13538 matches found
flatCore Unrestricted File Upload (CVE-2020-17452)
An unrestricted file upload vulnerability exists in flatCore. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Laravel Illuminate Remote Code Execution (CVE-2019-9081)
A remote code execution vulnerability exists in Laravel. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Trendmicro Email Encryption Gateway SQL Injection (CVE-2018-6230)
An SQL injection vulnerability exists in trendmicro email encryption gateway 5.5. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
Microsoft VBScript Remote Code Execution (CVE-2020-1214)
A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Cisco UCS Director Directory Traversal (CVE-2020-3251)
A directory traversal vulnerability exists in Cisco UCS Directory. The vulnerability is due to insufficient validation of user input within MyCallable class...
IBM Data Risk Manager Command Injection (CVE-2020-4428)
A command injection execution vulnerability exists in IBM Data Risk Manager. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Win32k Elevation of Privilege (CVE-2020-0957)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Win32k Elevation of Privilege (CVE-2020-0958)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft DirectX Elevation of Privilege (CVE-2020-0690)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Win32k Elevation of Privilege (CVE-2020-0877)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
TightVNC Integer Overflow (CVE-2019-15678)
An integer overflow vulnerability exists in TightVNC vncviewer. This vulnerability is due to improper handling of ServerCutText messages. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows Server Memory Corruption (CVE-2019-0785)
A memory corruption vulnerability exists in Microsoft Windows server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows Jet Database Remote Code Execution (CVE-2019-1249)
A remote code execution vulnerability exists in the Jet Database Engine component of Microsoft Windows. The vulnerability is due to improper handling of objects in memory. A remote attacker could exploit this vulnerability by enticing a target user into opening a crafted file. Successful...
Jenkins Core Directory Traversal (CVE-2019-10352)
A directory traversal vulnerability exists in Jenkins Core. Successful exploitation of this vulnerability could lead to arbitrary file write, and potentially leading to remote code execution...
Jenkins Pipeline Groovy Remote Code Execution (CVE-2019-1003001)
A remote code execution vulnerability exists in Jenkins pipeline groovy. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Graphics Device Interface Information Disclosure (CVE-2019-0614)
An information disclosure vulnerability exists in the Graphics Device Interface GDI component of Microsoft Windows. The vulnerability is due to improper handling of objects in memory. Successful exploitation of this vulnerability would allow remote attackers to gain access to sensitive informatio...
Microsoft Win32k Elevation of Privilege (CVE-2019-1408)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Acrobat and Reader Integer Overflow (APSB19-41: CVE-2019-8101)
An integer overflow vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Palo Alto Networks GlobalProtect SSL VPN Remote Code Execution (CVE-2019-1579)
A Remote Code Execution vulnerability exists in Palo Alto Networks GlobalProtect SSL VPN Gateway. An unauthenticated attacker could exploit the vulnerability by sending a specially crafted request to a vulnerable SSL VPN target. Successful exploitation of this vulnerability would allow remote...
Microsoft Windows Kernel Elevation of Privilege (CVE-2019-1041)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows Elevation of Privilege (CVE-2019-1053)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Internet Explorer Scripting Engine Memory Corruption (CVE-2019-1005)
A memory corruption vulnerability exists in Microsoft Internet Explorer. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows Storage Service Elevation of Privilege (CVE-2019-0931)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Browser Scripting Engine Memory Corruption (CVE-2019-0884)
A memory corruption vulnerability exists in Microsoft Browser. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Acrobat and Reader Use After Free (APSB19-18: CVE-2019-7761)
A use-after-free vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows Kernel Information Disclosure (CVE-2019-0844)
An information disclosure vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...
HPE Moonshot Provisioning Manager Appliance Directory Traversal (CVE-2017-8976)
A directory traversal vulnerability exists in HPE Moonshot Provisioning Manager Appliance. The vulnerability is due to an input validation flaw when processing parameter. Successful exploitation could result in arbitrary code execution...
Microsoft Windows Data Sharing Service Elevation of Privilege (CVE-2019-0573)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Rockwell Automation Allen-Bradley PowerMonitor 1000 Cross-Site Scripting (CVE-2018-19615)
A XSS injection vulnerability exists in Rockwell Automation Allen-Bradley PowerMonitor login page. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary commands on the affected system...
Trend Micro Control Manager GetProductCategory SQL Injection (CVE-2018-3602)
An SQL injection vulnerability exists in the Trend Micro Control Manager. The vulnerability is due to improper validation of user-supplied input HTTP parameter...
NUUO NVRMini2 Remote Code Execution (CVE-2018-1149)
A buffer overflow vulnerability exists in the HTTP interface of NUUO's NVRMini2 Network Video Recording systems. A remote unauthenticated attacker may use this vulnerability to execute arbitrary code on the vulnerable server...
Microsoft Win32k Elevation of Privilege (CVE-2018-8282)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Apache HTTP Server Token Out Of Bounds Read (CVE-2017-5797) - Ver2
A out of bounds read vulnerability exists in Apache HTTP Server. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...
Microsoft Excel Remote Code Execution (CVE-2018-8248)
A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Win32k Elevation of Privilege (CVE-2018-8164)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft DirectX Graphics Kernel Elevation of Privilege (CVE-2018-8165)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows DNSAPI NSEC3 Heap-based Buffer Overflow (CVE-2017-11779) - Ver2
A heap-based buffer overflow vulnerability exists in the DNSAPI component of Microsoft Windows. The vulnerability is due to insufficient validation of certain components of NSEC3 records. A remote attacker could exploit this vulnerability by sending a malicious DNS response directly to the target...
Microsoft Internet Explorer Scripting Engine Memory Corruption (CVE-2018-1001)
A memory corruption vulnerability exists in Microsoft Internet Explorer. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Edge Chakra Scripting Engine Memory Corruption (CVE-2018-0990)
A memory corruption vulnerability exists in Microsoft Edge. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
WordPress Email Subscribers Newsletters Plugin Information Disclosure (CVE-2018-6015)
An Information Disclosure vulnerability exists in WordPress Email Subscribers & Newsletters plugin. Successful exploitation of this vulnerability would allow a remote attacker to the download the entire e-mail subscriber list from affected system...
Adobe Acrobat and Reader Heap Overflow (APSB18-02: CVE-2018-4910)
A buffer overflow vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Microsoft Scripting Engine Memory Corruption (CVE-2018-0858)
A memory corruption vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Edge Scripting Engine Memory Corruption (CVE-2017-0134)
A remote code execution vulnerability exists in Microsoft Edge. The vulnerability is due to the way the scripting engine handles objects in memory. A remote unauthenticated attacker could exploit this vulnerability by enticing the target user to open a specially crafted web page...
Microsoft Edge DoLoopBodyStart Out of Bounds Read (CVE-2017-11811)
An out-of-bounds read vulnerability exists in Microsoft Edge. The vulnerability is due to improper handling of objects in memory...
Microsoft Edge Scripting Engine Memory Corruption (CVE-2017-11800)
A Memory Corruption Vulnerability exists in Microsoft Edge. The vulnerability is due to the way JavaScript engine renders when handling objects in memory. A remote unauthenticated attacker could exploit this vulnerability by enticing the target user to open a specially crafted web page...
Microsoft Windows GDI Information Disclosure (CVE-2017-0190)
An information disclosure vulnerability exists in Microsoft Windows. The vulnerability is due to the way Windows Graphics Device InterfaceGDIhandles objects in memory. A remote attacker can exploit this vulnerability by enticing the target user to open a specially crafted file...
Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11260)
A memory corruption vulnerability exists in Adobe Acrobat And Reader. The vulnerability is due to an error in the image conversion engine when processing Enhanced Metafile Format EMF private data. A remote attacker may exploit this vulnerability by using the out of bounds access for unintended...
HPE Intelligent Management Center dbman FileTrans Arbitrary File Write (CVE-2017-5822)
An arbitrary file write vulnerability has been reported in the dbman component of HPE Intelligent Management Center. The vulnerability is due to lack of authentication on FileTrans commands, used to transfer files to the host running dbman. A remote, unauthenticated attacker can exploit the...
HPE Network Automation PermissionFilter Authentication Bypass (CVE-2017-5812)
An authentication bypass vulnerability has been reported in HPE Network Automation. The vulnerability is due to errors in handling specific strings contained in the request URI. A remote, unauthenticated attacker can exploit this vulnerability by sending a crafted request to the target system...
Microsoft Edge asm.js Type Confusion (CVE-2017-0093)
A type confusion vulnerability has been reported in Microsoft Edge Scripting Engine. The vulnerability is due to improper parsing of eval function arguments when it accesses an asm.js function. A remote attacker could exploit this vulnerability by enticing the target user to open a specially...