6867 matches found
Microsoft Skype for Business and Lync CVE-2018-8546 Denial of Service Vulnerability
Description Microsoft Skype for Business and Lync are prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause the target service to stop responding, denying service to legitimate users. Technologies Affected Microsoft Lync 2013 32-bit SP1 Microsoft Lync 2013...
Oracle WebLogic Server CVE-2017-10271 Remote Security Vulnerability
Description Oracle WebLogic Server is prone to a remote security vulnerability in WLS Security. The vulnerability can be exploited over the 'HTTP' protocol. This vulnerability affects the following supported versions: 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0, 12.2.1.2.0 Technologies Affected Oracle...
Adobe Reader and Acrobat JavaScript API Execution Multiple Security Bypass Vulnerabilities
Description Adobe Reader and Acrobat are prone to multiple security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. Technologies Affected Adobe Acrobat 10.0 Adobe Acrobat 10.0.1 Adobe Acrobat 10.0.13 Adobe...
Microsoft Windows DirectX CVE-2018-8561 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attackers may exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windo...
Microsoft Dynamics 365 CVE-2018-8606 Cross Site Scripting Vulnerability
Description Microsoft Dynamics 365 is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...
Microsoft Windows BitLocker Security Feature CVE-2018-8566 Local Security Bypass Vulnerability
Description Microsoft Windows is prone to a local security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems...
Microsoft Dynamics 365 CVE-2018-8609 Remote Code Execution Vulnerability
Description Microsoft Dynamics 365 is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the SQL service account. Failed exploit attempts will result in denial-of-service conditions. Technologies Affected Microsoft Dynamics...
Apache Solr CVE-2019-17558 Remote Code Execution Vulnerability
Description Apache Solr is prone to a remote-code execution vulnerability. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application. Failed exploits will result in denial-of-service conditions. Apache Solr versions prior 5.0.0 throug...
Microsoft Team Foundation Server CVE-2018-8529 Remote Code Execution Vulnerability
Description Microsoft Team Foundation Server is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will result in denial-of-service conditions. Technologies Affected Microso...
Microsoft SharePoint Server CVE-2018-8572 Remote Privilege Escalation Vulnerability
Description Microsoft SharePoint Server is prone to a remote privilege-escalation vulnerability because it fails to properly sanitize user-supplied input. An attacker may exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Technologies Affected Microsof...
Microsoft Windows COM CVE-2018-8550 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for...
Apache Tomcat CVE-2019-12418 Local Privilege Escalation Vulnerability
Description Apache Tomcat is prone to local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges and gain complete control over the server. Apache Tomcat versions 9.0.0.M1 through 9.0.28 are vulnerable. Technologies Affected Apache Tomcat 9.0.0.M...
Microsoft Windows Kernel 'Win32k.sys' CVE-2018-8565 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. A local attacker can leverage this issue to disclose sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Versi...
Microsoft Excel CVE-2018-8577 Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...
Microsoft SharePoint Server CVE-2018-8578 Information Disclosure Vulnerability
Description Microsoft SharePoint Server is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft SharePoint Foundation 2013 SP1 Recommendations Run all software as a...
Microsoft ChakraCore Scripting Engine CVE-2018-8588 Remote Memory Corruption Vulnerability
Description Microsoft ChakraCore is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore...
Microsoft Exchange Server CVE-2019-0724 Remote Privilege Escalation Vulnerability
Description Microsoft Exchange Server is prone to a remote privilege-escalation vulnerability. Attackers can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Exchange Server 2010 SP3 Update Rollup 26 Microsoft Exchange Server 2013 Cumulative Update 22 Microsoft...
Microsoft Dynamics 365 CVE-2018-8607 Cross Site Scripting Vulnerability
Description Microsoft Dynamics 365 is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...
Microsoft Outlook CVE-2018-8582 Remote Code Execution Vulnerability
Description Microsoft Outlook is prone to a remote code-execution vulnerability. Successful exploits may allow an attacker to execute arbitrary code in the context of the affected system. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Office 2019 for 32-bi...
Microsoft Dynamics 365 CVE-2018-8605 Cross Site Scripting Vulnerability
Description Microsoft Dynamics 365 is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...
Microsoft Internet Explorer CVE-2018-8570 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Internet Explorer 11 is are vulnerable...
Microsoft Windows MSRPC CVE-2018-8407 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. A local attacker can leverage this issue to disclose sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Versi...
Microsoft Windows DirectX CVE-2018-8485 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attackers may exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windo...
Microsoft Outlook CVE-2018-8558 Information Disclosure Vulnerability
Description Microsoft Outlook is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Office 2019 for 32-bit editions Microsoft Office 2019 for 64-bit editions Microsoft...
Microsoft Team Foundation Server CVE-2018-8602 Cross Site Scripting Vulnerability
Description Microsoft Team Foundation Server is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site...
Microsoft Outlook CVE-2018-8524 Remote Code Execution Vulnerability
Description Microsoft Outlook is prone to a remote code-execution vulnerability. Successful exploits may allow an attacker to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Office 2019...
Microsoft SharePoint Server CVE-2018-8568 Remote Privilege Escalation Vulnerability
Description Microsoft SharePoint Server is prone to a remote privilege-escalation vulnerability because it fails to properly sanitize user-supplied input. An attacker may exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Technologies Affected Microsof...
Microsoft Windows Audio Service CVE-2018-8454 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. A local attackers can exploit this issue to obtain sensitive information. This may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10...
Microsoft IIS Repeated Parameter Request Denial of Service Vulnerability
Description Microsoft IIS is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to force the affected application to become unresponsive, denying service to legitimate users. This issue affects IIS 5.1, 6.0, 7.0, and 7.5. Technologies Affected Avaya Aura...
Microsoft Excel CVE-2018-8574 Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...
Microsoft Windows JScript Security Feature CVE-2018-8417 Local Security Bypass Vulnerability
Description Microsoft Windows is prone to a local security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems...
Microsoft ChakraCore Scripting Engine CVE-2018-8555 Remote Memory Corruption Vulnerability
Description Microsoft ChakraCore is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore...
Exim CVE-2019-15846 Arbitrary Code Execution Vulnerability
Description Exim is prone to an arbitrary code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code with root privileges. Exim versions 4.8 through 4.92.1 are vulnerable. Technologies Affected Exim Exim 4.80 Exim Exim 4.80.1 Exim Exim 4.82 Exim Exim 4.82.1 Exim Ex...
Microsoft Dynamics 365 CVE-2018-8608 Cross Site Scripting Vulnerability
Description Microsoft Dynamics 365 is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...
Microsoft Windows ALPC CVE-2018-8584 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can leverage this issue to execute arbitrary code in the security context of the local system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...
Eclipse Jetty CVE-2019-10247 Information Disclosure Vulnerability
Description Eclipse Jetty is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Eclipse Jetty version 7.x, 8.x, 9.2.27 and prior, 9.3.26 and prior, and 9.4.16 and prior are vulnerable...
Microsoft Word CVE-2018-8539 Remote Code Execution Vulnerability
Description Microsoft Word is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...
Microsoft Windows Kernel CVE-2018-8408 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...
Microsoft Internet Explorer CVE-2018-8552 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a memory corruption vulnerability. An attacker can exploit this issue to gain access to sensitive information or cause denial of service conditions. Other attacks are also possible. Technologies Affected Microsoft Internet Explorer 10 Microsoft...
Microsoft Windows DirectX CVE-2018-8554 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attackers may exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windo...
Microsoft Outlook CVE-2018-8576 Remote Code Execution Vulnerability
Description Microsoft Outlook is prone to a remote code-execution vulnerability. Successful exploits may allow an attacker to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Office 2019...
Microsoft Windows Graphics Component CVE-2018-8553 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code on a target system. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft Windows 10 Version 1607 fo...
Microsoft Windows VBScript Engine CVE-2018-8544 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the current user. Failed exploit attempts may result in a denial of service condition. Technologies Affected Microsoft Windows 10 Version...
Microsoft ChakraCore Scripting Engine CVE-2018-8556 Remote Memory Corruption Vulnerability
Description Microsoft ChakraCore is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore...
Microsoft Azure App Service CVE-2018-8600 Cross Site Scripting Vulnerability
Description Microsoft Azure App Service is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This...
Microsoft Windows Security Feature CVE-2018-8549 Local Security Bypass Vulnerability
Description Microsoft Windows is prone to local security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems...
Microsoft Active Directory Federation Services CVE-2018-8547 Cross-Site Scripting Vulnerability
Description Microsoft Active Directory Federation Services is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected...
Microsoft ChakraCore Scripting Engine CVE-2018-8557 Remote Memory Corruption Vulnerability
Description Microsoft ChakraCore is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore...
Microsoft ChakraCore Scripting Engine CVE-2018-8541 Remote Memory Corruption Vulnerability
Description Microsoft ChakraCore is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore...
Atlassian JIRA CVE-2019-15013 Authorization Bypass Vulnerability
Description Atlassian JIRA is prone to an authorization-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. The following versions of Atlassian JIRA are affected: Versions pri...