6867 matches found
Microsoft Office CVE-2018-8310 Security Bypass Vulnerability
Description Microsoft Office is prone to a security bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions; this may aid in launching further attacks. Technologies Affected Microsoft Office 2010 32-bit edition SP2 Microsoft Office 2010 64-bit edition SP2...
Microsoft Internet Explorer CVE-2017-0226 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Internet Explorer 11 and 10 are...
Oracle Java Runtime Environment CVE-2013-0422 Multiple Remote Code Execution Vulnerabilities
Description Oracle Java Runtime Environment is prone to multiple remote code execution vulnerabilities. An attacker can exploit these issues to execute arbitrary code in the context of the application. Versions prior to Oracle JRE 1.7.0 Update 11 are vulnerable. Technologies Affected CentOS CentO...
Atlassian FishEye and Crucible CVE-2019-15009 Unauthorized Access Vulnerability
Description Atlassian FishEye and Crucible are prone to an unauthorized-access vulnerability. Attackers can exploit this issue to gain unauthorized access and perform unauthorized actions. This may aid in further attacks. Versions prior to FishEye and Crucible 4.8.0 are vulnerable. Technologies...
Trend Micro OfficeScan CVE-2019-18187 Directory Traversal Vulnerability
Description Trend Micro OfficeScan is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this issue using directory-traversal characters '../' to access or read arbitrary files that contain sensitive information or t...
JSS CryptoManager CVE-2019-14823 Security Bypass Vulnerability
...
Microsoft Windows CVE-2019-1336 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can leverage this issue to execute arbitrary code in the security context of the local system. Technologies Affected Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10...
Microsoft Internet Explorer Scripting Engine CVE-2019-1367 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Internet...
Microsoft Excel CVE-2019-1110 Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...
Microsoft Visual Studio CVE-2019-1079 XML External Entity Information Disclosure Vulnerability
Description Microsoft Visual Studio is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Visual Studio 2010 SP1 Microsoft Visual Studio 2012 Update 5 Microsoft Visual...
Microsoft Windows 'DirectWrite' API CVE-2019-1093 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 16...
Microsoft Windows JET Database Engine CVE-2019-0905 Remote Code Execution Vulnerability
Description Microsoft Windows JET Database Engine is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...
Microsoft Word CVE-2019-1035 Remote Code Execution Vulnerability
Description Microsoft Word is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...
Microsoft Windows GDI Component CVE-2019-0968 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems...
Microsoft Word CVE-2019-0953 Remote Code Execution Vulnerability
Description Microsoft Word is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...
Microsoft Windows Kernel CVE-2019-0881 Remote Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based...
Linux kernel CVE-2019-19543 Use After Free Denial of Service Vulnerability
Description Linux kernel is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service conditions. Versions prior to Linux kernel 5.1.6 are vulnerable. Technologies Affected Linux kernel 2.6.0 Linux kernel 2.6.1 Linux kernel 2.6.10 Linux kernel 2.6.1...
Microsoft Windows SMB Server CVE-2019-0704 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 16...
Microsoft Windows CVE-2019-0636 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. A local attacker can leverage this issue to disclose sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Versi...
Microsoft .NET Framework CVE-2018-0786 Security Bypass Vulnerability
Description Microsoft .NET Framework is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks. Technologies Affected Microsoft .NET Framework 2.0 Microsoft .NET Framewo...
Apache Groovy CVE-2016-6814 Remote Code Execution Vulnerability
Description Apache Groovy is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition. Apache Groovy 2.4.4...
Microsoft Edge CVE-2016-7288 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Faile...
Microsoft Windows Graphics Component CVE-2016-3209 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft .NET Framework 3.0 SP2 Microsoft .NET Framework 3.5 Microsoft .NET Framewo...
Microsoft Word CVE-2014-1761 Remote Memory Corruption Vulnerability
Description Microsoft Word is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...
Oracle Java SE/Java SE Embedded CVE-2020-2590 Remote Security Vulnerability
Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over 'Kerberos' protocol. This issue affects the 'Security' component. This vulnerability affects the following supported versions: Java SE: 7u241, 8u231, 11.0.5, 13.0....
Microsoft Windows RPCSS CVE-2019-1089 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain the elevated privileges on the system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based System...
Microsoft Skype for Business and Lync Server CVE-2019-1029 Denial of Service Vulnerability
Description Microsoft Skype for Business and Lync Server are prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause the target service to stop responding, denying service to legitimate users. Technologies Affected Microsoft Lync Server 2010 Microsoft Lync...
Microsoft Windows Win32k CVE-2019-0892 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10...
Microsoft Windows SMB Server CVE-2019-0786 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Attackers can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Window...
Microsoft Internet Explorer Scripting Engine CVE-2018-8653 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Internet Explorer 9, 10 and 11 are...
Microsoft Windows Graphics Component CVE-2017-8682 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user to open a malicious file or webpage. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Failed explo...
Microsoft Office CVE-2017-0003 Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote memory-corruption vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected...
Microsoft Office CVE-2016-7290 Information Disclosure Vulnerability
Description Microsoft Office is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Office 2010 Service Pack 2 32-bit editions Microsoft Office 2010 Service Pack 2 64-bi...
Reliable Controls MACH-ProWebCom/Sys CVE-2019-18249 Cross Site Scripting Vulnerability
Description Reliable Controls MACH-ProWebCom/Sys are prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...
Oracle JDeveloper and ADF CVE-2019-2904 Remote Security Vulnerability
Description Oracle JDeveloper and ADF are prone to a remote security vulnerability. The vulnerability can be exploited over the 'HTTP' protocol. The 'ADF Faces' package is affected. This vulnerability affects the following supported versions: 11.1.1.9.0, 12.1.3.0.0, 12.2.1.3.0 Technologies Affect...
Microsoft Windows Win32k CVE-2019-1362 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Syste...
Microsoft Windows GDI Component CVE-2019-1099 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems...
Microsoft Windows LSASS CVE-2019-0972 Remote Denial of Service Vulnerability
Description Microsoft Windows is prone to a remote denial of service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microso...
Microsoft Office Access Connectivity Engine CVE-2019-0945 Remote Code Execution Vulnerability
Description Microsoft Office Access Connectivity Engine is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Office 2010 Service Pack 2 32-bit editions Microsoft Office...
Atlassian JIRA CVE-2019-3403 Information Disclosure Vulnerability
Description Atlassian JIRA is prone to an information-disclosure vulnerability. Successful exploits of this issue lead to the disclosure of sensitive information which may aid in launching further attacks. Jira versions prior to 7.13.3, 8.0.0 through and prior to 8.0.4 and 8.1.0 through and prior...
Microsoft Edge Chakra Scripting Engine CVE-2019-0639 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft Windows Kernel CVE-2018-8611 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based...
Apache Tomcat Vulnerabilities Jan-Aug 2018
SUMMARY Symantec Network Protection products using affected versions of Apache Tomcat are susceptible to multiple security vulnerabilities. A remote attacker, with access to the management interface, can gain unauthorized access to a web application resource or cause denial of service in the Tomc...
SA154: Apache httpd Vulnerabilities June 2017
SUMMARY Symantec Network Protection products using affected versions of Apache httpd are susceptible to multiple security vulnerabilities. A remote attacker, with access to the management interface, can cause denial of service through application crashes or bypass required authentication. AFFECTE...
SA103 : October 2015 NTP Security Vulnerabilities
SUMMARY Blue Coat products using affected 4.2 versions of the NTP software distribution from ntp.org are susceptible to multiple vulnerabilities. A remote attacker may exploit these vulnerabilities to cause denial of service due to application crashes, memory corruption and memory depletion. The...
Microsoft Windows CVE-2014-6332 OLE Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code and gain elevated privileges in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions...
Adobe Acrobat and Reader PDF File Handling JBIG2 Image Remote Code Execution Vulnerability
Description Adobe Acrobat and Reader are prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the application or crash the application, denying service to legitimate users. The issue affects Reader and...
Apache Thrift CVE-2019-0205 Denial of Service Vulnerability
Description Apache Thrift is prone to a denial-of-service vulnerability. Attackers may leverage this issue to cause the application enter into endless loop, denying service to legitimate users. Apache Thrift version 0.12.0 and prior are vulnerable. Technologies Affected Apache Thrift 0.10.0 Apach...
Oracle Java SE/Java SE Embedded CVE-2019-2981 Remote Security Vulnerability
Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over Multiple protocols. This issue affects the 'JAXP' component. This vulnerability affects the following supported versions: Java SE: 7u231, 8u221, 11.0.4, 13; Java S...
Microsoft Team Foundation Server CVE-2019-1076 Cross Site Scripting Vulnerability
Description Microsoft Team Foundation Server is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site...