13538 matches found
Microsoft Win32k Elevation of Privilege (CVE-2020-0887)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft VBScript Remote Code Execution (CVE-2020-0847)
A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Acrobat and Reader Out-of-Bounds Read (APSB20-13: CVE-2020-3804)
An out of bounds read vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...
Microsoft DirectX Elevation of Privilege (CVE-2020-0690)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Win32k Elevation of Privilege (CVE-2020-0877)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft VBScript Remote Code Execution (CVE-2020-0824)
A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Win32k Elevation of Privilege (CVE-2020-0788)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Internet Explorer Scripting Engine Memory Corruption (CVE-2020-0833)
A memory corruption vulnerability exists in Microsoft Internet Explorer. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Internet Explorer Scripting Engine Memory Corruption (CVE-2020-0832)
A memory corruption vulnerability exists in Microsoft Internet Explorer. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Acrobat and Reader Use After Free (APSB20-13: CVE-2020-3805)
A use-after-free vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Cisco Prime Data Center Network Manager Remote Code Execution (CVE-2019-1620)
A remote code execution vulnerability exists in Cisco Prime Data Center Network Manager. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Progress Telerik UI Remote Code Execution (CVE-2019-18935)
A remote code execution vulnerability exists in Progress Telerik UI for Asp.Net Ajax. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Zoho ManageEngine Remote Code Execution (CVE-2020-10189)
A remote code execution vulnerability exists in Zoho ManageEngine Desktop Central. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Digium Asterisk res_http_websocket Denial of Service (CVE-2018-17281)
A denial of service vulnerability exists in Digium Asterisk reshttpwebsocket. The vulnerability may occur when sending an HTTP Upgrade Request. Successful exploitation of this vulnerability could allow a remote attacker to cause denial of service conditions on the target system...
HPE Intelligent Management Center Remote Code Execution (CVE-2019-5370)
An expression language injection vulnerability exists in HPE Intelligent Management Center. This vulnerability is due to insufficient handling of the beanName request parameter by the IctTableExportToCSVBean class...
HPE Intelligent Management Center Remote Code Execution (CVE-2019-11943)
An expression language injection vulnerability exists in HPE Intelligent Management Center. This vulnerability is due to insufficient handling of the beanName request parameter by the SoapConfigBean class. Successful exploitation results in the execution of arbitrary code under the security conte...
Samba Denial of Service (CVE-2019-12436)
A denial-of-service vulnerability exists in Samba. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
Electronic Arts Origin Client Remote Code Injection (CVE-2019-11354)
A template injection vulnerability exists in the Electronic Arts Origin Client. The vulnerability is due to improper validation of data in the title parameter. Successful exploitation could result in command execution on the target machine in the context of the application...
HPE Intelligent Management Center Insecure Deserialization (CVE-2019-11944)
An insecure deserialization vulnerability exists in HPE Intelligent Management Center. The vulnerability is due to deserialization of untrusted data by the MetaDataEntry while having vulnerable classes in the code path. Successful exploitation of this vulnerability could result in execution of...
TurboVNC Fence Message Stack-based Buffer Overflow (CVE-2019-15683)
A stack-based buffer overflow exists in TurboVNC server. The vulnerability is due to improper handling Fence message and lack of stack frame protection. A remote attacker can exploit this vulnerability by sending malicious packets to the Server. Successful exploitation of this vulnerability could...
Advantech WebAccess Remote Code Execution (CVE-2019-10987)
A remote code execution vulnerability exists in Advantech WebAccess. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Apache httpd Server Buffer Overflow (CVE-2019-10097)
A buffer overflow vulnerability exists in Apache httpd server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
HPE Intelligent Management Center Remote Code Execution (CVE-2019-5386)
An Expression Language injection vulnerability exists in HPE Intelligent Management Center. This vulnerability is due to insufficient handling of the beanName request parameter by the ViewBatchTaskResultDetailBean class. A remote, authenticated attacker can exploit this vulnerability by sending a...
Advantech WebAccess Buffer Overflow (CVE-2019-10991)
A stack-based buffer overflow vulnerability exists in Advantech WebAccess. The vulnerability is due to a lack of boundary checks while copying user-supplied data into a stack-based buffer within giffconv.exe. A remote, unauthenticated attacker could exploit this vulnerability by sending a...
Microsoft Exchange Server Remote Code Execution (CVE-2020-0688)
A remote code execution vulnerability exists in Microsoft Exchange Server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Digium Asterisk Denial Of Service (CVE-2019-12827)
A denial-of-service vulnerability exists in Digium Asterisk. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
Cesanta Mongoose Buffer Overflow (CVE-2019-12951)
A buffer overflow vulnerability exists in Cesanta Mongoose. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Advantech WebAccess SCADA Policy Bypass (CVE-2019-13552)
A policy bypass vulnerability exists in Advantech WebAccess. Successful exploitation of this vulnerability could allow the disclosure of sensitive information...
TightVNC Integer Overflow (CVE-2019-15678)
An integer overflow vulnerability exists in TightVNC vncviewer. This vulnerability is due to improper handling of ServerCutText messages. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Internet Explorer jscript.dll Use After Free (CVE-2019-1429)
A memory corruption vulnerability exists in Microsoft Internet Explorer. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Oracle Weblogic Server Remote Code Execution (CVE-2019-2888)
An External Entity Injection vulnerability exists in Oracle Weblogic. This vulnerability is due to insufficient validation of XML data. A remote attacker could exploit this vulnerability by sending malicious XML data to the target server. Successful exploitation of this vulnerability could result...
Solarwinds Serv-U Ftp Server Cross-Site Scripting (CVE-2019-13182)
A cross-site scripting vulnerability exists in Solarwinds Serv-U Ftp server. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
UltraVNC VNC Server Heap-based Buffer Overflow (CVE-2019-8274)
A buffer overflow vulnerability exists in UltraVNC VNC Server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Oracle Weblogic Server Remote Code Execution (CVE-2019-2890)
An insecure deserialization vulnerability exists in Oracle Weblogic. This vulnerability is due to insufficient validation of T3 requests. A remote authenticated attacker can exploit this vulnerability by sending crafted requests to a vulnerable server. Successful exploitation of this vulnerabilit...
Cisco Security Manager Insecure Deserialization (CVE-2019-12630)
An insecure deserialization vulnerability exists in Cisco Security Manager. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the affected system...
Apache Log4j Remote Code Execution (CVE-2019-17571)
A remote code execution vulnerability exists in Apache Log4j. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows Imaging API Remote Code Execution (CVE-2019-1311)
A remote code execution vulnerability exists in Microsoft Windows Imaging API. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Eclipse Mosquitto Denial Of Service (CVE-2019-11779)
A stack overflow exists in Eclipse Mosquitto. The vulnerability is due to insufficient handling of the Topic in MQTT SUBSCRIBE messages. A remote attacker can exploit this vulnerability by sending a crafted MQTT SUBSCRIBE message with a large number of topic hierarchy separators in the topic...
Git Submodule Remote Code Execution (CVE-2018-17456)
A remote code execution vulnerability exists in Git. Successful exploitation of this vulnerability could lead to arbitrary code execution on the affected system...
Microsoft Windows Jet Database Off By One (CVE-2019-1406)
A remote code execution vulnerability exists in the Jet Database Engine component of Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Squid Proxy Heap Buffer Overflow (CVE-2019-12526)
A heap buffer overflow vulnerability has been reported in Squid Proxy. Successful exploitation could result in execution of arbitrary code under the security context of the squid process...
Harbor Container Registry Privilege Escalation (CVE-2019-16097)
A Privilege Escalation vulnerability exists in Harbor Container Registry. Successful exploitation of this vulnerability would allow a remote attacker to gain unauthorized access to the affected system...
Apache James Server Command Injection (CVE-2015-7611)
A command injection vulnerability exists in Apache James server. Successful exploitation of this vulnerability would allow remote attackers to execute arbitrary commands on the affected system...
Embedthis Goahead Use-After-Free (CVE-2019-5096)
A use-after-free vulnerability exists in Embedthis Goahead. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Dovecot And Pigeonhole Remote Code Execution (CVE-2019-11500)
A remote code execution vulnerability exists in Dovecot and Pigeonhole. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Elog Project Denial of Service (CVE-2019-3995; CVE-2020-8859)
A denial of service vulnerability exists in Elog. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
Microsoft Windows DHCP Server Denial of Service (CVE-2019-1206)
A remote code execution exists in the DHCP Server component of Microsoft Windows. The vulnerability is due to improper handling of DHCP failover packets leading to memory corruption. A remote attacker can exploit this vulnerability by sending crafted DHCP failover packets to the target server...
WordPress Duplicator Plugin Arbitrary File Download
An arbitrary file download vulnerability exists in WordPress Duplicator plugin. Successful exploitation of this vulnerability would allow a remote attacker to download arbitrary files from the affected system...
Phpgurukul Hospital Management System Authentication Bypass
An authentication bypass vulnerability exists in Phpgurukul Hospital Management System. Successful exploitation of this vulnerability allows an attacker to gain complete access to the configuration of the affected system...
Microsoft Windows Server Memory Corruption (CVE-2019-0785)
A memory corruption vulnerability exists in Microsoft Windows server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...