13538 matches found
Advantech WebAccess SCADA gmicons.asp picfile Arbitrary File Upload (CVE-2017-16736)
An arbitrary file upload vulnerability exists in Advantech WebAccess SCADA software. The vulnerability is due to insufficient input validation of the picfile parameter within gmicons.asp...
Foxit Reader BMP biWidth Heap-based Buffer Overflow (CVE-2017-17557)
A heap-based buffer overflow vulnerability exists in the BMP processing component of Foxit Reader. This vulnerability is due to improper validation of the biWidth field in a BMP file...
Node.js Foundation Node.js zlib windowBits Denial of Service (CVE-2017-14919)
A denial of service vulnerability exists in Node.js. The vulnerability is due to a newer version of zlib that does not permit a value of 8 for windowBits, and crashes or throws an exception when passed said value...
ManageEngine ServiceDesk DownloadSnapshotServlet Directory Traversal (CVE-2017-11512)
A directory traversal vulnerability exists in ManageEngine ServiceDesk for Microsoft Windows. The vulnerability is due to a lack of sanitization on user supplied input on requests to the DownloadSnapshotServlet before using the input in file operations...
OMRON CX-One CX-FLnet Version and Node Name Heap-based Buffer Overflow (CVE-2018-8834)
A heap-based overflow exists in OMRON CX-One CX-FLnet module. The vulnerability is due to input validation error when processing Version and Node Name parameter of the FLN configuration file. A remote attacker could exploit these vulnerabilities by enticing a target user into opening a maliciousl...
GNU Wget Cookie Injection Policy Bypass (CVE-2018-0494)
A policy bypass vulnerability exists in Wget. The vulnerability is due to improper handling of cookies within HTTP responses, causing cookies for arbitrary domains to be set...
Roundcube Webmail archive.php IMAP Command Injection (CVE-2018-9846)
An IMAP command injection vulnerability exists in Roundcube Webmail. The vulnerability is due to improper handling of the "uid" parameter within certain HTTP requests. A remote attacker can exploit this vulnerability by enticing an authenticated user to visit a page which sends a request to the...
Microsoft Windows PDF Library JPEG2000 Parsing Out of Bounds Write (CVE-2017-0291)
An out-of-bounds write vulnerability exists in the JPEG2000 component of the PDF library in Microsoft Windows. The vulnerability is due to improper validation of embedded JPEG2000 streams...
HPE Intelligent Management Center DBMan RestoreDBase MySQL Command Injection (CVE-2017-5819)
A command injection vulnerability exists in the dbman component of HPE Intelligent Management Center. The vulnerability exists due to missing validation when handling MySQL databases commands...
HPE Intelligent Management Center WmiConfigContent Expression Language Injection (CVE-2017-12526)
An Expression Language injection vulnerability exists in HPE Intelligent Management Center. The vulnerability is due to insufficient handling of request parameter on wmiConfigContent.xhtml...
Dasan GPON Router Authentication Bypass (CVE-2018-10561)
An authentication bypass vulnerability exists in Dasan GPON routers. Successful exploitation of this vulnerability would allow remote attackers to obtain sensitive information and gain unauthorized access into the affected system...
Dasan GPON Router Remote Command Injection (CVE-2018-10562)
A remote command execution vulnerability exists in Dasan GPON routers. A remote attacker could exploit this vulnerability by sending a malicious request to the victim. Successful exploitation of this vulnerability can result in the execution of arbitrary code in the context of the target user...
Trend Micro Mobile Security Enterprise eas_agent_sync_client_info slink_id SQL Injection (CVE-2017-14078)
An SQL injection vulnerability exists in Trend Micro Mobile Security Enterprise. The vulnerability is due to insufficient validation of the slinkid request parameter with easagentsyncclientinfo action...
Microsoft Office Remote Code Execution (CVE-2018-8157)
A remote code execution vulnerability exists in Microsoft Office. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows VBScript Engine Remote Code Execution (CVE-2018-8174)
A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Office Remote Code Execution (CVE-2018-8161)
A vulnerability exists in Office. The vulnerability is due to an error in the way Microsoft Office improperly discloses the contents of its memory. A remote attacker can exploit this issue by enticing a victim to open a specially crafted mail...
Microsoft Edge Scripting Engine Memory Corruption (CVE-2018-0953)
A memory corruption vulnerability exists in Microsoft Edge. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Acrobat and Reader Double Free (APSB18-09: CVE-2018-4990)
A vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Adobe Acrobat and Reader Use After Free (APSB18-09: CVE-2018-4989)
A use-after-free vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Acrobat and Reader Out-of-bounds read (APSB18-09: CVE-2018-4973)
A out of bounds read vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...
Adobe Acrobat and Reader Out-of-bounds read (APSB18-09: CVE-2018-4960)
A out of bounds read vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...
Adobe Acrobat and Reader Heap Overflow (APSB18-09: CVE-2018-4982)
A buffer overflow vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Adobe Acrobat and Reader Use After Free (APSB18-09: CVE-2018-4974)
A use-after-free vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Acrobat and Reader Out-of-bounds read (APSB18-09: CVE-2018-4963)
A out of bounds read vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...
Adobe Acrobat and Reader Heap Overflow (APSB18-09: CVE-2018-4978)
A buffer overflow vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Adobe Acrobat and Reader Buffer Errors (APSB18-09: CVE-2018-4965)
A vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Adobe Acrobat and Reader Security bypass (APSB18-09: CVE-2018-4979)
A security bypass vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability would allow remote attackers to bypass security tests and protocols on the affected system...
Adobe Acrobat and Reader Use After Free (APSB18-09: CVE-2018-4952)
A use-after-free vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Acrobat and Reader Out-of-bounds read (APSB18-09: CVE-2018-4981)
A out of bounds read vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...
Microsoft Excel Remote Code Execution (CVE-2018-8148)
A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Acrobat and Reader Out-of-bounds read (APSB18-09: CVE-2018-4975)
A out of bounds read vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...
Microsoft Internet Explorer Memory Corruption (CVE-2018-8114)
A memory corruption vulnerability exists in Microsoft Internet Explorer. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Acrobat and Reader Use After Free (APSB18-09: CVE-2018-4977)
A use-after-free vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Acrobat and Reader Use After Free (APSB18-09: CVE-2018-4959)
A use-after-free vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Acrobat and Reader Out-of-bounds read (APSB18-09: CVE-2018-4970)
A out of bounds read vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...
Microsoft Win32k Elevation of Privilege (CVE-2018-8166)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Acrobat and Reader Use After Free (APSB18-09: CVE-2018-4961)
A use-after-free vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft DirectX Graphics Kernel Elevation of Privilege (CVE-2018-8165)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Acrobat and Reader Out-of-bounds read (APSB18-09: CVE-2018-4986)
A out of bounds read vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...
Microsoft Win32k Elevation of Privilege (CVE-2018-8164)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Acrobat and Reader Heap Overflow (APSB18-09: CVE-2018-4966)
A buffer overflow vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Adobe Acrobat and Reader Out-of-bounds write (APSB18-09: CVE-2018-4967)
A out of bounds write vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...
Microsoft Windows Common Log File System Driver Elevation of Privilege (CVE-2018-8167)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Office Remote Code Execution (CVE-2018-8158)
A remote code execution vulnerability exists in Microsoft Office. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Win32k Elevation of Privilege (CVE-2018-8120)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Acrobat and Reader Out-of-bounds write (APSB18-09: CVE-2018-4950)
A out of bounds write vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...
Adobe Acrobat and Reader Out-of-bounds read (APSB18-09: CVE-2018-4957)
A out of bounds read vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...
Microsoft Edge Scripting Engine Memory Corruption (CVE-2018-0946)
A memory corruption vulnerability exists in Microsoft Edge. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Edge Chakra Scripting Engine Memory Corruption (CVE-2018-0951)
A memory corruption vulnerability exists in Microsoft Edge. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Acrobat and Reader Heap Overflow (APSB18-09: CVE-2018-4947)
A buffer overflow vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...