13538 matches found
Adobe Acrobat and Reader Use After Free (APSB19-18: CVE-2019-7782)
A use-after-free vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Acrobat and Reader Out-of-Bounds Read (APSB19-18: CVE-2019-7140)
An out of bounds read vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...
Microsoft Internet Explorer Scripting Engine Memory Corruption (CVE-2019-0918)
A memory corruption vulnerability exists in Microsoft Internet Explorer. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Acrobat and Reader Out-of-Bounds Read (APSB19-18: CVE-2019-7801)
An out of bounds read vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...
Adobe Acrobat and Reader Buffer Errors (APSB19-18: CVE-2019-7824)
A vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Adobe Acrobat and Reader Out-of-Bounds Read (APSB19-18: CVE-2019-7811)
An out of bounds read vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...
Adobe Acrobat and Reader Security bypass (APSB19-18: CVE-2019-7779)
A security bypass vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability would allow remote attackers to bypass security tests and protocols on the affected system...
Adobe Acrobat and Reader Out-of-Bounds Read (APSB19-18: CVE-2019-7789)
An out of bounds read vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...
Adobe Acrobat and Reader Use After Free (APSB19-18: CVE-2019-7772)
A use-after-free vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Open Business Management Information Disclosure (CVE-2011-5144)
An information disclosure vulnerability exists in Open Business Management server. Successful exploitation could result in the disclosure of sensitive information...
Jenkins Ansible Tower Plugin Information Disclosure (CVE-2019-10310)
A cross-site request forgery vulnerability exists in Jenkins Ansible Tower Plugin. Successful exploitation of this vulnerability could lead to disclosure of credentials stored in Jenkins server...
Barco EOM Presentation platform Remote Code Execution (CVE-2019-3929)
A command injection vulnerability exists in several IoT devices. Successful exploitation results in the execution of arbitrary commands on the targeted device...
Rockwell Automation ControlLogix 5370 Web Portal Denial of Service (CVE-2019-10952)
A denial of service vulnerability exists in Rockwell Automation CompactLogix 5370 PLCs. A remote, unauthenticated attacker could send specific requests to the web server to cause denial of service conditions...
VMware Fusion Remote Code Execution (CVE-2019-5514)
A remote code execution vulnerability exists in VMware Fusion. Successful exploitation could lead to arbitrary code execution...
TP-Link TL-WR Buffer Overflow Remote Code Execution (CVE-2019-6989)
An arbitrary code execution vulnerability exists in TP-LINK TL-WR940N and TL-WR941ND. A remote attacker can exploit this vulnerability by sending a maliciously crafted packet to the target server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary cod...
SAP Gateway ACL Misconfiguration Remote Code Execution
An ACL Misconfiguration vulnerability exists in SAP Gateway. Successful exploitation of this vulnerability could lead to remote code execution on the affected system. Aka "10KBLAZE"...
Jenkins GitLab Plugin Information Disclosure (CVE-2019-10300)
An information disclosure vulnerability exists in Jenkins GitLab Plugin. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...
Oracle Fusion Middleware Remote Code Execution (CVE-2019-2618)
A remote code execution vulnerability exists in Oracle WebLogic Server component of Oracle Fusion Middleware. Successful exploitation of this vulnerability could lead to remote code execution on the target server...
Dell SupportAssist Client Software Remote Code Execution (CVE-2019-3719)
A Remote Code Execution vulnerability exists in Dell SupportAssist Client Software. Successful exploitation of this vulnerability could lead to remote code execution on the client side...
WordPress WooCommerce Checkout Manager Plugin Arbitrary File Upload
An Arbitrary File Upload vulnerability exists in WordPress WooCommerce Checkout Manager Plugin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Dell KACE K1000 Command Injection Remote Code Execution
A remote code execution exists in KACE K1000 app server. This vulnerability is due to lack of input validation. Successful exploitation of this vulnerability could allow a remote attacker to execute code on the affected system...
Microsoft Windows DHCP Client Remote Code Execution (CVE-2019-0726)
A remote code execution vulnerability exists in Microsoft DHCP Client. The vulnerability is due to improper processing of DHCP response messages, causing memory corruption. A remote attacker could exploit this vulnerability by sending maliciously crafted DHCP responses to a vulnerable target...
Sony Smart TV Authentication Bypass Information Disclosure (CVE-2019-11336)
An authentication bypass vulnerability exists in Sony Smart TV. Successful exploitation could result in the disclosure of sensitive user information...
Infomir Ministra SQL Injection Remote Code Execution
A remote code execution vulnerability exists in Ministra TV platform. This vulnerability is due to insufficient data validation. Successful exploitation of this vulnerability could lead to remote code execution on the affected system...
Apache Pluto Chat Room Demo Portlet Persistent Cross-Site Scripting (CVE-2019-0186)
A cross site scripting vulnerability exists in Apache Pluto. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary commands on the affected system...
Google Chrome Use After Free Denial Of Service (CVE-2019-5788; CVE-2019-5789)
Multiple use-after-free vulnerabilities exist in Google Chrome. Successful exploitation of these vulnerabilities could allow a remote attacker to create a denial of service condition on the affected system...
Google Chrome Integer Overflow Remote Code Execution
An integer overflow vulnerability exists in Google Chrome. The vulnerability is due to lack of input validation. Successful exploitation of this vulnerability could lead to remote code execution...
jQuery Prototype Pollution Object Cross-Site Scripting (CVE-2019-11358)
A Cross-Site Scripting vulnerability exists in jQuery. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
Google Chrome Race Condition Denial Of Service (CVE-2019-5796; CVE-2019-5797)
A denial-of-service vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to create a denial of service condition on the affected system...
TP-Link SR20 Arbitrary Code Execution
An arbitrary code execution vulnerability exists in TP-Link SR20 smart hub. An unauthenticated attacker can exploit this vulnerability by sending a maliciously crafted packet to the target server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary cod...
WordPress Yellow Pencil Plugin Privilege Escalation
An Option Update vulnerability exists in WordPress Yellow Pencil Plugin. Successful exploitation of this vulnerability could lead to modification of any options of the affected site...
Oracle WebLogic Server Remote Code Execution (CVE-2019-2725)
A remote code execution vulnerability exists within Oracle WebLogic. The vulnerability is due to improper XML deserialization. Successful exploitation could lead to arbitrary code execution...
Rockwell Automation Multiple Controllers Open Redirect (CVE-2019-10955)
An open redirect vulnerability exists in Rockwell Automation MicroLogix and CompactLogix controllers. A remote unauthenticated attacker could exploit this vulnerability to redirect users to a malicious site via a malicious link...
ASUS HG100 Devices Denial of Service (CVE-2018-11492)
A denial-of-service vulnerability exists in ASUS HG100 devices. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
Google Chrome V8 JavaScript Engine Denial of Service
A denial-of-service vulnerability exists in Google Chrome V8 Engine. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
Oracle Business Intelligence / XML Publisher XML External Entity Injection (CVE-2019-2616)
An XML External Entity Injection vulnerability exists in Oracle Business Intelligence and XML Publisher. Successful exploitation of this vulnerability could result in unauthorized access to critical data in Oracle BI Publisher...
NoneCMS ThinkPHP 5.X Remote Code Execution
A remote code execution vulnerability exists in NoneCMS ThinkPHP framework. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Apache Axis Remote Code Execution (CVE-2019-0227)
A remote code execution exists in Apache Axis server. A remote attacker can exploit this vulnerability to execute arbitrary code in the affected system via a crafted http response...
Cisco IOS SNMP Remote Code Execution (CVE-2017-6736)
A remote code execution vulnerability exists in Cisco IOS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Mozilla Firefox Use After Free(CVE-2018-18500)
A use after free vulnerability exists in Mozilla Firefox. The vulnerability is due to a memory corruption issue when handling elements objects in memory. A remote unauthenticated attacker could exploit this vulnerability by enticing a user to visit a malicious page...
Mozilla Firefox IonMonkey JIT Compiler Type Confusion (CVE-2019-9813)
A type confusion vulnerability exists in Mozilla Firefox IonMonkey JIT Compiler. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
WordPress Social-Warfare Plugin Cross-Site Scripting (CVE-2019-9978)
A Cross-Site Scripting vulnerability exists in WordPress social-warfare plugin. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...
Verizon Fios Quantum Gateway Authenticated Command Injection (CVE-2019-3914)
A command injection vulnerability exists in Verizon Fios Quantum Gateway G1100 firmware. Successful exploitation of this vulnerability could result in the execution of arbitrary commands with root privileges...
Apache Tomcat CGI Servlet Remote Code Execution (CVE-2019-0232)
A remote code execution vulnerability exists in Apache Tomcat CGI Servlet. Successful exploitation of this vulnerability could lead to remote code execution on the target server...
HooToo HT-05 Remote Code Execution
A remote code execution vulnerability exists in HooToo HT-05 travel router. A remote attacker can exploit this weakness to execute arbitrary code in the affected router via a crafted request...
Microsoft Internet Explorer XXE Injection Information Disclosure
An XML External Entity Injection Vulnerability Exists in Internet Explorer browser. This vulnerability is due to a flaw when parsing a malicious MHT file containing a reference to an external entity. Successful exploitation of this vulnerability could allow remote attacker to potentially exfiltra...
ISPsystem COREmanager Authentication Bypass
An authentication bypass vulnerability exists in ISPsystem COREmanager. A remote attacker could exploit this flaw by sending specially crafted packets to the affected server. Successful exploitation of this vulnerability would allow a remote attacker to hijack a user's session and escalating thei...
D-Link DI-524 Cross-Site Scripting (CVE-2019-11017)
A cross-site scripting vulnerability exists in D-Link DI-524. Successful exploitation of this vulnerability could allow remote attackers to inject arbitrary web script into the affected system...
WordPress Cerber Security Multiple Bypass Vulnerabilities
Multiple security bypass vulnerabilities exist in WordPress Cerber Security. A remote attacker can exploit these vulnerabilities by sending a specially crafted HTTP request packet. Successful exploitation of these vulnerabilities would allow remote attackers to bypass security test on the affecte...
HAProxy Compressed Name Denial of Service (CVE-2018-20103)
A denial-of-service vulnerability has been reported in HAProxy. The vulnerability is due to incorrect handling of compressed pointers. Successful exploitation of this vulnerability could lead to a denial of service condition...