6867 matches found
Microsoft Windows Defender CVE-2013-3154 Local Privilege Escalation Vulnerability
Description Microsoft Windows Defender is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the LocalSystem account. Successfully exploiting this issue will result in the complete compromise of affected computer...
Internet Explorer CVE-2010-0249 'srcElement()' Remote Code Execution Vulnerability
Description Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the browser. Successful exploits will compromise the application and possibly the computer. Failed attacks will cause...
Sun Java Runtime Environment and Java Development Kit Multiple Security Vulnerabilities
Description Sun Java Runtime Environment and Java Development Kit are prone to multiple security vulnerabilities. Successful exploits may allow attackers to violate the same-origin policy, obtain sensitive information, bypass security restrictions, run untrusted applets with elevated privileges,...
Microsoft Windows CVE-2020-0635 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Window...
Microsoft Windows Remote Desktop Protocol CVE-2020-0609 Remote Code Execution Vulnerability
Description Microsoft Windows Remote Desktop Protocol is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely cause a denial-of-service condition. Technologies...
phpMyAdmin CVE-2019-19617 Multiple Information Disclosure Vulnerabilities
Description phpMyAdmin is prone to multiple information-disclosure vulnerabilities. An attacker can exploit these issues to gain access to sensitive information that may aid in further attacks. Versions prior to phpMyAdmin 4.9.2 are vulnerable. Technologies Affected phpMyAdmin phpMyAdmin 4.7.7...
Squid Multiple Security Vulnerabilities
Description Squid is prone to the following vulnerabilities: 1. Multiple buffer-overflow vulnerabilities. 2. An information disclosure vulnerability. 3. A cross-site request-forgery vulnerability. 4. An HTTP request-splitting vulnerability 5. A security-bypass vulnerability. Successful...
Oracle Java SE/Java SE Embedded CVE-2019-2958 Remote Security Vulnerability
Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over Multiple protocols. This issue affects the 'Libraries' component. This vulnerability affects the following supported versions: Java SE: 7u231, 8u221, 11.0.4, 13;...
Bouncy Castle Java Cryptography APIs CVE-2019-17359 Denial of Service Vulnerability
Description Bouncy Castle Java Cryptography APIs are prone to a denial-of-service vulnerability. Successful exploitation of this issue will cause excessive resource consumption, resulting in a denial-of-service condition. Bouncy Castle Java Cryptography API 1.63 is vulnerable. Technologies Affect...
PHP CVE-2019-11042 Heap Buffer Overflow Vulnerability
Description PHP is prone to a heap-based buffer-overflow vulnerability. Successfully exploiting this issue allow attackers to execute arbitrary code in the context of the affected application. Failed exploits will result in denial-of-service conditions. PHP versions prior to 7.3.8 are vulnerable...
Microsoft Windows GDI Component CVE-2019-1010 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 16...
Microsoft Windows JET Database Engine CVE-2019-0907 Remote Code Execution Vulnerability
Description Microsoft Windows JET Database Engine is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...
Microsoft Windows JET Database Engine CVE-2019-0900 Remote Code Execution Vulnerability
Description Microsoft Windows JET Database Engine is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...
Microsoft Office CVE-2018-8161 Remote Code Execution Vulnerability
Description Microsoft Office is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...
Microsoft Windows CVE-2018-8136 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successfully exploiting this issue may result in the execution of arbitrary code in the context of the affected system. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affecte...
Microsoft ASP.NET Core CVE-2018-0787 Remote Privilege Escalation Vulnerability
Description Microsoft ASP.NET Core is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft ASP.NET Core 2.0 Recommendations Block external access at the network boundary, unless external parties requi...
Microsoft Office CVE-2017-0243 Remote Code Execution Vulnerability
Description Microsoft Office is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...
Microsoft Windows CVE-2016-3335 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to run processes with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Syste...
SA118 : February 2016 Apache Tomcat Vulnerabilities
SUMMARY Blue Coat products that include affected versions of Apache Tomcat are susceptible to multiple vulnerabilities. A remote attacker, with access to the management interface, can exploit these vulnerabilities to determine the existence of a directory that they are not authorized to view, and...
Microsoft Windows CVE-2015-6125 DNS Use After Free Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits can allow attackers to execute arbitrary code within the context of the Local System Account. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Microsoft...
Microsoft Windows 'Netlogon' RPC CVE-2015-0005 Spoofing Vulnerability
Description Microsoft Windows is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. Attackers can exploit this issue to spoof and impersonate a legitimate user. Other attacks are also possible. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1...
Mozilla Firefox CVE-2013-1689 Denial of Service Vulnerability
Description Mozilla Firefox is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause the application to crash, denying service to legitimate users. This issue is fixed in: Firefox 22 Technologies Affected Mozilla Firefox 10.0 Mozilla Firefox 10.0.1 Mozilla Firefo...
Microsoft Hyper-V VMBus Denial of Service Vulnerability
Description Microsoft Hyper-V is prone to a denial-of-service vulnerability. Using a guest system, a local attacker can exploit this issue to force the Hyper-V server to become unresponsive, denying service to legitimate users. The denial-of-service conditions would also affect other guest...
npm CLI CVE-2019-16776 Arbitrary File Write Vulnerability
Description npm CLI is prone to an arbitrary file-write vulnerability. Successful exploits may allow an attacker to gain access or perform unauthorized actions on arbitrary files on the affected system. Versions prior to npm 6.13.3 are vulnerable. Technologies Affected Oracle GraalVM Enterprise...
Symantec Norton Password Manager CVE-2019-19545 Cross-Origin Security Bypass Vulnerability
Description Symantec Norton Password Manager is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. Versions prior to Symantec Norton Password Manager...
Linux Kernel CVE-2019-19524 Local Denial of Service Vulnerability
Description Linux Kernel is prone to a local denial-of-service vulnerability. Local attackers can exploit this issue to cause denial-of-service conditions. Linux Kernel versions prior to 5.3.12 are vulnerable. Technologies Affected Linux kernel 2.0.0 Linux kernel 2.0.1 Linux kernel 2.0.10 Linux...
Magento CMS CVE-2019-8144 Remote Code Execution Vulnerability
Description Magento CMS is prone to a remote code-execution vulnerability. Successfully exploiting this issue may allow an attacker to execute arbitrary code in the context of the affected application. Failed exploit attempts may cause a denial-of-service condition. Magento version 2.3 prior to...
Cisco Email Security Appliance CVE-2019-12706 Remote Security Bypass Vulnerability
Description Cisco Email Security Appliance is prone to a remote security-bypass vulnerability. An attacker can exploit this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. This issue is being tracked by Cisco Bug ID CSCvq35034. Cisco AsyncO...
Microsoft Windows Audio Service CVE-2019-1086 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain the elevated privileges on the system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based System...
Microsoft Edge Scripting Engine CVE-2019-0990 Information Disclosure Vulnerability
Description Microsoft Edge is prone to an information disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Edge Recommendations Run all software as a nonprivileged user with minimal acce...
Microsoft Windows Kernel CVE-2019-1044 Local Security Bypass Vulnerability
Description Microsoft Windows is prone to a local security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1809 for 32-bit Systems...
Microsoft Windows GDI Component CVE-2019-1015 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems...
Microsoft Windows Kernel CVE-2019-1065 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based...
Microsoft Edge Chakra Scripting Engine CVE-2019-1051 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft Windows Audio Service CVE-2019-1028 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain the elevated privileges on the system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based System...
Microsoft Edge CVE-2019-0926 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Edge Recommendations...
Microsoft Windows Storage Service CVE-2019-0931 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain the elevated privileges on the system. Failed exploit attempts may result in a denial of service condition. Technologies Affected Microsoft Windows 10 Version 1709 for...
Microsoft Windows Defender Application Control CVE-2019-0733 Local Security Bypass Vulnerability
Description Microsoft Windows is prone to a local security-bypass vulnerability. A local attacker can leverage this issue to bypass certain security restrictions and perform unauthorized actions. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Versi...
FasterXML Jackson-databind Deserialization Multiple Remote Code Execution Vulnerabilities
Description FasterXML Jackson-databind is prone to multiple remote-code execution vulnerabilities. Successfully exploiting these issues allow attackers to execute arbitrary code in the context of the affected application. Failed exploits will result in denial-of-service conditions. Jackson-databi...
Microsoft Windows Kernel CVE-2018-8419 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information, bypass certain security restrictions and perform unauthorized actions. Successful exploits may lead to other attacks. Technologies Affect...
Microsoft Excel CVE-2018-8375 Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...
Redis CVE-2018-12326 Buffer Overflow Vulnerability
Description Redis is prone to a buffer overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to execute arbitrary code in the context of a user running the affected application and gain elevated privileges. Failed...
Microsoft Outlook CVE-2018-0852 Memory Corruption Vulnerability
Description Microsoft Outlook is prone to a remote memory-corruption vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected...
Microsoft Outlook CVE-2018-0850 Remote Privilege Escalation Vulnerability
Description Microsoft Outlook is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Office 2016 Click-to-Run C2R for 32-bit edition Microsoft Office 2016 Click-to-Run C2R for 64-bit edition Microsof...
Microsoft Windows Search CVE-2017-8620 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to execute arbitrary code on the target system. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit...
Microsoft Windows Kerberos CVE-2017-8495 Security Bypass Vulnerability
Description Microsoft Windows is prone to a security-bypass vulnerability. Successfully exploiting this issue may allow attackers to bypass certain security restrictions and perform unauthorized actions by conducting a man-in-the-middle attack. This may lead to other attacks. Technologies Affecte...
Microsoft Internet Explorer CVE-2017-8618 Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of...
Microsoft Office CVE-2016-7277 Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote memory-corruption vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected...
SA128 : Multiple PCRE Vulnerabilities
SUMMARY Blue Coat products that include vulnerable versions of the PCRE and GLib2 libraries are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to execute arbitrary code and obtain sensitive information. The attacker can also cause denial of service...
Microsoft Internet Explorer CVE-2014-6373 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...