1634 matches found
Pulse Connect Secure Code Injection Vulnerability
A code injection vulnerability exists in Pulse Connect Secure that allows an attacker to crafted a URI to perform an arbitrary code execution via the admin web interface...
Adobe BlazeDS Information Disclosure Vulnerability
Adobe BlazeDS, which is utilized in LifeCycle and Coldfusion, contains a vulnerability that allows for information disclosure...
VMware vCenter Server and Cloud Foundation Server Side Request Forgery (SSRF) Vulnerability
VMware vCenter Server and Cloud Foundation Server contain a SSRF vulnerability due to improper validation of URLs in a vCenter Server plugin. This allows for information disclosure...
NETGEAR DGN2200 Remote Code Execution Vulnerability
NETGEAR DGN2200 wireless routers contain a vulnerability that allows for remote code execution...
Adobe ColdFusion Directory Traversal Vulnerability
Adobe Coldfusion contains a directory traversal vulnerability, which could permit an unauthorized user access to restricted directories...
Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability
A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or...
Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability
A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or...
Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability
A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or...
Apache Tomcat Improper Privilege Management Vulnerability
Apache Tomcat treats Apache JServ Protocol AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited...
Cisco IOS, XR, and XE Software Buffer Overflow Vulnerability
Format string vulnerability in the Link Layer Discovery Protocol LLDP subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition or execute arbitrary code with elevated privileges o...
Cisco IOS and IOS XE Software Improper Input Validation Vulnerability
A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow for denial-of-service DoS...
Microsoft Malware Protection Engine Improper Restriction of Operations Vulnerability
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft...
Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability
The Simple Network Management Protocol SNMP subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code...
Cisco IOS Software and Cisco IOS XE Software Denial-of-Service Vulnerability
A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause autonomic nodes of an affected system to reload, resulting in denial-of-service DoS...
Cisco IOS and IOS XE Software Internet Key Exchange Denial-of-Service Vulnerability
A vulnerability in the Internet Key Exchange Version 2 IKEv2 module of Cisco IOS and Cisco IOS XE could allow an unauthenticated, remote attacker to cause high CPU utilization, traceback messages, or a reload of an affected device that leads to a denial of service...
Cisco IOS XE Software Ethernet Virtual Private Network Border Gateway Protocol Denial-of-Service Vulnerability
A vulnerability in the Border Gateway Protocol BGP over an Ethernet Virtual Private Network EVPN for Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload, resulting in a denial of service DoS condition, or potentially corrupt the BGP routing table,...
Microsoft Office Use-After-Free Vulnerability
Microsoft Office contains a use-after-free vulnerability which can allow for remote code execution...
Adobe Flash Player Use-After-Free Vulnerability
Use-after-free vulnerability in Adobe Flash Player Windows and OS and Linux allows remote attackers to execute arbitrary code...
Microsoft Office Memory Corruption Vulnerability
Microsoft Office contains a memory corruption vulnerability that allows remote attackers to execute arbitrary code via a crafted document...
Adobe Reader and Acrobat Use-After-Free Vulnerability
Adobe Reader and Acrobat contain a use-after-free vulnerability which can allow for code execution...
Microsoft Excel Remote Code Execution Vulnerability
A remote code execution vulnerability exists in Microsoft Excel when the software fails to properly handle objects in memory...
Microsoft Exchange Server Privilege Escalation Vulnerability
A privilege escalation vulnerability exists in Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could attempt to impersonate any other user of the Exchange server...
Cisco IOS Software and Cisco IOS XE Software Improper Input Validation Vulnerability
A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow for denial-of-service DoS...
Cisco IOS and IOS XE Software Improper Input Validation Vulnerability
A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsulated option 82 information in DHCP Version 4 DHCPv4 packets can allow for denial-of-service DoS...
Cisco IOS, XR, and XE Software Buffer Overflow Vulnerability
There is a buffer overflow vulnerability in the Link Layer Discovery Protocol LLDP subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software which could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition or execute arbitrary code...
Cisco IOS Software and Cisco IOS XE Software Smart Install Denial-of-Service Vulnerability
A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial-of-service DoS condition...
Cisco IOS and XE Software Internet Key Exchange Memory Leak Vulnerability
A vulnerability in the implementation of Internet Key Exchange Version 1 IKEv1 functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial-of-service DoS condition...
Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability
The Simple Network Management Protocol SNMP subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload...
Cisco Catalyst 6800 Series Switches VPLS Denial-of-Service Vulnerability
A vulnerability in the Virtual Private LAN Service VPLS code of Cisco IOS for Cisco Catalyst 6800 Series Switches could allow an unauthenticated, adjacent attacker to cause a denial of service...
Cisco IOS Software for Cisco Industrial Ethernet Switches PROFINET Denial-of-Service Vulnerability
A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol PN-DCP for Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service...
Microsoft Office Remote Code Execution Vulnerability
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user...
Microsoft Office Security Feature Bypass Vulnerability
A security feature bypass vulnerability exists when Microsoft Office improperly handles input. An attacker who successfully exploited the vulnerability could execute arbitrary commands...
Oracle Java SE Integrity Check Vulnerability
Unspecified vulnerability in Oracle Java SE allows remote attackers to affect integrity via Unknown vectors related to deployment...
Oracle Java SE and Java SE Embedded Remote Code Execution Vulnerability
An unspecified vulnerability exists within Oracle Java Runtime Environment that allows an attacker to perform remote code execution...
Microsoft PowerPoint Memory Corruption Vulnerability
Microsoft PowerPoint allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted Office document...
Microsoft Windows Kernel Privilege Escalation Vulnerability
Microsoft Windows NDProxy.sys in the kernel contains an improper input validation vulnerability which can allow a local attacker to escalate privileges...
Microsoft Internet Explorer Remote Code Execution Vulnerability
This vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer...
Microsoft Office MSCOMCTL.OCX Remote Code Execution Vulnerability
The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in Microsoft Office allows remote attackers to execute arbitrary code via a crafted 1 document or 2 web page that triggers system-state corruption...
Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability
A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or...
Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability
A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or...
Microsoft Windows Installer Privilege Escalation Vulnerability
Microsoft Windows Installer contains an unspecified vulnerability that allows for privilege escalation...
ChakraCore Scripting Engine Type Confusion Vulnerability
The ChakraCore scripting engine contains a type confusion vulnerability which can allow for remote code execution...
Cisco IOS Software Denial-of-Service Vulnerability
A vulnerability in the Login Enhancements Login Block feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service DoS condition...
Cisco IOS Software and Cisco IOS XE Software Quality of Service Remote Code Execution Vulnerability
A vulnerability in the quality of service QoS subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition or execute arbitrary code with elevated privileges...
Cisco IOS Software Integrated Services Module for VPN Denial-of-Service Vulnerability
A vulnerability in the crypto engine of the Cisco Integrated Services Module for VPN ISM-VPN running Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial-of-service DoS condition...
Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability
The Simple Network Management Protocol SNMP subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code...
Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability
The Simple Network Management Protocol SNMP subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code...
Cisco IOS Software and Cisco IOS XE Software UDP Packet Processing Denial-of-Service Vulnerability
A vulnerability in the UDP processing code of Cisco IOS and IOS XE could allow an unauthenticated, remote attacker to cause the input queue of an affected system to hold UDP packets, causing an interface queue wedge and denial of service...
Cisco IOS and IOS XE Software DHCP Remote Code Execution Vulnerability
The Dynamic Host Configuration Protocol DHCP relay subsystem of Cisco IOS and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system...
Cisco IOS Software for Cisco Integrated Services Routers Denial-of-Service Vulnerability
A vulnerability in the implementation of a protocol in Cisco Integrated Services Routers Generation 2 ISR G2 Routers running Cisco IOS could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service...