6867 matches found
Microsoft Windows GDI Component CVE-2019-1095 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 16...
Microsoft ASP.NET Core CVE-2019-0981 Denial of Service Vulnerability
Description Microsoft ASP.NET Core is prone to a remote denial of service vulnerability. An attacker can exploit this issue to cause a denial of service condition. Technologies Affected Microsoft .NET Core 1.0 Microsoft .NET Core 1.1 Microsoft .NET Core 2.1 Microsoft .NET Core 2.2 Microsoft .NET...
Microsoft Windows JET Database Engine CVE-2019-0893 Remote Code Execution Vulnerability
Description Microsoft Windows JET Database Engine is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...
Microsoft Windows DHCP Client CVE-2019-0697 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successfully exploiting this issue may result in the execution of arbitrary code in the context of the affected system. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affecte...
Microsoft Windows 'HTTP.sys' CVE-2018-0956 Denial of Service Vulnerability
Description Microsoft Windows is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microso...
Microsoft Windows Graphics Component CVE-2017-8527 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user to open a malicious file or webpage. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Failed explo...
Microsoft Windows Graphics CVE-2017-0005 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code within the context of the kernel privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...
Symantec Workspace Streaming and Workspace Virtualization Path Traversal and Arbitrary File Read
SUMMARY Symantec Workspace Streaming SWS and Workspace Virtualization SWV management consoles were susceptible to a path traversal in a file download configuration file that could allow a malicious user who could access the vulnerable file to view unauthorized application files of specific file...
PHP 'unserialize()' Denial of Service Vulnerability
Description PHP is prone to a denial-of-service vulnerability. Successful exploits may allow the attacker to cause denial-of-service condition. Technologies Affected PHP PHP 5.6.29 PHP PHP 7.0 PHP PHP 7.0.0 PHP PHP 7.0.0beta3 PHP PHP 7.0.1 PHP PHP 7.0.10 PHP PHP 7.0.11 PHP PHP 7.0.12 PHP PHP 7.0....
SA126 : OpenSSH Vulnerabilities January/April 2016
SUMMARY Blue Coat products that include a vulnerable version of OpenSSH are susceptible to two vulnerabilities. A malicious user with local shell access can escalate their privileges and execute arbitrary code with root privileges. A remote attacker acting as an SSH server can establish trusted X...
Oracle Java SE CVE-2013-5838 Remote Security Vulnerability
Description Oracle Java SE is prone to a remote security vulnerability. The vulnerability can be exploited over multiple protocols. This issue affects the 'Libraries' sub-component. This vulnerability affects the following supported versions: Java SE 7u25, Java SE Embedded 7u25 Technologies...
Microsoft Internet Explorer CVE-2013-2551 Use-After-Free Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability due to a use-after-free condition. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the...
Oracle WebLogic Server CVE-2020-2550 Local Security Vulnerability
Description Oracle WebLogic Server is prone to a local security vulnerability. The 'WLS Core Components' component is affected. This vulnerability affects the following supported versions: 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 Technologies Affected Oracle Weblogic Server 10.3.6.0.0 Oracl...
Oracle Java SE/Java SE Embedded/GraalVM CVE-2020-2604 Remote Security Vulnerability
Description Oracle Java SE/Java SE Embedded/GraalVM are prone to a remote security vulnerability. The vulnerability can be exploited over multiple protocols. This issue affects the 'Serialization' component. This vulnerability affects the following supported versions: Java SE: 7u241, 8u231, 11.0....
Linux kernel CVE-2019-19319 Denial of Service Vulnerability
Description Linux kernel is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service conditions. Linux kernel 5.0.21 is vulnerable. Technologies Affected Linux kernel 5.0.21 Recommendations Permit local access for trusted individuals only. Where...
Oracle Java SE/Java SE Embedded CVE-2019-2988 Remote Security Vulnerability
Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over Multiple protocols. This issue affects the '2D' component. This vulnerability affects the following supported versions: Java SE: 7u231, 8u221, 11.0.4, 13; Java SE...
Microsoft Windows GDI Component CVE-2019-0977 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems...
Microsoft Windows SMB Server CVE-2017-0279 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to execute arbitrary code on the target system. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit...
Microsoft Windows SMB Server CVE-2017-0268 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 16...
SA122 : SMB Vulnerabilities in Windows and Samba (Badlock)
SUMMARY Blue Coat products that include affected versions of Microsoft Windows and Samba are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to hijack connections to view and modify traffic, obtain unauthorized access to user passwords and other...
Microsoft Exchange Server CVE-2016-0030 Spoofing Vulnerability
Description Microsoft Exchange Server is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. The following versions are affected:...
Oracle Java SE CVE-2015-2590 Remote Security Vulnerability
Description Oracle Java SE is prone to a remote security vulnerability. The vulnerability can be exploited over multiple protocols. This issue affects the 'Libraries' sub-component. This vulnerability affects the following supported versions: Java SE 6u95, Java SE 7u80, Java SE 8u45, Java SE...
Microsoft Windows CVE-2015-0014 Telnet Service Buffer Overflow Vulnerability
Description Microsoft Windows is prone to a remote buffer-overflow vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the server. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Avaya Aura Conferencing...
Microsoft ASP.NET SignalR CVE-2013-5042 Cross Site Scripting Vulnerability
Description Microsoft ASP.NET SignalR is prone to a cross-site scripting vulnerability because it fails to properly encode user input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This could allow...
Adobe Acrobat and Reader CVE-2013-0604 Remote Heap Based Buffer Overflow Vulnerability
Description Adobe Acrobat and Reader are prone to a remote heap-based buffer-overflow vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. Note...
SAP Basis Automated Note Search Tool CVE-2020-6307 Remote Authorization Bypass Vulnerability
Description SAP Basis is prone to an authorization-bypass vulnerability. Attackers can exploit this issue to gain unauthorized access and obtain sensitive information. This may aid in further attacks. Technologies Affected SAP Automated Note Search Tool SAP Basis 7.00 SAP Basis 7.01 SAP Basis 7.0...
SQLite CVE-2019-16168 Denial of Service Vulnerability
Description SQLite is prone to a denial of service vulnerability. Attackers can exploit this issue to cause denial-of-service conditions. SQLite 3.29.0 and prior versions are vulnerable. Technologies Affected Oracle Communications Design Studio 7.3.4.3.0 Oracle Communications Design Studio...
Mozilla Firefox and Firefox ESR Multiple Security Vulnerabilities
Description Mozilla Firefox and Firefox ESR are prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code, cause denial-of-service conditions and bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks...
Microsoft SharePoint Server CVE-2019-1328 Spoofing Vulnerability
Description Microsoft SharePoint Server is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft...
Microsoft Windows 'DirectWrite' API CVE-2019-1117 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsof...
Microsoft Windows DHCP Server CVE-2019-0785 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code or cause the DHCP service to become nonresponsive. Technologies Affected Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows...
Microsoft Windows Audio Service CVE-2019-1087 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain the elevated privileges on the system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based System...
Microsoft Windows GDI+ Component CVE-2019-0903 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Technologies Affected...
Microsoft Windows JET Database Engine CVE-2019-0894 Remote Code Execution Vulnerability
Description Microsoft Windows JET Database Engine is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...
Microsoft Windows Kernel CVE-2019-0696 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based...
Microsoft Windows CVE-2019-0766 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Attackers can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows ...
Microsoft .NET Framework CVE-2018-8540 Remote Code Execution Vulnerability
Description Microsoft .NET Framework is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected system. Failed exploit attempts will result in denial-of-service conditions. Technologies Affected Microsoft .NET...
OpenSSL CVE-2018-0734 Side Channel Attack Information Disclosure Vulnerability
Description OpenSSL is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information. This may aid in further attacks. Technologies Affected Bluecoat BCAAA 6.1 IBM AIX 5.3 IBM AIX 6.1 IBM AIX 7.1 IBM Aix 7.2 IBM DataPower Gateway...
cURL/libcURL CVE-2018-1000007 Information Disclosure Vulnerability
Description cURL/libcURL is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. curl 6.0 through 7.57.0 are vulnerable. Technologies Affected Haxx Curl 6.0 Haxx Curl 6.1 Haxx Curl 6.4 Haxx Cu...
SA119 : Multiple NSS Vulnerabilities
SUMMARY Blue Coat products that include affected versions of NSS are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to trigger arbitrary code execution. The attacker can also cause denial of service through application crashes and memory corruption...
Microsoft SharePoint CVE-2014-0251 Multiple Remote Code Execution Vulnerabilities
Description Microsoft SharePoint is prone to multiple remote code-execution vulnerabilities. An attacker can leverage these issues to execute arbitrary code in the context of the W3WP service account user. Technologies Affected Microsoft Office Web Apps 2010 SP1 Microsoft Office Web Apps 2010 SP2...
Adobe Acrobat and Reader U3D Memory Corruption Vulnerability
Description Adobe Acrobat and Reader are prone to a remote memory corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. Technologies...
Microsoft Excel LABEL Record Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Successfully exploiting this issue allows attackers to corrupt process memory and to execute arbitrary code in the context of targeted users. Note that Microsoft Office applications include functionality to embed Offic...
SAP NetWeaver Internet Communication Manager CVE-2020-6304 Denial of Service Vulnerability
Description SAP Netweaver is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service conditions. Technologies Affected SAP Internet Communication Manager ICM SAP NetWeaver 7.21 SAP NetWeaver 7.22 SAP NetWeaver 7.49 SAP NetWeaver 7.53 Recommendatio...
Apache Tomcat CVE-2019-17563 Session Fixation Vulnerability
Description Apache Tomcat is prone to a session-fixation vulnerability. An attacker can exploit this issue to hijack an arbitrary session and gain unauthorized access to the affected application. Apache Tomcat versions 9.0.0.M1 through 9.0.29 are vulnerable. Technologies Affected Apache Tomcat...
SAP NetWeaver Process Integration CVE-2019-0379 Authentication Bypass Vulnerability
Description SAP NetWeaver Process Integration is prone to an authentication-bypass vulnerability. Remote attackers can exploit this issue to bypass the authentication mechanism and gain unauthorized access. SAP NetWeaver Process Integration version 1.0 and 2.0 are vulnerable. Technologies Affecte...
Microsoft Windows CVE-2019-1082 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges on the system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems...
Microsoft Windows Hyper-V CVE-2019-0620 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the host operating system. Failed exploit attempts will result in a denial of service condition. Technologies Affected Microsoft Hyper-V...
Microsoft Azure Active Directory Connect CVE-2019-1000 Remote Privilege Escalation Vulnerability
Description Microsoft Azure Active Directory Connect is prone to a remote privilege-escalation vulnerability. An attacker may exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Technologies Affected Microsoft Azure Active Directory Connect 1.3.20.0...
Microsoft Excel CVE-2018-8379 Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...