6867 matches found
Microsoft Windows Search CVE-2017-8620 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to execute arbitrary code on the target system. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit...
Microsoft Windows Kerberos CVE-2017-8495 Security Bypass Vulnerability
Description Microsoft Windows is prone to a security-bypass vulnerability. Successfully exploiting this issue may allow attackers to bypass certain security restrictions and perform unauthorized actions by conducting a man-in-the-middle attack. This may lead to other attacks. Technologies Affecte...
Microsoft Internet Explorer CVE-2017-8618 Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of...
Microsoft Office CVE-2016-7277 Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote memory-corruption vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected...
SA128 : Multiple PCRE Vulnerabilities
SUMMARY Blue Coat products that include vulnerable versions of the PCRE and GLib2 libraries are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to execute arbitrary code and obtain sensitive information. The attacker can also cause denial of service...
Microsoft Internet Explorer CVE-2014-6373 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft .NET Framework CVE-2014-0295 ASLR Security Bypass Vulnerability
Description Microsoft .NET Framework is prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. Technologies Affected Avaya Aura Conferencing 6.0 SP1...
Oracle Java SE CVE-2013-1493 Remote Code Execution Vulnerability
Description Oracle Java SE is prone to a remote code execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the application. This vulnerability affects the following supported versions: JDK and JRE 7 Update 15 and prior JDK and JRE 6 Update 41 and...
PGP Desktop Unsigned Data Insertion
SUMMARY PGP Desktop versions are vulnerable to a data insertion vulnerability. Unsigned insecure data could be inserted into OpenPGP messages signed by a trusted source. When the message is decrypted and verified, PGP Desktop may incorrectly identify the message as being fully valid. AFFECTED...
Oracle WebLogic Server CVE-2020-6950 Remote Security Vulnerability
Description Oracle WebLogic Server is prone to a remote security vulnerability. The vulnerability can be exploited over the 'HTTP' protocol. The 'Web Container JavaServer Faces' component is affected. This vulnerability affects the following supported versions: 12.2.1.3.0, 12.2.1.4.0 Technologies...
Microsoft PowerPoint CVE-2019-1462 Remote Code Execution Vulnerability
Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected...
AMD 'ATIDXX64.DLL' Driver CVE-2019-5098 Denial of Service Vulnerability
Description An AMD ATI driver is prone to denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Due to the nature of this issue, code execution may be possible but this has not been confirmed. Technologies Affected AMD ATI Radeon AMD ATI Radeo...
Linux kernel CVE-2019-19377 Use After Free Denial of Service Vulnerability
Description Linux kernel is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service conditions. Linux kernel version 5.0.21 is vulnerable. Technologies Affected Linux kernel 5.0.21 Recommendations Permit local access for trusted individuals only...
Linux Kernel 'marvell/mwifiex/tdls.c' Local Heap Buffer Overflow Vulnerability
Description Linux Kernel is prone to a local heap-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. An attacker can exploit this issue to cause a denial-of-service condition or to execute...
Adobe Acrobat and Reader APSB19-49 Multiple Information Disclosure Vulnerabilities
Description Adobe Acrobat and Reader are prone to multiple information-disclosure vulnerabilities. An attacker can exploit these issues to gain access to sensitive information that may aid in further attacks. Technologies Affected Adobe Acrobat 2017.008.30051 Adobe Acrobat 2017.011.30059 Adobe...
Multiple SAP Products CVE-2019-0381 DLL Loading Local Privilege Escalation Vulnerability
Description Multiple SAP Products are prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. The following SAP products are affected: SAP IQ version 16.1 is vulnerable SAP SQL Anywhere version 17.0 is vulnerable SAP Dynamic Tierin...
Eclipse Mojarra CVE-2019-17091 Cross Site Scripting Vulnerability
Description Eclipse Mojarra is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may all...
Linux Kernel CVE-2019-16995 Local Denial of Service Vulnerability
Description Linux Kernel is prone to a local denial-of-service vulnerability. An attacker can exploit this issue to cause a local denial-of-service condition; other attacks may also be possible. Linux kernel prior to 5.0.3 are vulnerable. Technologies Affected Linux kernel 2.6.0 Linux kernel 2.6....
OpenSSL CVE-2019-1547 Information Disclosure Vulnerability
Description OpenSSL is prone to a information-disclosure vulnerability. Successfully exploiting this issue allows local attackers to recover the key during an ECDSA signature operation. Information harvested may aid in further attacks. Technologies Affected OpenSSL Project OpenSSL 1.0.2 OpenSSL...
Microsoft Windows LNK CVE-2019-1188 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to execute arbitrary code on the target system. Failed attacks may cause denial of service conditions. Technologies Affected Microsoft Windows 10 Version 1709 for ARM64-base...
Microsoft Windows GDI Component CVE-2019-1009 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems...
Microsoft Windows Hyper-V CVE-2019-0711 Denial of Service Vulnerability
Description Microsoft Windows is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Technologies Affected Microsoft Hyper-V Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-bas...
Microsoft Edge Chakra Scripting Engine CVE-2019-1003 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft Internet Explorer CVE-2019-0921 Spoofing Vulnerability
Description Microsoft Internet Explorer is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft...
Microsoft SharePoint Server CVE-2019-0958 Remote Privilege Escalation Vulnerability
Description Microsoft SharePoint Server is prone to a remote privilege-escalation vulnerability. An attacker may exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Technologies Affected Microsoft SharePoint Foundation 2013 SP1 Microsoft SharePoint Serv...
Microsoft Windows JET Database Engine CVE-2019-0896 Remote Code Execution Vulnerability
Description Microsoft Windows JET Database Engine is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...
Microsoft Windows Deployment Services TFTP Server CVE-2019-0603 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code with elevated permissions on a target system. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...
Microsoft Edge CVE-2018-8383 Spoofing Vulnerability
Description Microsoft Edge is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft Edge...
SA161: Local Information Disclosure Due to Meltdown and Spectre Attacks
SUMMARY Symantec Network Protection products, which run on an affected CPU chipset and execute arbitrary code from external sources, are susceptible to several information disclosure vulnerabilities aka Meltdown and Spectre attacks. A remote attacker, with the ability to execute arbitrary code...
Microsoft Windows Bluetooth Driver CVE-2017-8628 Man in the Middle Spoofing Vulnerability
Description Microsoft Windows is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft Windows 10...
Microsoft Office CVE-2017-8510 Remote Code Execution Vulnerability
Description Microsoft Office is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...
Microsoft Windows SMB Server CVE-2017-0276 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 16...
Microsoft Windows Kernel CVE-2017-0167 Information Disclosure Vulnerability
Description Microsoft Windows is prone to a information-disclosure vulnerability. An attacker can leverage this issue to disclose sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for...
Microsoft .NET Framework CVE-2016-0132 Security Bypass Vulnerability
Description Microsoft .NET Framework is prone to a security-bypass vulnerability because it fails to properly validate certain elements of a signed XML document. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further...
Microsoft Windows Group Policy CVE-2015-0008 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Avaya Aura...
Microsoft VBScript CVE-2014-6363 Remote Code Execution Vulnerability
Description Microsoft VBScript is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Technologies...
Oracle Java SE and Java for Business 'MixerSequencer' Remote Code Execution Vulnerability
Description Oracle Java SE and Java for Business are prone to a remote code-execution vulnerability affecting the 'Sound' component. Successful exploits may allow an attacker to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result...
Microsoft XML Parser Remote Denial of Service Vulnerability
Description Microsoft XML Parser is prone to a remote denial of service vulnerability when handling malformed requests. The vulnerability can be exploited through the WebDAV XML message handler of Microsoft IIS server. It is reported that this issue requires a remote attacker to create specially...
SAP Realtech RTCISM Unspecified Remote Authorization Bypass Vulnerability
Description SAP Realtech RTCISM is prone to an authorization-bypass vulnerability. Attackers can exploit this issue to gain unauthorized access and obtain sensitive information. This may aid in further attacks. Technologies Affected SAP RTCISM 100 Recommendations Block external access at the...
D-Link DIR-615 CVE-2019-19743 Privilege Escalation Vulnerability
Description D-Link DIR-615 is prone to a privilege-escalation vulnerability. An attacker may exploit this issue to gain elevated privileges. Technologies Affected D-Link DIR-615 Recommendations Block external access at the network boundary, unless external parties require service. If applicable,...
Linux Kernel CVE-2019-19965 Null Pointer Dereference Denial of Service Vulnerability
Description Linux Kernel is prone to a denial-of-service vulnerability. Attackers can exploit this issue to cause denial-of-service conditions. Linux Kernel versions through 5.4.6 are vulnerable. Technologies Affected Linux kernel 3.0 Linux kernel 3.0-rc1 Linux kernel 3.0.1 Linux kernel 3.0.18...
F5 BIG-IP Traffic Management Microkernel CVE-2019-6669 Denial of Service Vulnerability
Description F5 BIG-IP is prone to a remote denial-of-service vulnerability. A successful exploit may allow an attacker to cause the Traffic Management Microkernel TMM to reload, denying service to legitimate users. Technologies Affected F5 BIG-IP AAM 11.6.1 F5 BIG-IP AAM 12.1.1 F5 BIG-IP AFM 11.6...
Oracle Solaris CVE-2019-2765 Local Security Vulnerability
Description Oracle Solaris is prone to a local security vulnerability. This issue affects the 'Filesystem' component. This vulnerability affects the following supported version: 11, 10 Technologies Affected Oracle Solaris 10 Oracle Solaris 11 Recommendations Permit local access for trusted...
Oracle Java SE/Java SE Embedded CVE-2019-2962 Remote Security Vulnerability
Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over Multiple protocols. This issue affects the '2D' component. This vulnerability affects the following supported versions: Java SE: 7u231, 8u221, 11.0.4, 13; Java SE...
Microsoft .NET Framework CVE-2019-1113 Remote Code Execution Vulnerability
Description Microsoft .NET Framework is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected...
Microsoft Exchange Server CVE-2019-1137 Spoofing Vulnerability
Description Microsoft Exchange Server is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft Exchan...
Microsoft Windows Storage Service CVE-2019-0983 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain the elevated privileges on the system. Failed exploit attempts may result in a denial of service condition. Technologies Affected Microsoft Windows 10 Version 1607 for...
Microsoft Windows JET Database Engine CVE-2019-0974 Remote Code Execution Vulnerability
Description Microsoft Windows JET Database Engine is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...
Microsoft Edge Chakra Scripting Engine CVE-2019-0917 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft Internet Explorer and Edge Scripting Engine Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer and Edge are prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsof...