6867 matches found
Microsoft .NET Framework CVE-2014-0295 ASLR Security Bypass Vulnerability
Description Microsoft .NET Framework is prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. Technologies Affected Avaya Aura Conferencing 6.0 SP1...
Oracle Java SE CVE-2013-1493 Remote Code Execution Vulnerability
Description Oracle Java SE is prone to a remote code execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the application. This vulnerability affects the following supported versions: JDK and JRE 7 Update 15 and prior JDK and JRE 6 Update 41 and...
PGP Desktop Unsigned Data Insertion
SUMMARY PGP Desktop versions are vulnerable to a data insertion vulnerability. Unsigned insecure data could be inserted into OpenPGP messages signed by a trusted source. When the message is decrypted and verified, PGP Desktop may incorrectly identify the message as being fully valid. AFFECTED...
Reliable Controls MACH-ProWebCom/Sys CVE-2019-18249 Cross Site Scripting Vulnerability
Description Reliable Controls MACH-ProWebCom/Sys are prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...
AMD 'ATIDXX64.DLL' Driver CVE-2019-5098 Denial of Service Vulnerability
Description An AMD ATI driver is prone to denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Due to the nature of this issue, code execution may be possible but this has not been confirmed. Technologies Affected AMD ATI Radeon AMD ATI Radeo...
Apache Olingo Multiple Security Vulnerabilities
Description Apache Olingo is prone to the following security vulnerabilities: 1. An XML External Entity injection vulnerability 2. A denial-of-service vulnerability 3. A remote-code execution vulnerability Attackers can exploit these issues to gain access to sensitive information, cause...
Adobe Acrobat and Reader APSB19-49 Multiple Information Disclosure Vulnerabilities
Description Adobe Acrobat and Reader are prone to multiple information-disclosure vulnerabilities. An attacker can exploit these issues to gain access to sensitive information that may aid in further attacks. Technologies Affected Adobe Acrobat 2017.008.30051 Adobe Acrobat 2017.011.30059 Adobe...
Multiple SAP Products CVE-2019-0381 DLL Loading Local Privilege Escalation Vulnerability
Description Multiple SAP Products are prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. The following SAP products are affected: SAP IQ version 16.1 is vulnerable SAP SQL Anywhere version 17.0 is vulnerable SAP Dynamic Tierin...
Eclipse Mojarra CVE-2019-17091 Cross Site Scripting Vulnerability
Description Eclipse Mojarra is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may all...
Linux Kernel CVE-2019-16995 Local Denial of Service Vulnerability
Description Linux Kernel is prone to a local denial-of-service vulnerability. An attacker can exploit this issue to cause a local denial-of-service condition; other attacks may also be possible. Linux kernel prior to 5.0.3 are vulnerable. Technologies Affected Linux kernel 2.6.0 Linux kernel 2.6....
Microsoft Windows LNK CVE-2019-1188 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to execute arbitrary code on the target system. Failed attacks may cause denial of service conditions. Technologies Affected Microsoft Windows 10 Version 1709 for ARM64-base...
Microsoft Edge Chakra Scripting Engine CVE-2019-1003 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft Windows GDI Component CVE-2019-1009 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems...
Microsoft Windows Hyper-V CVE-2019-0711 Denial of Service Vulnerability
Description Microsoft Windows is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Technologies Affected Microsoft Hyper-V Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-bas...
Microsoft Internet Explorer CVE-2019-0921 Spoofing Vulnerability
Description Microsoft Internet Explorer is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft...
Microsoft SharePoint Server CVE-2019-0958 Remote Privilege Escalation Vulnerability
Description Microsoft SharePoint Server is prone to a remote privilege-escalation vulnerability. An attacker may exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Technologies Affected Microsoft SharePoint Foundation 2013 SP1 Microsoft SharePoint Serv...
Microsoft Windows JET Database Engine CVE-2019-0896 Remote Code Execution Vulnerability
Description Microsoft Windows JET Database Engine is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...
Microsoft Windows Deployment Services TFTP Server CVE-2019-0603 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code with elevated permissions on a target system. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...
Microsoft Windows Subsystem for Linux CVE-2019-0693 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1803 for 32-bit...
Microsoft Edge CVE-2018-8383 Spoofing Vulnerability
Description Microsoft Edge is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft Edge...
SA161: Local Information Disclosure Due to Meltdown and Spectre Attacks
SUMMARY Symantec Network Protection products, which run on an affected CPU chipset and execute arbitrary code from external sources, are susceptible to several information disclosure vulnerabilities aka Meltdown and Spectre attacks. A remote attacker, with the ability to execute arbitrary code...
Microsoft Excel CVE-2017-11877 Security Bypass Vulnerability
Description Microsoft Excel is prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. Technologies Affected Microsoft Excel 2007 SP3 Microsoft Excel 20...
Xen CVE-2017-15595 Denial of Service Vulnerability
Description Xen is prone to a denial-of-service vulnerability. Attackers can exploit this issue to crash the affected application, denying service to legitimate users. Xen Xen version through 4.9.x are vulnerable. Technologies Affected Citrix XenServer 6.0.2 Citrix XenServer 6.2 Citrix XenServer...
Microsoft Windows SMB Server CVE-2017-11781 Denial of Service Vulnerability
Description Microsoft Windows is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microso...
Microsoft Windows Bluetooth Driver CVE-2017-8628 Man in the Middle Spoofing Vulnerability
Description Microsoft Windows is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft Windows 10...
Microsoft Windows SMB Server CVE-2017-0276 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 16...
Microsoft Windows Kernel CVE-2017-0167 Information Disclosure Vulnerability
Description Microsoft Windows is prone to a information-disclosure vulnerability. An attacker can leverage this issue to disclose sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for...
Microsoft Windows Group Policy CVE-2015-0008 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Avaya Aura...
Microsoft VBScript CVE-2014-6363 Remote Code Execution Vulnerability
Description Microsoft VBScript is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Technologies...
Oracle Java SE and Java for Business 'MixerSequencer' Remote Code Execution Vulnerability
Description Oracle Java SE and Java for Business are prone to a remote code-execution vulnerability affecting the 'Sound' component. Successful exploits may allow an attacker to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result...
Microsoft XML Parser Remote Denial of Service Vulnerability
Description Microsoft XML Parser is prone to a remote denial of service vulnerability when handling malformed requests. The vulnerability can be exploited through the WebDAV XML message handler of Microsoft IIS server. It is reported that this issue requires a remote attacker to create specially...
SAP Realtech RTCISM Unspecified Remote Authorization Bypass Vulnerability
Description SAP Realtech RTCISM is prone to an authorization-bypass vulnerability. Attackers can exploit this issue to gain unauthorized access and obtain sensitive information. This may aid in further attacks. Technologies Affected SAP RTCISM 100 Recommendations Block external access at the...
Oracle WebLogic Server CVE-2020-6950 Remote Security Vulnerability
Description Oracle WebLogic Server is prone to a remote security vulnerability. The vulnerability can be exploited over the 'HTTP' protocol. The 'Web Container JavaServer Faces' component is affected. This vulnerability affects the following supported versions: 12.2.1.3.0, 12.2.1.4.0 Technologies...
Microsoft PowerPoint CVE-2019-1462 Remote Code Execution Vulnerability
Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected...
D-Link DIR-615 CVE-2019-19743 Privilege Escalation Vulnerability
Description D-Link DIR-615 is prone to a privilege-escalation vulnerability. An attacker may exploit this issue to gain elevated privileges. Technologies Affected D-Link DIR-615 Recommendations Block external access at the network boundary, unless external parties require service. If applicable,...
Linux Kernel 'marvell/mwifiex/tdls.c' Local Heap Buffer Overflow Vulnerability
Description Linux Kernel is prone to a local heap-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. An attacker can exploit this issue to cause a denial-of-service condition or to execute...
Oracle Solaris CVE-2019-2765 Local Security Vulnerability
Description Oracle Solaris is prone to a local security vulnerability. This issue affects the 'Filesystem' component. This vulnerability affects the following supported version: 11, 10 Technologies Affected Oracle Solaris 10 Oracle Solaris 11 Recommendations Permit local access for trusted...
Microsoft .NET Framework CVE-2019-1113 Remote Code Execution Vulnerability
Description Microsoft .NET Framework is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected...
Microsoft Exchange Server CVE-2019-1137 Spoofing Vulnerability
Description Microsoft Exchange Server is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft Exchan...
Microsoft Windows Storage Service CVE-2019-0983 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain the elevated privileges on the system. Failed exploit attempts may result in a denial of service condition. Technologies Affected Microsoft Windows 10 Version 1607 for...
Microsoft Windows JET Database Engine CVE-2019-0974 Remote Code Execution Vulnerability
Description Microsoft Windows JET Database Engine is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...
Microsoft Internet Explorer and Edge Scripting Engine Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer and Edge are prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsof...
Microsoft Windows GDI Component CVE-2019-0961 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 16...
Microsoft Edge Chakra Scripting Engine CVE-2019-0917 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft Internet Explorer and ChakraCore CVE-2019-0609 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer and ChakraCore are prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected...
Microsoft Windows Kernel 'Win32k.sys' CVE-2019-0623 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit...
Microsoft Lync for Mac CVE-2018-8474 Security Bypass Vulnerability
Description Microsoft Lync for Mac is prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and perform unauthorized actions. Technologies Affected Microsoft Lync for Mac 2011 Recommendations Deploy network intrusion detection system...
Microsoft Windows DNSAPI CVE-2018-8304 Remote Denial of Service Vulnerability
Description Microsoft Windows is prone to a remote denial of service vulnerability. Attackers can exploit this issue to cause denial-of-service condition, denying service to legitimate users. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...
Microsoft Edge Scripting Engine CVE-2017-11889 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft Office CVE-2017-8510 Remote Code Execution Vulnerability
Description Microsoft Office is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...