13538 matches found
Microsoft Edge Memory Corruption (CVE-2018-8236)
A memory corruption vulnerability exists in Microsoft Edge. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows Desktop Bridge Elevation of Privilege (CVE-2018-8214)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Win32k Elevation of Privilege (CVE-2018-8233)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Internet Explorer Memory Corruption (CVE-2018-8249)
A memory corruption vulnerability exists in Microsoft Internet Explorer. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows Desktop Bridge Elevation of Privilege (CVE-2018-8208)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft HIDParser Elevation of Privilege (CVE-2018-8169)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Edge Memory Corruption (CVE-2018-8110)
A memory corruption vulnerability exists in Microsoft Edge. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Flash Player Integer Overflow (APSB18-19: CVE-2018-5000)
An integer overflow vulnerability exists in Adobe Flash Player. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Edge Memory Corruption (CVE-2018-8111)
A memory corruption vulnerability exists in Microsoft Edge. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Excel Remote Code Execution (CVE-2018-8248)
A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Internet Explorer Scripting Engine Memory Corruption (CVE-2018-8267)
A memory corruption vulnerability exists in Microsoft Internet Explorer. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Flash Player Out-of-bounds read (APSB18-19: CVE-2018-5001)
A out of bounds read vulnerability exists in Adobe Flash Player. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...
Microsoft Windows DNSAPI Remote Code Execution (CVE-2018-8225)
A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft NTFS Elevation of Privilege (CVE-2018-1036)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Media Foundation Memory Corruption (CVE-2018-8251)
A memory corruption vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Flash Player Type Confusion (APSB18-19: CVE-2018-4945)
A type confusion vulnerability exists in Adobe Flash Player. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Flash Player Buffer Overflow (CVE-2018-5002)
A buffer overflow vulnerability exists in Adobe Flash Player. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
ZIP Slip Arbitrary File Overwrite Remote Code Execution (CVE-2018-1002200; CVE-2018-1002201; CVE-2018-1002203; CVE-2018-1002204; CVE-2018-1002205; CVE-2018-1002206; CVE-2018-1002207; CVE-2018-1261; CVE-2018-8008; CVE-2018-8009; CVE-2021-43555)
A file overwrite vulnerability exist in archive formats. To trigger this issue, an attacker may create a malicious archive that will exploit this vulnerability. Successful exploitation of this vulnerability would allow a remote attacker to overwrite arbitrary files on the vulnerable system and...
Samba Printer Server spoolss Denial Of Service (CVE-2018-1050)
A Denial Of Service vulnerability exists in Samba Printer Service. The vulnerability is due to improper validation of user input...
Quagga aspath_put BGP Session Drop Denial of Service (CVE-2017-16227)
A denial-of-service vulnerability exists in Quagga. The vulnerability is due to an improper calculation of ASPATH. A remote attacker can exploit this vulnerability by sending a specially crafted request to the affected service. Successful exploitation would cause the target to crash, resulting in...
Apache httpd FilesMatch Directive Security Restriction Bypass (CVE-2017-15715)
A security policy bypass vulnerability exists in Apache httpd. A remote attacker can exploit this vulnerability by sending a HTTP request with crafted URI to the remote HTTP server. Successful exploitation could result security policy bypass and arbitrary file upload...
D-Link DSL-2750B Remote Command Execution
A remote code execution vulnerability has been reported in D-Link DSL-2750B routers. Successful exploitation could lead to arbitrary code execution on the vulnerable device...
TP-Link TL-WR840N/TL-WR841N Authentication Bypass
An authentication bypass vulnerability exists in TP-Link WR840N and TL-WR841N routers. Successful exploitation of this vulnerability would allow remote attackers to obtain sensitive information and gain unauthorized access into the affected system...
Squid Proxy ESI Response Processing Denial of Service v2
A denial-of-service vulnerability exists in Squid Proxy. The vulnerability is due to incorrect pointer handling when processing ESI responses...
Linksys WVBR0-25 Command Injection (CVE-2017-17411)
A command injection vulnerability exists in Linksys WVBR0-25. The vulnerability is due to insufficient input validation in the router's web management portal. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code...
Netgear DGN2200B Cross-Site Scripting
A cross-site scripting vulnerability has been reported in Netgear DGN2200B routers. Successful exploitation will result in the attacker-controlled script code being executed in the target user's browser in the context of the affected machine...
Dell EMC VMAX Virtual Appliance Manager Directory Traversal Remote Code Execution (CVE-2018-1215)
A directory traversal vulnerability exists in Dell EMC VMAX Virtual Appliance vApp. The vulnerability is due to improper handling of user-supplied requests for file uploads. Successful exploitation of this vulnerability could lead to arbitrary code execution...
Adobe Acrobat and Reader Client Side Request Injection (APSB18-09: CVE-2018-4995)
A Security Bypass vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Apache Tika Chmparser Denial Of Service (CVE-2018-1339)
A denial-of-service vulnerability exists in Apache Tika. The vulnerability is due to improper handling of a Microsoft Compiled HTML Help file during enumerating its listing chunks...
Apache httpd mod_cache_socache Denial of Service (CVE-2018-1303)
A denial-of-service vulnerability exists in Apache httpd. The vulnerability is due to improper validation of the headers in HTTP requests...
Squid Proxy Denial of Service (CVE-2018-1172; CVE-2018-1000027)
A denial of service vulnerability exists in Squid Proxy. Successful exploitation of this vulnerability would allow remote attackers to cause denial of service on the affected system...
NetGain Systems Enterprise Manager snmpwalk ip Directory Traversal (CVE-2017-16598)
A directory traversal vulnerability exists in NetGain Systems Enterprise Manager. The vulnerability is due to an improper input validation. Successful exploitation could lead to arbitrary code execution...
QNAP QTS Remote Command Injection (CVE-2013-0143)
Remote command injection vulnerabilities exist in QNAP QTS. A remote attacker can exploit these weaknesses to execute arbitrary commands in the affected devices via a crafted request...
NETGEAR DGN2200 Remote Code Execution (CVE-2017-5521; CVE-2017-6077)
A remote code execution vulnerability has been reported in NETGEAR DGN2200 routers. Successful exploitation could lead to arbitrary code execution...
Netgear WNDR4700 Router Authentication Bypass (CVE-2013-3071)
An authentication bypass vulnerability exists in Netgear WNDR4700 routers. This allows remote attackers to perform administrative actions without authentication...
VPNFilter Client Malicious Self-Signed Certificate
VPNFilter is multi-stage malware that infects certain routers. It uses a custom SSL certificate in order to download data required to proceed to the second stage of the infection. Successful exploitation may lead to the device being compromised...
NETGEAR WNR2000 Authentication Bypass (CVE-2016-10176)
An authentication bypass vulnerability exists in NETGEAR WMR2000 Routers. Successful exploitation of this vulnerability would allow remote attackers to obtain sensitive information and gain unauthorized access into the affected system...
Red Hat Linux DHCP Client Command Injection (CVE-2018-1111)
A remote command execution vulnerability exists in DHCP client implementation of Red Hat Linux. A remote attacker could exploit this vulnerability by sending a malicious request to the victim. Successful exploitation of this vulnerability can result in the execution of arbitrary code in the conte...
Quest NetVault Backup Multipart Request Authentication Bypass (CVE-2018-1163)
An authentication bypass vulnerability exists in the web interface component of Quest NetVault Backup. The vulnerability is due to how the server handles the HTTP requests...
Cisco Prime File Upload Servlet Remote Code Execution (CVE-2018-0258)
A remote code execution vulnerability has been reported in Cisco Prime File Upload Servlet. This is due to improper input validation of the parameters in the HTTP request and a processing error in the role-based access control RBAC of URLs. A remote attacker could exploit this vulnerability by...
OpenPGP and S/MIME eFail Information Disclosure
An information disclosure vulnerability exists in OpenPGP and S/MIME. Successful exploitation would allow the attacker to decrypt the traffic and obtain or modify sensitive information...
Electron NodeIntegration Remote Code Execution (CVE-2018-1000136)
A remote code execution vulnerability exists in Electron. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Flash Player Matrix3D Integer Overflow Remote Code Execution (APSB12-19: CVE-2012-5054)
A remote code execution vulnerability exists in Flash Player. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Opera Browser Content Length Buffer Overflow (CVE-2010-1349)
A buffer overflow vulnerability exists in Opera Browser. The vulnerability is due to a boundary error in the way the browser processes HTTP server replies. Remote attackers could exploit this vulnerability by persuading a target user to connect to an attacker-controlled HTTP server with a...
FreeBSD Routed Daemon Routing Information Protocol Assertion Failure (CVE-2015-5674)
A Routing Information Protocol Assertion Failure vulnerability exists in the FreeBSD. The vulnerability is caused due to improper handling of crafted requests. A remote attacker can exploit this vulnerability by sending crafted packets through the router...
HPE Operations Orchestration backwards-compatibility beanutils Insecure Deserialization (CVE-2017-8994)
An insecure deserialization vulnerability exists in HPE Operations Orchestration. The vulnerability is due to the incomplete fix for deserialization of untrusted data in backwards-compatibility servlets...
Apache Solr Data Import Handler XML External Entity Expansion Information Disclosure (CVE-2018-1308)
An XML external entity expansion vulnerability has been reported in Apache Solr. The vulnerability is due to improper handling of XML external entities in XML content submitted to the DataImportHandler. A remote attacker can exploit this vulnerability by submitting a crafted request to the target...
VMware VNC VMWDynResolution Heap Buffer Overflow (CVE-2017-4933)
A heap buffer overflow vulnerability exists in the VNC component of VMware. The vulnerability is due to an error in processing VMWDynResolution requests...
Mozilla Firefox Vorbis Audio Residue Codebook Out of Bounds Write (CVE-2018-5146)
An out of bounds write vulnerability exists in Mozilla Firefox. The vulnerability is due to insufficient handling of residue codebooks in Vorbis audio data...
NetGain Systems Enterprise Manager misc.sample_jsp type Directory Traversal (CVE-2017-16599)
A directory traversal vulnerability exists in NetGain Systems Enterprise Manager. The vulnerability is due to an input validation while processing type parameter in org.apache.jsp.u.jsp.reports.templates.misc.samplejsp servlet...