13538 matches found
Microsoft Browser Scripting Engine Memory Corruption (CVE-2019-0911)
A memory corruption vulnerability exists in Microsoft Browser. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Acrobat and Reader Out-of-Bounds Read (APSB19-17: CVE-2019-7115)
An out of bounds read vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...
Microsoft Windows VBScript Engine Remote Code Execution (CVE-2019-0862)
A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Internet Explorer Scripting Engine Memory Corruption (CVE-2019-0680)
A memory corruption vulnerability exists in Microsoft Internet Explorer. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows Kernel Information Disclosure (CVE-2019-0755)
An information disclosure vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...
Microsoft Edge Scripting Engine Memory Corruption (CVE-2019-0770)
A memory corruption vulnerability exists in Microsoft Edge. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Apache Solr XML External Entity Expansion Information Disclosure (CVE-2018-8010)
An XML external entity expansion vulnerability exists in Apache Solr. The vulnerability is due to improper handling of XML external entities. Successful exploitation results in the disclosure of file or directory contents for any file or directory readable by the Apache Solr service...
Microsoft Windows OLE Obfuscated Automation Array Remote Code Execution (CVE-2014-6332)
A new obfuscation technique of remote code execution vulnerability has been reported in Microsoft Windows Object Linking and Embedding OLE. The vulnerability is due to an improper access to memory objects by Internet Explorer. A remote attacker can exploit this issue by enticing target users to...
Microsoft Windows Kernel Information Disclosure (CVE-2019-0621)
An information disclosure vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...
Microsoft Edge Memory Corruption (CVE-2019-0650)
A memory corruption vulnerability exists in Microsoft Edge. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Rockwell Automation Allen Bradley Micrologix 1400 Series Access Control Information Disclosure (CVE-2017-14462)
An Information Disclosure vulnerability exists in Rockwell Automation Allen Bradley Micrologix 1400 Series. A remote, unauthenticated attacker can exploit the vulnerability by sending crafted packets to the target system causing access control and information disclosure...
CMS Made Simple remote password reset (CVE-2018-10081)
A remote password reset vulnerability exists in CMS Made Simple. The vulnerability is due to improper validation of password reset requests...
Belkin Wemo Insight Smart Plug Buffer Overflow (CVE-2018-6692)
A buffer overflow vulnerability exists in Belkin Wemo Insight Smart Plug. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Microsoft Edge Chakra Scripting Engine Memory Corruption (CVE-2018-8367)
A memory corruption vulnerability exists in Microsoft Edge. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Apache Struts Remote Code Execution (CVE-2018-11776)
A remote code execution vulnerability exists in Apache Struts. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Edge Information Disclosure (CVE-2018-8297)
An information disclosure vulnerability exists in Microsoft Edge. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...
Adobe Flash Player Type Confusion (APSB18-24: CVE-2018-5007)
A type confusion vulnerability exists in Adobe Flash Player. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Edge Memory Corruption (CVE-2018-8110)
A memory corruption vulnerability exists in Microsoft Edge. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Apache httpd mod_cache_socache Denial of Service (CVE-2018-1303)
A denial-of-service vulnerability exists in Apache httpd. The vulnerability is due to improper validation of the headers in HTTP requests...
Dasan GPON Router Remote Command Injection (CVE-2018-10562)
A remote command execution vulnerability exists in Dasan GPON routers. A remote attacker could exploit this vulnerability by sending a malicious request to the victim. Successful exploitation of this vulnerability can result in the execution of arbitrary code in the context of the target user...
Microsoft Office Remote Code Execution (CVE-2018-8161)
A vulnerability exists in Office. The vulnerability is due to an error in the way Microsoft Office improperly discloses the contents of its memory. A remote attacker can exploit this issue by enticing a victim to open a specially crafted mail...
Microsoft Office Remote Code Execution (CVE-2018-8157)
A remote code execution vulnerability exists in Microsoft Office. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Edge Scripting Engine Memory Corruption (CVE-2018-0946)
A memory corruption vulnerability exists in Microsoft Edge. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Internet Explorer Memory Corruption (CVE-2018-0991)
A memory corruption vulnerability exists in Microsoft Internet Explorer. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Edge Chakra Scripting Engine Memory Corruption (CVE-2018-0995)
A memory corruption vulnerability exists in Microsoft Edge. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Graphics Remote Code Execution (CVE-2018-1016)
A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Cisco Smart Install Remote Code Execution (CVE-2018-0171)
A remote code execution vulnerability exists in Cisco Smart Install. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows Desktop Bridge Elevation of Privilege (CVE-2018-0882)
A vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Adobe Acrobat and Reader Out-of-bounds read (APSB18-02: CVE-2018-4903)
A vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Google Chrome V8 Type confusion (CVE-2017-5116)
A type confusion vulnerability exists in Google Chrome V8 Engine. The vulnerability is due to a race condition. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted web page. Successful exploitation could allow an attacker to execute arbitrary cod...
Microsoft Edge Scripting Engine Memory Corruption (CVE-2018-0773)
A remote code execution vulnerability exists in Microsoft Edge. The vulnerability is due to the way Microsoft Edge accesses an object in memory. A remote attacker can exploit this vulnerability by enticing a target victim to open a specially crafted web page...
Samsung Internet Browser SOP Bypass (CVE-2017-17692)
A SOP bypass vulnerability exists within the Samsung internet browser. This vulnerability is due to the way the browser handles its same origin policy. A successful attack could lead to stolen information...
Microsoft Browser Scripting Engine Information Disclosure (CVE-2017-11791)
An information disclosure vulnerability exists in Microsoft Browsers. The vulnerability is due to the way the scripting engine improperly handles objects in memory in the browser. A remote attacker can exploit this issue by enticing a user to open a specially crafted web-page with an affected...
Microsoft Windows SMB Server SMBv1 Information Disclosure (CVE-2017-11815)
An information disclosure vulnerability exists in the SMB Server component of Microsoft Windows. The vulnerability is due to improper handling of SMBv1 requests. A remote, authenticated attacker could exploit the vulnerability by sending a crafted request to a target SMB server...
Dnsmasq Integer Underflow Denial Of Service (CVE-2017-14496)
A denial of service vulnerability exists over Dnsmasq. This is due to the way Dnsmasq handles packet information. A successful attack could lead to a denial of service...
Apache Tomcat VirtualDirContext Information Disclosure (CVE-2017-12616)
An information disclosure vulnerability exists in Apache Tomcat. By crafting a malicious request an attacker may view the source code of jsp files for resources...
Mitsubishi Electric E-Designer BEComliSlave Status_bit Stack Buffer Overflow (CVE-2017-9638)
A stack-based buffer overflow vulnerability exists in Mitsubishi's Electric E-Designer. The vulnerability is due to the missing input validation of the Statusbit property of BEComliSlave configuration file. A remote attacker can exploit this vulnerability by enticing a user to visit a maliciously...
Microsoft Edge Remote Code Execution (CVE-2017-8617)
A remote code execution vulnerability exists in Microsoft Edge. The vulnerability is due to the way affected Microsoft Edge JavaScript scripting engine handles objects in memory. A remote attacker can exploit this vulnerability and execute arbitrary code in the context of the current user...
Microsoft Edge Scripting Engine Memory Corruption (CVE-2017-8497)
A remote code execution Vulnerability exists in Microsoft Edge. The vulnerability is due to the way JavaScript engine renders when handling objects in memory. A remote unauthenticated attacker could exploit this vulnerability by enticing the target user to open a specially crafted web page...
Microsoft Office EPS Remote Code Execution (CVE-2017-0262)
A remote code execution vulnerability exists in Encapsulated PostScript EPS of Microsoft Office. The vulnerability is due to the way that Microsoft Office does not properly handle objects in memory while parsing specially crafted Office files. A remote attacker can exploit this issue by enticing ...
HPE Intelligent Management Center accessMgrServlet Insecure Deserialization (CVE-2017-5790)
An insecure deserialization vulnerability has been reported in HPE Intelligent Management Center. The vulnerability is due to deserialization of untrusted data by the accessMgrServlet while having vulnerable classes in the code path. A remote, unauthenticated attacker can exploit this vulnerabili...
HPE Intelligent Management Center FileUploadServlet Directory Traversal (CVE-2017-5794)
A directory traversal vulnerability exist in HPE Intelligent Management Center. The vulnerability is due to a lack of proper input sanitization on multipart form-data requests in FileUploadServlet. A remote attacker can exploit this vulnerability by sending a maliciously crafted HTTP request...
Adobe Acrobat and Reader Integer Overflow (APSB17-11: CVE-2017-3034)
An integer overflow vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to a parsing error in XML Forms Architecture XFA engine in Adobe Reader and Acrobat. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...
Adobe Acrobat and Reader Use After Free (APSB17-11: CVE-2017-3057)
A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...
Microsoft Internet Explorer Elevation of Privilege (CVE-2017-0210)
An elevation of privilege vulnerability exists in Internet Explorer. The vulnerability is due to Internet Explorer not properly enforcing cross-domain policies. This could allow an attacker to access information from one domain and inject it into another domain...
Microsoft Windows DLL Loading Remote Code Execution (MS17-012: CVE-2017-0039)
A remote code execution vulnerability has been reported in Microsoft Windows. The vulnerability is due to the way Windows improperly validates input before loading certain libraries. A remote attacker could exploit this vulnerability by enticing a target user to open a specially crafted file...
Microsoft Internet Explorer Information Disclosure (MS17-006: CVE-2017-0008)
An information disclosure vulnerability exists in Internet Explorer. The vulnerability is due to the way Internet Explorer improperly handles objects in memory. A remote attacker could exploit this vulnerability by enticing the target user to open a specially crafted website...
Microsoft Internet Explorer Elevation of Privilege (MS17-006: CVE-2017-0154)
An elevation of privilege vulnerability exists in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page...
Adobe Acrobat and Reader Memory Corruption (APSB17-01: CVE-2017-2939)
A memory corruption vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a file with malformed cross-reference table. A remote attacker may exploit this vulnerability by enticing a target user to open a special...
Network Time Protocol Windows Daemon getEndptFromIoCtx Denial of Service (CVE-2016-9312)
A denial of service vulnerability has been reported in the Windows port of Network Time Foundation's NTP Daemon. The vulnerability is due to insufficient error handling when receiving large UDP packets. A remote, unauthenticated attacker can exploit this vulnerability by sending a large UDP packe...