the out of bounds access for unintended...
HPE Intelligent Management Center dbman FileTrans Arbitrary File Write (CVE-2017-5822)
An arbitrary file write vulnerability has been reported in the dbman component of HPE Intelligent Management Center. The vulnerability is due to lack of authentication on FileTrans commands, used to transfer files to the host running dbman. A remote, unauthenticated attacker can exploit the...
HPE Network Automation PermissionFilter Authentication Bypass (CVE-2017-5812)
An authentication bypass vulnerability has been reported in HPE Network Automation. The vulnerability is due to errors in handling specific strings contained in the request URI. A remote, unauthenticated attacker can exploit this vulnerability by sending a crafted request to the target system...
Microsoft Edge asm.js Type Confusion (CVE-2017-0093)
A type confusion vulnerability has been reported in Microsoft Edge Scripting Engine. The vulnerability is due to improper parsing of eval function arguments when it accesses an asm.js function. A remote attacker could exploit this vulnerability by enticing the target user to open a specially...
Microsoft Windows Uniscribe Remote Code Execution (MS17-011: CVE-2017-0088)
A remote code execution vulnerability exists in Microsoft Windows. The vulnerability is due to the way Windows Uniscribe handles objects in the memory. A remote attacker can exploit this vulnerability by enticing the target user to open a specially crafted file...
Microsoft Office Information Disclosure (MS17-014: CVE-2017-0105)
An information disclosure vulnerability exists in Microsoft Office. The vulnerability is due to an error in the way Microsoft Office improperly discloses the contents of its memory. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file...
Microsoft Office Memory Corruption (MS16-133: CVE-2016-7213)
A use-after-free vulnerability exists in Microsoft Office. This vulnerability could be triggered by a corrupted Excel file. Successful exploitation of this issue could grant an attacker remote code execution...
Microsoft Office Memory Corruption (MS16-133: CVE-2016-7232)
A remote code execution vulnerability exists in Microsoft Office. The vulnerability is due to an error in the way Microsoft Office handles objects in memory while parsing specially crafted files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file...
Microsoft Edge Scripting Engine Memory Corruption (MS16-129: CVE-2016-7203)
A memory corruption vulnerability exists in Microsoft Edge. The vulnerability is due to the way JavaScript engine renders when handling objects in memory. A remote unauthenticated attacker could exploit this vulnerability by enticing the target user to open a specially crafted web page...
Microsoft Windows Graphics Component Remote Code Execution (MS16-120; CVE-2016-3393)
A remote code execution vulnerability has been reported in Microsoft Windows Graphics Component. The vulnerability is due to the improper handling of objects in the memory.A remote attackers could exploit this vulnerability by enticing users to view a specially crafted web page, or a document fil...
Microsoft Edge Memory Corruption (MS2016-08: CVE-2016-3294)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to a type confusion when handling certain objects in JavaScript. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page that could...
Microsoft Windows Elevation of Privilege (MS16-111: CVE-2016-3306)
An elevation of privilege vulnerability exists in Microsoft Windows Server. The vulnerability is caused when Microsoft Windows fails to handle executable programs being ran by two users. A remote attacker can exploit this issue by enticing a victim to run a specially crafted file...