293 matches found
SRC-2018-0029 : Microsoft Windows Jet Database Engine Out-Of-Bounds Write Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exist...
SRC-2016-0000 : ATutor LMS login_functions.inc.php Password Hash Usage Authentication Bypass Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to bypass authentication on vulnerable installations of ATutor. User interaction is not required to exploit this vulnerability. The specific flaw exists within the handling of challenges for authentication. The implementation of th...
SRC-2019-0061 : Adobe Photoshop CC ASCII85Decode filter Heap Buffer Overflow Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Photoshop CC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exis...
SRC-2019-0039 : Cisco Prime Infrastructure SampleFileDownloadServlet Directory Traversal Information Disclosure Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Cisco Prime Infrastructure. Authentication is required to exploit this vulnerability. The specific flaw exists within the SampleFileDownloadServlet servlet. The issue...
SRC-2019-0013 : Windows Jet Database Engine TblPage CreateColumns Out-Of-Bounds Read Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exist...
SRC-2019-0014 : Oracle Application Testing Suite UploadServlet External Entity Injection Information Disclosure Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Oracle Application Testing Suite. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UploadServlet servlet. Due to the...
SRC-2017-0005 : Nitro PDF Pro Doc.saveAs and App.launchURL Remote Code Execution Vulnerabilities
Vulnerability Details: These vulnerabilities allow remote attackers to execute arbitrary code on vulnerable installations of Nitro PDF Reader and Nitro PDF Reader Pro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious fil...
SRC-2020-0020 : Microsoft SharePoint Server ExchangeAutodiscover GetDataFromURL Blind Server-Side Request Forgery Tampering Vulnerability
Vulnerability Details: This vulnerability allows remote attackers escalate privileges under certain conditions. Authentication is required to exploit this vulnerability. The specific flaw exists within the GetFreeBusyStatusForOneUser function inside of the AsynchronousWebPartService class. The...
SRC-2017-0002 : Adobe Acrobat Pro DC ImageConversion TIFF Parsing Use-After-Free Read Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
SRC-2017-0021 : Hewlett Packard Enterprise Intelligent Management Center selViewNavContent Expression Language Injection Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be...
SRC-2020-0007 : Cisco Data Center Network Manager SystemFileDAO deleteFile Directory Traversal Denial of Service Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco Data Center Network Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...
SRC-2019-0079 : Adobe Acrobat Pro DC Type PostScript File Out-of-Bounds Read Information Disclosure Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific...
SRC-2019-0064 : Adobe Photoshop CC Type 2 Font Charstring error Type Confusion Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Photoshop CC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exis...
SRC-2019-0067 : Adobe Acrobat Pro DC Type 2 Charstring put Out-of-Bounds Read Information Disclosure Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific...
SRC-2019-0015 : Oracle Application Testing Suite ActionServlet processFileUpload Directory Traversal Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Application Testing Suite. Authentication is required to exploit this vulnerability. The specific flaw exists within the ActionServlet servlet's processFileUpload...
SRC-2019-0042 : Hewlett Packard Enterprise Intelligent Management Center ForwardRedirect Expression Language Injection Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be...
SRC-2019-0056 : Hewlett Packard Enterprise Intelligent Management Center imcrs ConfFileResource renameFile Directory Traversal Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be...
SRC-2020-0021 : Microsoft SharePoint Server SPHashtagHelper MakeOLSGetRequest Server-Side Request Forgery Information Disclosure Vulnerability
Vulnerability Details: This vulnerability allows remote attackers disclose information and/or escalate privileges under certain conditions. Authentication is required to exploit this vulnerability. The specific flaw exists within the CallOLS function inside of the SPHashtagStoreManager class. The...
SRC-2019-0059 : Adobe Photoshop CC Type 1 Font FontInfo dictionary Type Confusion Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Photoshop CC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exis...
SRC-2019-0075 : Adobe Acrobat Pro DC Type 2 Charstring put Integer Overflow Information Disclosure Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific...
SRC-2019-0023 : Adobe Acrobat Pro DC Distiller PostScript File Parsing dvips TeXDict Type Confusion Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
SRC-2019-0021 : Adobe Acrobat Pro DC Distiller PostScript File Parsing Use-After-free Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
SRC-2019-0005 : Foxit Reader SDK ActiveX Pro createDataObject File Write Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader SDK ActiveX Pro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific...
SRC-2019-0046 : Hewlett Packard Intelligent Management Center Standard AirWaveApConvergedDaoImpl readListBySql SQL Injection Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be...
SRC-2017-0006 : Adobe Digital Editions ePub Container File External Entity Processing Information Disclosure Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Digital Editions. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specif...
SRC-2016-0042 : Microsoft Office Word OneTableDocumentStream Integer Underflow Information Disclosure Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to disclose information on vulnerable installations of Microsoft Office Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
SRC-2016-0038 : Microsoft Office Excel EOF Record Type Confusion Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
SRC-2016-0021 : Microsoft Office Excel BIFFRecord Length Out-of-Bounds Read Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
SRC-2016-0035 : Microsoft Internet Explorer HyperlinkString Out-of-Bounds Read Information Disclosure Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to disclose information on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific fl...
SRC-2016-0024 : Oracle Knowledge Management Castor Library XML External Entity Injection Information Disclosure Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to disclose arbitrary file contents on vulnerable installations of Oracle Knowledge Management. Authentication is not required to exploit this vulnerability. The specific flaw exists within the TestClient.jsp script using the...
SRC-2019-0080 : Adobe Acrobat Pro DC Type PostScript File Type Confusion Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
SRC-2019-0022 : Adobe Acrobat Pro DC Distiller DCTDecode JPEG parsing SOS Marker Out-of-Bounds Read Information Disclosure Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific...
SRC-2018-0022 : Adobe Acrobat Pro DC HTML2PDF HTML Parsing window getMatchedCSSRules Use-After-Free Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
SRC-2019-0016 : Adobe Acrobat Pro DC Distiller PostScript File Parsing TBuildCharDict grestore Use-After-Free Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
SRC-2017-0003 : Adobe Acrobat Pro DC ImageConversion EMF Parsing iType Out-Of-Bounds Read Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
SRC-2016-0043 : Microsoft Office Word Array Indexing Out-Of-Bounds Read Information Disclosure Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to disclose information on vulnerable installations of Microsoft Office Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
SRC-2016-0036 : Microsoft Office Excel Binary Worksheet Use-After-Free Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
SRC-2016-0039 : Microsoft Windows PDF Library PostScript Calculator Out-of-Bounds Read Information Disclosure Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of the Microsoft Windows PDF Library. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file...
SRC-2020-0029 : Microsoft SharePoint Server DataFormParameter ParameterBinding Elevation of Privilege Vulnerability
Vulnerability Details: This vulnerability allows remote attackers escalate privileges on affected installations of Microsoft SharePoint Server when form based authentication is enabled. Authentication is required to exploit this vulnerability. The specific flaw exists within the Evaluate function...
SRC-2019-0076 : Adobe Acrobat Pro DC Type 2 Charstring put Out-of-Bounds Write Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
SRC-2019-0008 : Foxit Reader SDK ActiveX Link Launch Action Command Injection Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader SDK ActiveX Pro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific...
SRC-2018-0024 : Adobe Flash Player SWF Parsing Out-of-Bounds Read Information Disclosure Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific...
SRC-2018-0027 : Foxit Reader DataView Uninitialized Object Information Disclosure Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
SRC-2016-0037 : Microsoft Office Excel Binary Worksheet Use-After-Free Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
SRC-2017-0013 : Hewlett Packard Enterprise Intelligent Management Center eventInfo_content Expression Language Injection Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be...
SRC-2021-0003 : Microsoft SharePoint Server SPSqlDataSource Information Disclosure Vulnerability (patch bypass)
Vulnerability Details: This vulnerability allows remote attackers to disclose sensitive information on affected installations of SharePoint Server. Authentication is required to exploit this vulnerability. The specific flaw exists within the SPSqlDataSource class. The issue results from the lack ...
SRC-2020-00 : Foxit Reader XObject Stream Uninitialized Object Information Disclosure Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exis...
SRC-2019-0058 : Adobe Photoshop CC Type 2 Font Charstring callothersubr Type Confusion Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Photoshop CC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exis...
SRC-2019-0062 : Adobe Photoshop CC ASCII85Decode filter Heap Buffer Overflow Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Photoshop CC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exis...
SRC-2019-0068 : Adobe Acrobat Pro DC Type 2 Charstring put Out-of-Bounds Write Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...