13538 matches found
Microsoft Windows GDI Elevation of Privilege (CVE-2018-0817)
A vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Microsoft Edge Chakra Scripting Engine Memory Corruption (CVE-2018-0874)
A memory corruption vulnerability exists in Microsoft Edge. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Internet Explorer Scripting Engine Memory Corruption (CVE-2018-0889)
A memory corruption vulnerability exists in Microsoft Internet Explorer. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows Desktop Bridge Elevation of Privilege (CVE-2018-0880)
A vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Microsoft Office Memory Corruption (CVE-2018-0922)
A memory corruption vulnerability exists in Microsoft Office. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Access Remote Code Execution (CVE-2018-0903)
A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows Desktop Bridge VFS Elevation of Privilege (CVE-2018-0877)
A vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Microsoft Internet Explorer Scripting Engine Memory Corruption (CVE-2018-0935)
A memory corruption vulnerability exists in Microsoft Internet Explorer. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Spelevo Exploit Kit Landing Page
Spelevo exploit kit is a web exploit kit that operates by delivering malicious payload to the victim's computer. Successful infection will allow the attacker to download additional malware to the target...
Google Chrome Type Confusion
A vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Google Chrome Write Barrier Elimination
A vulnerability exists in Google Chrome. The vulnerability is due to a write barrier elimination when parsing kStoreField or kStoreElement. A remote attacker could exploit this vulnerability by enticing the target user to open a specially crafted web page...
Google Chrome Object Create Type Confusion
A type confusion vulnerability exists in Google Chrome. The vulnerability is due to a lack of validation of 'null' prototype objects. A remote attacker could exploit this vulnerability by enticing the target user to open a specially crafted web page...
Google Chrome Out Of Bound Read
A vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Memcached Web-Servers Network Flood Denial of Service (CVE-2018-1000115)
A denial of service vulnerability exists over Memcached. This is due to the way Memcached handles UDP requests. A successful attack could lead to a denial of service...
Google Chrome PropertyArray Integer Overflow
An integer overflow vulnerability exists in Google Chrome. The vulnerability is due to lack of input validation when Google Chrome handles huge number of integers in memory. Successful exploitation of this vulnerability can result in Integer overflow with PropertyArray...
Google Chrome Caching Bug Type Confusion
A type confusion vulnerability exists in Google Chrome. The vulnerability is due to improper handling of objects in memory by the JavaScript engine while compiling code. A remote attacker could exploit this vulnerability by enticing a user to open a malicious web page...
Joomla com_jssupportticket Component Cross-Site Scripting (CVE-2018-6007)
A cross-site scripting vulnerability exists in Joomla comjssupportticket Component. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...
Microsoft Edge Call_RegEx_Symbol_Function Return Type
A Type Confusion vulnerability exists in Microsoft Edge. The vulnerability is that JavaScript regex function doesn't check the return type. Successful exploitation of this vulnerability can achieve Remote Code Execution...
Microsoft Windows EOT Font Engine Information Disclosure (CVE-2018-0755)
An information disclosure vulnerability has been reported in the EOT component of Microsoft Windows operating systems. The vulnerability is due to improper handling of objects in the Windows EOT Font Engine. A remote attacker could exploit this vulnerability by enticing a user to open specially...
WordPress Email Subscribers Newsletters Plugin Information Disclosure (CVE-2018-6015)
An Information Disclosure vulnerability exists in WordPress Email Subscribers & Newsletters plugin. Successful exploitation of this vulnerability would allow a remote attacker to the download the entire e-mail subscriber list from affected system...
Joomla com_jtagmembersdirectory Component Arbitrary File Download (CVE-2018-6008)
An Arbitrary File Download vulnerability exists in Joomla comjtagmembersdirectory Component. Successful exploitation of this vulnerability would allow a remote attacker to download arbitrary files from affected system...
Microsoft Windows EOT Font Engine Information Disclosure (CVE-2018-0761)
An information disclosure vulnerability has been reported in the EOT component of Microsoft Windows operating systems. The vulnerability is due to improper handling of objects in the Windows EOT Font Engine. A remote attacker could exploit this vulnerability by enticing a user to open specially...
uTorrent RPC Remote Code Execution
A remote code execution RCE vulnerability exists in uTorrent RPC. The vulnerability is due to lack of validation on requested RPC methods. A remote attacker can exploit this vulnerability to execute arbitrary code via a specially crafted RPC request...
Invoke-Mimikatz Memory Injection Credential Harvesting
Mimikatz is a post-exploitation tool used to perform cerdential harvesting on a Windows machine. An attacker can use Powershell in order to inject and run Mimikatz into the system's memory...
GrandSoft Exploit Kit Gate
GrandSoft exploit kit is a web exploit kit that operates by delivering malicious payload to the victim's computer. Successful infection will allow the attacker to download additional malware to the target...
GrandSoft Exploit Kit Gate
GrandSoft exploit kit is a web exploit kit that operates by delivering malicious payload to the victim's computer. Successful infection will allow the attacker to download additional malware to the target...
PDFium out-of-bounds read and integer overflow
An out-of-bounds and integer overflow vulnerabilities exists in PDFium. The vulnerabilities is due to an error in parsing a malformed PDF document. Successful exploitation could result in sensitive data exposure and memory corruption...
Google Chrome Runtime_RegExpReplace Integer overflow
An integer overflow vulnerability exists in Google Chrome. The vulnerability is due to lack of input validation when Google Chrome handles huge number of integers in memory. Successful exploitation of this vulnerability can result in Heap overflow...
GrandSoft Exploit Kit Landing Page
GrandSoft exploit kit is a web exploit kit that operates by delivering malicious payload to the victim's computer. Successful infection will allow the attacker to download additional malware to the target...
Microsoft Windows EOT Font Engine Information Disclosure (CVE-2018-0855)
An information disclosure vulnerability exists in the EOT component of Microsoft Windows operating systems. The vulnerability is due to improper handling of objects in the Windows EOT Font Engine. A remote attacker could exploit this vulnerability by enticing a user to open specially crafted...
Multiple Netgear Routers Information Disclosure
An information disclosure vulnerability exists in multiple Netgear routers. Successful exploitation of this vulnerability would allow remote attackers to gain access to sensitive information and gain unauthorized access into the affected system...
Multiple Netgear Routers Command Injection
A command injection vulnerability exists in multiple Netgear routers. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands...
Microsoft Edge Scripting Engine Memory Corruption (CVE-2018-0770)
A remote code execution vulnerability exists in Microsoft Edge. The vulnerability is due to the way the scripting engine handles objects in memory. A remote unauthenticated attacker could exploit this vulnerability by enticing the target user to open a specially crafted web page...
Jenkins CI Unauthenticated Remote Code Execution (CVE-2017-1000353)
A command Injection vulnerability exist in Jenkins. The vulnerability is due to lack of serialized object validation. Successful exploitation could allow an attacker to execute arbitrary code in the target machine...
SpookFlare Meterpreter Reverse Payloads Remote Code Execution
Certain evasion tools obfuscate scripts in order to circumvent inspection by security software. An attacker could use such evasion methods in order to execute arbitrary code on the target, using it to download and execute a malicious payload...
Microsoft Edge Scripting Engine Memory Corruption (CVE-2018-0838)
A memory corruption vulnerability exists in Microsoft Edge. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Edge Scripting Engine Memory Corruption (CVE-2018-0837)
A memory corruption vulnerability exists in Microsoft Edge. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Scripting Engine Memory Corruption (CVE-2018-0858)
A memory corruption vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft StructuredQuery Remote Code Execution (CVE-2018-0825)
A remote code execution vulnerability exists in Microsoft StructuredQuery. The vulnerability is due to a failure of the software to properly handle objects in memory. A remote attacker can exploit this vulnerability by enticing a target victim to open a specially crafted file...
Microsoft Browser Scripting Engine Memory Corruption (CVE-2018-0840)
A memory corruption vulnerability exists in Microsoft Browser. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows Common Log File System Driver Elevation Of Privilege (CVE-2018-0846)
A vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Microsoft Edge Scripting Engine Memory Corruption (CVE-2018-0835)
A memory corruption vulnerability exists in Microsoft Edge. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Edge Scripting Engine Memory Corruption (CVE-2018-0834)
A memory corruption vulnerability exists in Microsoft Edge. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows Kernel Elevation of Privilege (CVE-2018-0756)
A vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Adobe Acrobat and Reader Use After Free (APSB18-02: CVE-2018-4911)
A use-after-free vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Acrobat and Reader Use After Free (APSB18-02: CVE-2018-4913)
A use-after-free vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Acrobat and Reader Use After Free (APSB18-02: CVE-2018-4888)
A use-after-free vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Acrobat and Reader Use After Free (APSB18-02: CVE-2018-4902)
A use-after-free vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Acrobat and Reader Out-of-bounds read (APSB18-02: CVE-2018-4894)
A vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Adobe Acrobat and Reader Out-of-bounds read (APSB18-02: CVE-2018-4909)
A vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...