13538 matches found
Adobe Acrobat and Reader Integer Overflow (APSB19-41: CVE-2019-8101)
An integer overflow vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Acrobat and Reader Out-of-Bounds Read (APSB19-41: CVE-2019-8094)
An out of bounds read vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...
Adobe Acrobat and Reader Heap Overflow (APSB19-41: CVE-2019-8049)
A buffer overflow vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Adobe Acrobat and Reader Use After Free (APSB19-41: CVE-2019-8061)
A use-after-free vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Acrobat and Reader Out-of-Bounds Read (APSB19-41: CVE-2019-8005)
An out of bounds read vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...
Adobe Acrobat and Reader Out-of-Bounds Read (APSB19-41: CVE-2019-8021)
An out of bounds read vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...
Microsoft Edge Chakra Scripting Engine Memory Corruption (CVE-2019-1197)
A memory corruption vulnerability exists in Microsoft Edge. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
KDE KDesktopFile Command Injection
A command injection vulnerability exists in KDesktopFile class. A remote attacker could exploit this vulnerability by sending a crafted compressed folder to an affected client...
Dahua Amcrest IP Camera Information Disclosure (CVE-2019-3948)
An information disclosure vulnerability exists in Amcrest IP camera. An unauthenticated, remote attacker can connect to this endpoint and listen to the audio the camera is capturing...
Schneider Electric Pelco Endura Authentication Bypass (CVE-2019-6814)
An authentication bypass vulnerability exists in Schneider Electric Pelco Endura. This allows remote attackers to perform administrative actions without authentication...
WordPress MapSVG Lite Plugin Cross Site Request Forgery (CVE-2019-1000003)
A cross site request forgery vulnerability exists in WordPress MapSVG Lite plugin. Successful exploitation of this vulnerability can result in the execution of arbitrary code in the effected system...
WordPress Quizlord Plugin Cross-Site Scripting (CVE-2018-17140)
A cross-site scripting vulnerability exists in WordPress Quizlord plugin. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
SQLite fts3_tokenizer Untrusted Pointer Remote Code Execution (CVE-2019-8602; CVE-2015-7036)
A remote code execution vulnerability exists in SQlite fts3tokenizer. Successful exploitation could result in execution of arbitrary code on the affected system...
DSLR Cameras PTP/IP Multiple Buffer Overflow Vulnerabilities (CVE-2019-5994; CVE-2019-5999; CVE-2019-6000)
Multiple buffer overflow vulnerabilities exist in DSLR cameras. A remote attacker can exploit this vulnerability by sending specially crafted PTP/IP packets. Successful exploitation of these vulnerabilities could allow arbitrary code execution or a system crash...
WordPress Database Backup Plugin Command Injection
A command injection vulnerability exists in WordPress Database Backup Plugin. Successful exploitation results in the execution of arbitrary commands on the targeted device...
WordPress OneSignal Plugin Cross-Site Scripting
A Cross-Site Scripting vulnerability exists in WordPress OneSignal plugin. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...
Lord Exploit Kit Landing Page
Lord exploit kit is a web exploit kit that operates by delivering malicious payload to the victim's computer. Successful infection will allow the attacker to download additional malware to the target...
Cisco RV320 and RV325 Routers Information Disclosure (CVE-2019-1653)
An information disclosure vulnerability exists in Cisco RV320 and RV325 Routers. Successful exploitation of this vulnerability would allow remote attackers to gain access to sensitive information and gain unauthorized access into the affected system...
Centreon Nagios Path Command Injection (CVE-2019-13024)
A command injection vulnerability exists in Centreon. Successful exploitation of this vulnerability would allow remote attackers to execute system arbitrary commands in the affected system...
Symantec DLP Cross-Site Scripting (CVE-2019-9701)
A cross-site scripting vulnerability exists in Symantec DLP 15.5 MP1. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the effected system...
Adobe ColdFusion Remote Code Execution (CVE-2019-7839)
A remote code execution vulnerability exists in Adobe ColdFusion. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Imperva SecureSphere PWS Command Injection (CVE-2018-16660)
A command injection vulnerability exists in Imperva SecureSphere gateway. Successful exploitation of this vulnerability would allow remote attackers to execute arbitrary OS commands in the effected system...
Schneider Electric Modicon Multiple Authentication Bypass Vulnerabilities (CVE-2018-7809; CVE-2018-7810; CVE-2018-7811)
Multiple authentication bypass vulnerabilities exist in Schneider Electric Modicon. A remote, unauthenticated attacker can exploit this vulnerability by sending a crafted HTTP request to the affected page. Successful exploitation results in the attacker being able to change the password for...
Geutebruck IP Camera GCam Efd2250 Remote Code Execution (CVE-2017-5173; CVE-2017-5174)
A remote code execution vulnerability exists in Geutebruck IP Camera GCam Efd2250 Firmware. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
WordPress WP Live Chat Plugin Arbitrary File Upload (CVE-2019-11185)
An Arbitrary File Upload vulnerability exists in WordPress Live Chat Plugin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the effected system...
Palo Alto Networks GlobalProtect SSL VPN Remote Code Execution (CVE-2019-1579)
A Remote Code Execution vulnerability exists in Palo Alto Networks GlobalProtect SSL VPN Gateway. An unauthenticated attacker could exploit the vulnerability by sending a specially crafted request to a vulnerable SSL VPN target. Successful exploitation of this vulnerability would allow remote...
Android Out Of Bounds Write Remote Code Execution (CVE-2019-2107)
A remote code execution vulnerability exists in Android. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Eclipse Foundation Mosquitto Pattern Based ACL Bypass (CVE-2017-7650)
An ACL bypass vulnerability has been reported in Eclipse Foundation Mosquitto. A remote user can exploit this vulnerability by sending a crafted request to the target server...
NETGEAR WiFi Routers JWNR2010v5 and R6080 Authentication Bypass
An authentication bypass vulnerability exists in NETGEAR WiFi Routers. Successful exploitation of this vulnerability allows remote attackers to bypass authentication and retrieve security questions answers...
OpenMRS Platform Insecure Deserialization (CVE-2018-19276)
An Insecure Deserialization vulnerability exists in OpenMRS platform. A remote attacker can exploit this vulnerability by sending a specially crafted serialized object. Successful exploitation can result in arbitrary code execution in the effected system...
Citrix SD-WAN Center Command Injection (CVE-2019-10883)
A Command Injection vulnerability exists in Citrix SD-WAN Center. This vulnerability is due to insufficient validation of user-supplied data in one of the controllers. Successful exploitation of this vulnerability would allow remote attacker to execute arbitrary OS commands on the remote host...
Atlassian Jira Server Remote Code Execution (CVE-2019-11581)
A remote code execution vulnerability exists in Atlassian Jira Server and Jira Data Center. A remote attackers can exploit this vulnerability by sending a specially crafted HTTP request packet to an affected system...
HTTP Unauthorized Brute Force Attempt
A remote attacker can exploit this vulnerability by using HTTP brute force attempt. These attacks are aimed to cause the server to crash or become unresponsive...
Jenkins Dependency Graph View Plugin Cross-Site Scripting (CVE-2019-10349)
A Cross-Site Scripting vulnerability exists in Jenkins Dependency Graph View plugin. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...
Mozilla Spidermonkey Denial of Service
A denial of service vulnerability exists in Mozilla Spidermonkey caused by an unboxed objects uninitialized memory access. Successful exploitation of this vulnerability could result in denial of service conditions...
OpenDreamBox WebAdmin Plugin Remote Code Execution
A remote code execution vulnerability exists in OpenDreamBox WebAdmin Plugin . Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
VMware NSX SD-WAN Edge Remote Code Execution (CVE-2018-6961)
A remote code execution vulnerability exists in VMware NSX SD-WAN Edge . Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Atlassian Crowd Remote Code Execution (CVE-2019-11580)
A file upload vulnerability exists in Atlassian Crowd webserver. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Zoom Client Webcam Denial of Service (CVE-2019-13449)
A denial of service vulnerability exists in Zoom Client Webcam. Successful exploitation of this vulnerability could result in denial of service conditions...
Citrix SD-WAN Center Multiple Command Injection Vulnerabilities (CVE-2019-12985; CVE-2019-12986; CVE-2019-12987; CVE-2019-12988; CVE-2019-12990; CVE-2019-12992)
Multiple Command Injection vulnerabilities exist in Citrix SD-WAN Center. Successful exploitation of these vulnerabilities would allow remote attackers to execute arbitrary commands on the remote host...
Mozilla Firefox DOMParser Denial of Service
A denial of service vulnerability exists in Firefox DOMParser parseFromString function. Successful exploitation of this vulnerability could result in denial of service conditions...
Siemens TIA Portal Remote Code Execution (CVE-2019-10915)
A remote code execution vulnerability exists in Siemens TIA Portal. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
WordPress Limit Login Attempts Plugin Authentication Bypass
An authentication bypass vulnerability exists in WordPress Limit Login Attempts Plugin. Successful exploitation of this vulnerability allows remote attackers to bypass authentication and the rate limiting service...
CentOS Web Panel Command Injection (CVE-2018-18322)
A command injection vulnerability exists in CentOS Web Panel. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Microsoft Office Remote Code Execution (CVE-2018-0798)
A stack-based buffer overflow vulnerability exists in Microsoft Office. A remote, unauthenticated attacker can exploit this vulnerability by supplying a maliciously crafted OLE file to the affected target...
Zoom Client Webcam Hijacking (CVE-2019-13450)
A Webcam Hijacking vulnerability exists in Zoom Client for macOS. A machine remains vulnerable if the Zoom Client was installed in the past and then uninstalled. A remote attacker can force a user to join a video call with the video camera active...
Microsoft Edge Chakra Scripting Engine Memory Corruption (CVE-2019-1103)
...
Microsoft Edge Chakra Scripting Engine Memory Corruption (CVE-2019-1106)
...
Microsoft Edge Chakra Scripting Engine Memory Corruption (CVE-2019-1107)
...
Microsoft Internet Explorer Memory Corruption (CVE-2019-1063)
...