6867 matches found
Microsoft Windows Graphics CVE-2017-0001 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code within the context of the kernel privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...
Microsoft Windows and Edge CVE-2016-3319 Remote Code Execution Vulnerability
Description Microsoft Windows and Edge are prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affecte...
Adobe Flash Player CVE-2015-7645 Remote Code Execution Vulnerability
Description Adobe Flash Player is prone to an unspecified remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. The...
Microsoft ASP.NET Core CVE-2020-0602 Denial of Service Vulnerability
Description Microsoft ASP.NET Core is prone to a remote denial of service vulnerability. An attacker can exploit this issue to cause a denial of service condition. Technologies Affected Microsoft ASP.NET Core 2.1 Microsoft ASP.NET Core 3.0 Microsoft ASP.NET Core 3.1 Recommendations Block external...
Linux Kernel CVE-2019-19332 Local Denial of Service Vulnerability
Description Linux Kernel is prone to a local denial-of-service vulnerability. Attackers can exploit this issue to crash the affected application, denying service to legitimate users. Technologies Affected Linux kernel 2.0.0 Linux kernel 2.0.1 Linux kernel 2.0.10 Linux kernel 2.0.11 Linux kernel...
Linux Kernel Multiple Denial of Service Vulnerabilities
Description Linux Kernel is prone to multiple denial-of-service vulnerabilities. Local attackers can exploit these issues to cause denial-of-service conditions. Linux Kernel versions prior to 5.2.9 are vulnerable. Technologies Affected Linux kernel 2.0.0 Linux kernel 2.0.1 Linux kernel 2.0.10 Lin...
Apache POI CVE-2019-12415 XML External Entity Information Disclosure Vulnerability
Description Apache POI is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information that may lead to further attacks. Apache POI version 4.1.0 and prior are vulnerable. Technologies Affected Apache POI 0.1 Apache POI 0.10.0 Apache...
Sophos Cyberoam Firewall CVE-2019-17059 Remote Code Execution Vulnerability
Description Sophos Cyberoam Firewall is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Sophos CyberoamOS 10.6.6 MR-5 and prior are vulnerable. Technologies Affected Sophos CyberoamOS 10.6.6...
Samba CVE-2019-10197 Privilege Escalation Vulnerability
Description Samba is prone to a privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. This issue has been fixed in Samba 4.9.13, 4.10.8 and 4.11.0rc3. Technologies Affected IBM Watson Studio Local 1.2.3 Redhat Enterprise Linux 7 Redhat Enterprise Linu...
Microsoft Windows CVE-2018-8210 Arbitrary Code Execution Vulnerability
Description Microsoft Windows is prone to an arbitrary code-execution vulnerability. A local attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft...
Microsoft PowerPoint CVE-2017-8743 Remote Code Execution Vulnerability
Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected...
Microsoft Internet Explorer and Edge CVE-2017-8750 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer and Edge are prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currentl...
Microsoft Exchange Server CVE-2017-8559 Remote Privilege Escalation Vulnerability
Description Microsoft Exchange Server is prone to a remote privilege-escalation vulnerability. Attackers can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Exchange Server 2013 Cumulative Update 16 Microsoft Exchange Server 2013 SP1 Microsoft Exchange Server 2016...
Microsoft Office CVE-2017-8509 Remote Code Execution Vulnerability
Description Microsoft Office is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...
Microsoft Office CVE-2016-3313 Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in deni...
Microsoft Windows GDI+ CVE-2015-1671 TrueType Font Handling Remote Code Execution Vulnerability
Description Microsoft Windows GDI+ is prone to a remote code-execution vulnerability. Successful exploits can allow attackers to execute arbitrary code with kernel-level privileges. Failed exploit attempts may result in a denial-of-service condition. Technologies Affected Avaya CallPilot 4.0 Avay...
Apple Xcode CVE-2019-8840 Arbitrary Code Execution Vulnerability
Description Apple Xcode is prone to an arbitrary code-execution vulnerability. Attackers can leverage this issue to execute arbitrary code in the context of the user running the application. Failed exploit attempts may result in a denial-of-service condition. Versions prior to Xcode 11.3 are...
Openssl CVE-2019-1551 Integer Overflow Vulnerability
Description Openssl is prone to an integer-overflow vulnerability. An attacker can exploit this issue to perform unauthorized actions; this may aid in launching further attacks. OpenSSL versions 1.1.1 and 1.0.2 are vulnerable. Technologies Affected OpenSSL Project OpenSSL 1.0.2 OpenSSL Project...
ISC BIND CVE-2019-6477 Remote Denial of Service Vulnerability
Description ISC BIND is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Technologies Affected ISC Bind 9.11.0 ISC Bind 9.11.2 ISC Bind 9.11.3 ISC Bind 9.11.4 ISC Bind 9.11.5 ISC Bind 9.11.6 ISC Bind 9.11.7 ISC Bind 9.11...
Oracle Banking Digital Experience CVE-2019-3019 Remote Security Vulnerability
Description Oracle Banking Digital Experience is prone to a remote security vulnerability. The vulnerability can be exploited over the 'HTTP' protocol. The 'Loan Calculator' component is affected. This vulnerability affects the following supported versions: 18.1, 18.2, 18.3, 19.1 Technologies...
Microsoft Windows CVE-2019-1347 Denial of Service Vulnerability
Description Microsoft Windows is prone to a denial of service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft...
Microsoft Windows 'HTTP.sys' CVE-2019-9511 Denial of Service Vulnerability
Description Microsoft Windows is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause the affected system to become unresponsive, resulting in a denial-of-service condition. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems...
Eclipse Jetty CVE-2019-10241 Cross Site Scripting Vulnerability
Description Eclipse Jetty is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Remote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow...
Microsoft Internet Explorer and Edge CVE-2017-8741 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer and Edge are prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currentl...
OS Command Injection in Security Analytics
Summary The Symantec Security Analytics web UI is susceptible to an OS command injection vulnerability. A remote unauthenticated attacker, who has access to the Security Analytics web UI, can execute arbitrary OS commands on the target with elevated privileges. Affected Products The following...
Adobe Experience Manager APSB19-48 Multiple Security Vulnerabilities
Description Adobe Experience Manager is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary script code in the context of the affected website. This may allow the attacker to steal cookie-based authentication credentials, to gain access to sensitive...
Oracle Java SE/Java SE Embedded CVE-2019-2992 Remote Security Vulnerability
Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over Multiple protocols. This issue affects the '2D' component. This vulnerability affects the following supported versions: Java SE: 7u231, 8u221, 11.0.4, 13; Java SE...
FasterXML Jackson-databind CVE-2019-17531 Remote Code Execution Vulnerability
Description FasterXML Jackson-databind is prone to a remote-code execution vulnerability. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application. Failed exploits will result in denial-of-service conditions. FasterXML jackson-databi...
Microsoft Windows Remote Desktop Services CVE-2019-1182 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected system. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Windows 10 Version 1607 for...
Microsoft Internet Explorer Scripting Engine CVE-2019-0988 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Internet...
Microsoft Azure DevOps Server CVE-2019-0996 Spoofing Vulnerability
Description Microsoft Azure DevOps Server is prone to a spoofing vulnerability. An attacker can exploit this issue to conduct spoofing attacks and to bypass certain security restrictions and perform unauthorized actions. This may lead to other attacks. Technologies Affected Microsoft Azure DevOps...
Microsoft Office SharePoint CVE-2019-0778 Cross Site Scripting Vulnerability
Description Microsoft Office SharePoint is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This...
Microsoft Windows JET Database Engine CVE-2019-0597 Remote Code Execution Vulnerability
Description Microsoft Windows JET Database Engine is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...
Microsoft COM for Windows CVE-2018-8349 Remote Code Execution Vulnerability
Description Microsoft COM for Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Failed exploit attempts may result in a denial of service condition. Technologies Affected Microsoft Windows ...
Microsoft Internet Explorer Scripting Engine CVE-2017-11906 Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to an information-disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. Internet Explorer 9, 10 and 11 are vulnerable. Technologies Affected Microsoft Internet Explorer 1...
Microsoft Internet Explorer Scripting Engine CVE-2017-11903 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Internet Explorer 9, 10 and 11 are...
Symantec Encryption Desktop DoS
SUMMARY Symantec has released an update to address an issue in the Symantec Encryption Desktop product. AFFECTED PRODUCTS Symantec Encryption Desktop SED --- CVE | Affected Versions | Remediation CVE-2017-6330 | Prior to 10.4.1MP2 | Upgrade to 10.4.1MP2 ISSUES CVE-2017-6330 --- Severity/CVSSv3: |...
Microsoft Windows Explorer CVE-2017-8463 Remote Code Execution Vulnerability
Description Microsoft Windows Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Windows 10...
Microsoft Windows HelpPane CVE-2017-0100 Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a privilege-escalation vulnerability. Successful exploits may allow an attacker to execute arbitrary code in the context of another user's session. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 160...
Microsoft Windows Graphics Component CVE-2016-7272 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits may allow an attacker to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Windows 10...
Microsoft Windows PDF Library CVE-2016-0058 Buffer Overflow Vulnerability
Description Microsoft Windows PDF library is prone to a buffer-overflow vulnerability because it fails to adequately bounds check user-supplied data before copying it to an insufficiently sized memory buffer.. An attacker can leverage this issue to execute arbitrary code in the context of the...
Microsoft Internet Explorer CVE-2015-6051 Remote Privilege Escalation Vulnerability
Description Microsoft Internet Explorer is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Internet Explorer 10 and 11 are vulnerable. Technologies Affected Microsoft Internet...
Microsoft Office CVE-2015-2545 Remote Code Execution Vulnerability
Description Microsoft Office is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...
Microsoft Windows CVE-2015-1644 Remote Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain admin privileges on a targeted system. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya CallPilot 5.0.1 Avaya CallPilot 5.1.0...
FasterXML Jackson-databind CVE-2019-14540 Information Disclosure Vulnerability
Description FasterXML Jackson-databind is prone to an information-disclosure vulnerability. An attacker can exploit this issue to obtain sensitive information that may aid in further attacks. FasterXML jackson-databind versions prior to 2.9.10 are vulnerable. Technologies Affected FasterXML...
SQLite Multiple Security Vulnerabilities
Description SQLite is prone to the following security vulnerabilities. 1. Multiple denial-of-service vulnerabilities 2. Multiple security vulnerabilities An attacker can exploit these issues to cause denial-of-service conditions. SQLite version 3.30.1 is vulnerable. Technologies Affected Redhat...
Cisco IOS and IOS XE Software CVE-2019-16009 Cross Site Request Forgery Vulnerability
Description Cisco IOS and IOS XE Software are prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain unauthorized actions and gain access to the affected application. Other attacks are also possible. This issue is being tracked by...
Google Android Kernel Component CVE-2020-0009 Local Privilege Escalation Vulnerability
Description Google Android is prone to a local privilege escalation vulnerability. Attackers can exploit this issue to execute arbitrary code within the context of a privileged process. This issue is being tracked by Android Bug ID A-142938932. Technologies Affected Google Android Recommendations...
Linux kernel CVE-2019-19319 Denial of Service Vulnerability
Description Linux kernel is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service conditions. Linux kernel 5.0.21 is vulnerable. Technologies Affected Linux kernel 5.0.21 Recommendations Permit local access for trusted individuals only. Where...
Microsoft Windows CVE-2019-1340 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain the elevated privileges on the affected system. Technologies Affected Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1803 for...