13538 matches found
Microsoft Windows SNMP Denial of Service (CVE-2018-0967)
A Denial of service vulnerability exists in Microsoft Windows SNMP Service. The service fails to properly handle malformed SNMP messages. An attacker could exploit this vulnerability via a specially crafted SNMP message...
FreeRADIUS fr_dhcp_attr2vp Integer Underflow Out of Bounds Read (CVE-2017-10986)
FreeRADIUS RADIUS Server is an open source Other functions include setting the DNS servers, gateway, routes etc. The Bootstrap Protocol BOOTP was an older protocol standard built for the same functionality; DHCP servers extend the BOOTP protocol and provide additional features. BOOTP and DHCP use...
Drupal Core Remote Code Execution (CVE-2018-7602)
A code execution vulnerability exists in Drupal Core. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows Lockdown Policy .NET Remote Code Execution
A remote code execution vulnerability has been reported in Microsoft Windows Lockdown Policy. The vulnerability is due to an error in the .NET Framework. A remote attacker can exploit this issue by enticing a target user to open a specially crafted file...
Tcpdump ISAKMP Ikev2_e_print Buffer Overflow - Ver2
A buffer overflow vulnerability exists in tcpdump. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Synology Photo Station Arbitrary File Upload (CVE-2017-11151) - Ver2
A vulnerability exists in Synology Photo Station. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
MongoDB Unauthenticated Remote Database Drop - Ver2
Database drop vulnerability exists in MongoDB. Unauthenticated remote attacker could connect and execute arbitrary dropping database...
Alt-N MDaeamon Buffer Overflow - Ver2
A buffer overflow vulnerability exists in Alt-N MDaeamon. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Oracle WebLogic WLS Core Component Remote Code Execution (CVE-2018-2628; CVE-2018-2893)
A remote code execution was discovered in Oracle WebLogic. An unauthenticated attacker may use this vulnerability to execute code on the vulnerable server...
Mozilla Firefox Table Use After Free (CVE-2017-5404) - Ver2
A use-after-free vulnerability exists in Mozilla Firefox. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Pivotal Spring Commons Remote Code Execution (CVE-2018-1273)
A remote code execution was discovered in Pivotal Spring Commons. An unauthenticated attacker may use this vulnerability to execute code on the vulnerable server...
WINS Replication Sessions Memory Corruption - Ver2
A memory corruption vulnerability exists in WINS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Trend Micro Control Manager Directory Traversal In IMPORTFILE.PHP - Ver2
A directory traversal vulnerability exists in Trend Micro. Successful exploitation of this vulnerability would allow a remote attacker to list directories on the affected system...
Trend Micro Control Manager External Entity Information Disclosure - Ver2
An information disclosure vulnerability exists in Trend Micro. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...
Shadow Brokers Easybee Attack - Ver2
A vulnerability exists in Shadow Brokers. A remote, unauthenticated attacker could execute arbitrary code on the target system by sending email which contains malicious commands. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Multiple PDF readers NTLMv2 Credential Theft (CVE-2018-4993)
A data leakage vulnerability exists in Multiple PDF readers. A remote attacker can exploit this vulnerability by enticing the target user to open a specially crafted PDF file. Successful results in leakage of the affected user's Net-NTLM credentials...
Microsoft Windows DNSAPI NSEC3 Heap-based Buffer Overflow (CVE-2017-11779) - Ver2
A heap-based buffer overflow vulnerability exists in the DNSAPI component of Microsoft Windows. The vulnerability is due to insufficient validation of certain components of NSEC3 records. A remote attacker could exploit this vulnerability by sending a malicious DNS response directly to the target...
Microsoft Office Information Disclosure (CVE-2018-0950)
A vulnerability exists in RTF based emails which cause information disclosure through Outlook on Windows. The vulnerability is due to an error in the way Microsoft Office improperly discloses the contents of its memory. A remote attacker can exploit this issue by enticing a victim to open a...
Apache Struts2 Freemarker Remote Code Execution (CVE-2017-12611) - Ver2
A remote code execution vulnerability exists in Apache. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe ColdFusion Insecure Deserialization - Ver2 (CVE-2017-11284)
A vulnerability exists in Adobe ColdFusion. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Ruby Net FTP Command Injection (CVE-2017-17405) - Ver2
A command execution vulnerability exists in Ruby. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
HPE System Management Homepage Cross-site Scripting (CVE-2017-12544) - Ver2
A cross-site scripting vulnerability exists in HPE System Management Homepage. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
Cisco IOS Remote Code Execution (CVE-2017-3881) - Ver2
A remote code execution vulnerability exists in Cisco IOS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
HPE Intelligent Management Center Remote Code Execution (CVE-2017-12521) - Ver2
A remote code execution vulnerability exists in HPE Intelligent Management Center. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Coins LTD Exploit Kits Traffic Distribution System
Coins LTD Traffic Distribution System TDS operates by silently redirecting the victim to a malicious web page, leading to infection by an exploit kit. Successful infection will allow the attacker to download additional malware to the target...
ISC DHCP Server OMAPI Disconnect Denial Of Service (CVE-2017-3144) - Ver2
A denial-of-service vulnerability exists in ISC DHCP. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
HPE Intelligent Management Center Remote Code Execution (CVE-2017-12490) - Ver2
A remote code execution vulnerability exists in HPE Intelligent Management Center. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
HPE Intelligent Management Center Remote Code Execution (CVE-2017-12491) - Ver2
A remote code execution vulnerability exists in HPE Intelligent Management Center. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
HPE Intelligent Management Center Remote Code Execution (CVE-2017-12526) - Ver2
A remote code execution vulnerability exists in HPE Intelligent Management Center. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
HPE Intelligent Management Center Remote Code Execution (CVE-2017-12500) - Ver2
A remote code execution vulnerability exists in HPE Intelligent Management Center. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
OpenLDAP Zero Size PagedResultsControl Double Free Denial Of Service (CVE-2017-9287) - Ver2
A denial-of-service vulnerability exists in OpenLDAP. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
DNSmasq Response Heap Buffer Overflow (CVE-2017-14491) - Ver2
A buffer overflow vulnerability exists in DNSmasq. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
HPE Intelligent Management Center Arbitrary File Upload (CVE-2017-8961) - Ver2
A directory traversal vulnerability exists in HPE Intelligent Management Center. Successful exploitation of this vulnerability would allow a remote attacker to list directories on the affected system...
Advantech WebAccess Buffer Overflow (CVE-2017-14016) - Ver2
A buffer overflow vulnerability exists in Advantech WebAccess. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
VMware Spring Framework Remote Code Execution (CVE-2018-1270; CVE-2018-1275)
A remote code execution vulnerability exists in VMware Spring Framework. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Wordpress HTTP request Unauthenticated Content Injection - Ver2
A vulnerability exists in Wordpress. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Clipbucket Operating System Command Injection - Ver2
A command injection vulnerability exists in Clipbucket. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Clipbucket Arbitrary PHP Code Execution - Ver2
A remote code execution vulnerability exists in Clipbucket. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
PHPMailer Local Information Disclosure (CVE-2017-5223) - Ver2
An information disclosure vulnerability exists in PHPMailer. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...
Apache Struts2 REST Plugin XStream DoS (CVE-2017-9793) - Ver2
A vulnerability exists in Apache. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
XAttacker Tool Prestashop Addons Arbitrary File Upload - Ver2
A vulnerability exists in XAttacker. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Spring Web Flow SPEL Command Injection (CVE-2017-4971) - Ver2
A command injection vulnerability exists in Spring Web. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Adobe Flash Player Out-of-bounds read (APSB18-08: CVE-2018-4933)
A vulnerability exists in Adobe Flash Player. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Microsoft Internet Explorer Memory Corruption (CVE-2018-0991)
A memory corruption vulnerability exists in Microsoft Internet Explorer. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Excel Remote Code Execution (CVE-2018-0920)
A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Edge Chakra Scripting Engine Memory Corruption (CVE-2018-0993)
A memory corruption vulnerability exists in Microsoft Edge. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Edge Chakra Scripting Engine Memory Corruption (CVE-2018-0995)
A memory corruption vulnerability exists in Microsoft Edge. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Internet Explorer Scripting Engine Memory Corruption (CVE-2018-0988)
A memory corruption vulnerability exists in Microsoft Internet Explorer. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Google Chrome Out Of Bound
A vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Adobe Flash Player Use After Free (APSB18-08: CVE-2018-4932)
A use-after-free vulnerability exists in Adobe Flash Player. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...