Microsoft Internet Information Services CVE-2014-8985 Security Bypass Vulnerability

Description Microsoft Internet Information Services is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and gain unauthorized access; this may aid in launching further attacks. Note: This issue was previously titled 'Microsoft...

Linux Kernel CVE-2019-5108 Denial of Service Vulnerability

Description Linux Kernel is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service conditions. Versions prior to Linux kernel 5.3 are vulnerable. Technologies Affected Linux kernel 2.0.0 Linux kernel 2.0.1 Linux kernel 2.0.10 Linux kernel 2.0.11...

PHP CVE-2019-11043 Remote Code Execution Vulnerability

Description PHP is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause a denial-of-service condition. Technologies Affected PHP PHP 7.0 PHP...

Microsoft .NET Framework CVE-2018-8421 Remote Code Execution Vulnerability

Description Microsoft .NET Framework is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected system. Failed exploit attempts will result in denial-of-service conditions. Technologies Affected Microsoft .NET...

Microsoft Office CVE-2018-0802 Memory Corruption Vulnerability

Description Microsoft Office is prone to a memory-corruption vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...

Microsoft Windows SMB Server CVE-2017-0143 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to execute arbitrary code on the target system. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit...

Microsoft IIS FTP Service CVE-2012-2532 Remote Command Injection Vulnerability

Description Microsoft IIS is prone to a remote command-injection vulnerability because it fails to adequately sanitize user-supplied input data. Remote attackers can exploit this issue to execute arbitrary commands with the privileges of the application; this may disclose sensitive information...

Webkit CVE-2019-8835 Memory Corruption Vulnerability

Description Webkit prone to a memory corruption vulnerability. A remote attacker can leverage this issue to execute arbitrary code in the context of the user running the application. Technologies Affected Apple Ipad Mini- Apple Safari 1.1.0 Apple Safari 1.1.1 Apple Safari 1.2.0 Apple Safari 1.2.1...

Microsoft Windows SMB Server CVE-2017-0145 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to execute arbitrary code on the target system. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit...

Microsoft Office CVE-2017-8570 Remote Code Execution Vulnerability

Description Microsoft Office is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...

Microsoft SharePoint Server CVE-2019-0604 Remote Code Execution Vulnerability

Description Microsoft SharePoint Server is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft SharePoint Enterprise Server 2016...

Git CVE-2019-19604 Arbitrary Code Execution Vulnerability

Description Git is prone to an arbitrary code-execution vulnerability. A remote attacker may exploit this issue to execute arbitrary code in the context of the affected application. Failed attempts will likely cause a denial-of-service condition. Git versions prior to 2.20.2, 2.21.x through and...

Microsoft Internet Explorer VBScript Engine CVE-2018-8174 Arbitrary Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to an unspecified arbitrary code-execution vulnerability. Attackers can exploit this vulnerability to execute arbitrary code in the context of the affected application. Note: This issue was previously titled 'Microsoft Internet Explorer Unspecified...

Microsoft Windows SMB Server CVE-2017-0144 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to execute arbitrary code on the target system. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit...

Microsoft .NET Framework CVE-2020-0646 Remote Code Execution Vulnerability

Description Microsoft .NET Framework is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected...

Microsoft Windows IIS Server CVE-2019-1365 Remote Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a remote privilege-escalation vulnerability. Successful exploits will allow an attacker to execute arbitrary code on the target system. Failed attacks may cause denial of service conditions. Technologies Affected Microsoft Windows 10 Version 1607 for 32-b...

OpenSSH CVE-2019-16905 Integer Overflow Vulnerability

Description OpenSSH is prone to an integer overflow vulnerability. Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely cause a denial-of-service condition. OpenSSH versions 7.7 through 7.9 and 8.x prior to...

Microsoft Excel CVE-2011-0098 Heap Based Buffer Overflow Vulnerability

Description Microsoft Excel is prone to a heap-based buffer-overflow vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running t...

Microsoft IIS Authentication Remote Code Execution Vulnerability

Description Microsoft IIS is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. This issue affects IIS 6.0, 7.0 and 7.5...

Microsoft IIS CVE-2012-2531 Password Information Disclosure Vulnerability

Description Microsoft IIS is prone to an information-disclosure vulnerability. An attacker can exploit this vulnerability to obtain sensitive information that may lead to further attacks. Technologies Affected Avaya Conferencing Standard Edition 6.0.1 Microsoft IIS 7.5 Microsoft Windows 7 for...

WebKit CVE-2019-8846 Arbitrary Code Execution Vulnerability

Description WebKit is prone to an arbitrary-code execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely cause a denial-of-service condition. Technologies Affected Apple Safari 1.0.0 Apple...

Adobe Acrobat and Reader Collab 'getIcon()' JavaScript Method Remote Code Execution Vulnerability

Description Adobe Acrobat and Reader are prone to a remote code-execution vulnerability because the software fails to sufficiently sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the application or crash the...

Symantec Security Advisory for Log4j Vulnerability

Summary Symantec products may be susceptible to a flaw in the Apache Log4j 2 library JNDI lookup mechanism. A remote attacker, who can trigger Log4j to log crafted malicious strings, can execute arbitrary code on the target system. Affected Products The following products and product versions are...

Microsoft Internet Explorer Table Element Use After Free Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura...

Microsoft Internet Explorer 'EMBED' Tag Uninitialized Memory Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the computer. Failed attacks m...

Microsoft Charts ActiveX Control Memory Corruption Vulnerability

Description Microsoft Charts ActiveX control is prone to a remote memory-corruption vulnerability. Remote attackers can exploit this issue to execute arbitrary code in the context of the application using the ActiveX control typically Internet Explorer. Successful exploits will compromise the...

Microsoft Office CVE-2017-11882 Memory Corruption Vulnerability

Description Microsoft Office is prone to a memory-corruption vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...

Cisco AnyConnect Secure Mobility Client CVE-2019-16007 Remote Security Bypass Vulnerability

Description Cisco AnyConnect Secure Mobility Client is prone to a remote security-bypass vulnerability. An attacker can exploit this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. This issue is being tracked by Cisco Bug ID CSCvr67149...

Adobe Brackets CVE-2019-8255 Unspecified Command Injection Vulnerability

Description Adobe Brackets is prone to an unspecified command-injection vulnerability. Successfully exploiting this issue may allow an attacker to execute arbitrary code in the context of the affected application. Failed exploit attempts may cause a denial-of-service condition. Brackets 1.14 and...

Microsoft Windows RPC CVE-2017-11885 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to execute arbitrary code on the target system. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit...

Symfony CVE-2019-18889 Multiple Remote Code Execution Vulnerabilities

Description Symfony is prone to multiple remote code-execution vulnerabilities. Successfully exploiting these issues may result in the execution of arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Symfony versio...

Microsoft Exchange CVE-2019-0586 Remote Memory Corruption Vulnerability

Description Microsoft Exchange is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Exchange Server...

Microsoft Windows SMB Server CVE-2017-0146 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to execute arbitrary code on the target system. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit...

Apache Tomcat CVE-2019-0232 Remote Code Execution Vulnerability

Description Apache Tomcat is prone to a remote code-execution vulnerability. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application. Apache Tomcat version 9.0.0.M1 through 9.0.17, 8.5.0 through 8.5.39 and 7.0.0 through 7.0.93 are...

Microsoft Visual Studio CVE-2018-8172 Remote Code Execution Vulnerability

Description Microsoft Visual Studio is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the current-user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...

phpMyAdmin 'setup.php' PHP Code Injection Vulnerability

Description phpMyAdmin is prone to a remote PHP code-injection vulnerability. An attacker can exploit this issue to inject and execute arbitrary malicious PHP code in the context of the webserver process. This may facilitate a compromise of the application and the underlying system; other attacks...

Apache HTTP Server CVE-2019-0211 Local Privilege Escalation Vulnerability

Description Apache HTTP Server is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges on the affected application. Apache HTTP Server versions 2.4.38, 2.4.37, 2.4.35, 2.4.34, 2.4.33, 2.4.30, 2.4.29, 2.4.28, 2.4.27, 2.4.26, 2.4.25,...

Microsoft Windows Kernel 'Win32k.sys' CVE-2018-8120 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1...

Multiple CPU Hardware CVE-2017-5753 Information Disclosure Vulnerability

Description Multiple CPU Hardware are prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected AMD FXtm-8320 Eight-Core Processor AMD PRO A8-9600 R7, 10 COMPUTE CORES 4C+6G ARM Cortex...

Microsoft Windows Win32k CVE-2019-0797 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges. Failed exploit attempts may result in a denial of service condition. Technologies Affected Microsoft Windows 10 Version 1607...

Microsoft Exchange Server CVE-2018-8581 Remote Privilege Escalation Vulnerability

Description Microsoft Exchange Server is prone to a remote privilege-escalation vulnerability. Attackers can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Exchange Server 2010 Microsoft Exchange Server 2013 Microsoft Exchange Server 2016 Microsoft Exchange Server...

Microsoft ASP.NET Core CVE-2018-8171 Security Bypass Vulnerability

Description Microsoft ASP.NET Core is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks. Technologies Affected Microsoft ASP.NET Core 1.0 Microsoft ASP.NET Core 1.1...

Adobe Flash Player CVE-2018-4878 Use After Free Remote Code Execution Vulnerability

Description Adobe Flash Player is prone to an unspecified remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Successf...

Microsoft Windows Remote Desktop Services CVE-2019-0708 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Windows 7 for 32-bit...

Microsoft Windows Kernel 'Win32k.sys' CVE-2018-8589 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1...

Microsoft Windows SMB Server CVE-2019-0633 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to execute arbitrary code on the target system. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit...

Microsoft Windows PowerShell CVE-2018-8256 Remote Code Execution Vulnerability

Description Microsoft Windows PowerShell is prone to a remote code-execution vulnerability. Successfully exploiting this issue may result in the execution of arbitrary code in the context of the affected system. Failed exploit attempts will likely result in denial-of-service conditions...

Microsoft .NET Framework CVE-2015-2504 Remote Privilege Escalation Vulnerability

Description Microsoft .NET Framework is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges in the context of the currently logged-in user; this can also result in the attacker gaining complete control of the affected system...

Microsoft Windows DHCP Client CVE-2019-0547 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. Successfully exploiting this issue may result in the execution of arbitrary code in the context of the affected system. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affecte...

Microsoft Powershell CVE-2018-8415 Tampering Security Bypass Vulnerability

Description Microsoft Powershell is prone to a security bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. Technologies Affected Microsoft PowerShell Core 6.0.0 Microsoft PowerShell Core 6.1.0 Microsoft Windows 10...