6867 matches found
Microsoft NuGet Package Manager CVE-2019-0976 Tampering Security Bypass Vulnerability
Description Microsoft NuGet is prone to a security bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. Technologies Affected Microsoft NuGet 5.0.2 Recommendations Permit local access for trusted individuals only. Where...
Microsoft Windows NDIS CVE-2019-0707 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attackers may exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windo...
Microsoft Edge Chakra Scripting Engine CVE-2019-0912 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft SharePoint Server CVE-2019-0950 Spoofing Vulnerability
Description Microsoft SharePoint Server is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft...
Microsoft Windows JET Database Engine CVE-2019-0901 Remote Code Execution Vulnerability
Description Microsoft Windows JET Database Engine is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...
Microsoft Visual Studio CVE-2019-0809 Remote Code Execution Vulnerability
Description Microsoft Visual Studio is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the current-user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft Visu...
Microsoft Azure CVE-2019-0816 Security Bypass Vulnerability
Description Microsoft Azure is prone to a security bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions; this may aid in launching further attacks. Technologies Affected Ubuntu Ubuntu Linux 18.04 LTS Recommendations Block external access at the network...
Microsoft Windows Subsystem for Linux CVE-2019-0689 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1803 for 32-bit...
Microsoft Internet Explorer CVE-2019-0606 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Internet Explorer 11 is vulnerable...
Microsoft Windows Human Interface Devices CVE-2019-0600 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 f...
Microsoft Windows SMB Server CVE-2018-8444 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems...
Microsoft Word CVE-2018-0797 Memory Corruption Vulnerability
Description Microsoft Word is prone to a memory-corruption vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft Offic...
Microsoft Windows CVE-2017-0171 Denial of Service Vulnerability
Description Microsoft Windows is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Technologies Affected Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft...
Microsoft Internet Explorer CVE-2017-0222 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Internet Explorer 11, 10 and 9 are...
Microsoft Windows CVE-2017-0043 XML External Entity Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information. Successful exploits may lead to other attacks. Technologies Affected Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft...
Microsoft Windows CVE-2017-0101 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows...
Microsoft Internet Explorer CVE-2017-0059 Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to an information-disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. Internet Explorer 9, 10, and 11 are vulnerable. Technologies Affected Microsoft Internet Explorer ...
Microsoft Windows Graphics Component CVE-2017-0062 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. An attacker can leverage this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607...
SA139 : November 2016 NTP Security Vulnerabilities
SUMMARY Symantec Network Protection products using affected versions of the NTP reference implementation from ntp.org are susceptible to multiple vulnerabilities. A remote attacker can modify the targets system time, prevent the target from synchronizing its time, cause denial of service through...
SA109 : Multiple OpenSSH Vulnerabilities (January 2016)
SUMMARY Blue Coat products using affected 5.x and 6.x versions of OpenSSH are susceptible to multiple vulnerabilities. An attacker, with access to the management interface, may exploit these vulnerabilities to execute arbitrary code and obtain information from the target's process memory. The...
Microsoft Windows TrueType Fonts CVE-2015-2463 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Microsoft .NET...
Microsoft DCOM RPC CVE-2015-2370 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevate privileges on a targeted system. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.1.0 Avaya Meeting Exchange - Client...
Symantec Message Filter Security Issues
SUMMARY Symantecs Message Filter management interface, the Brightmail Control Center, is susceptible to a number of security concerns resulting from improper input validation and authentication. Successful exploitation of these issues could result in unauthorized privileged access to the...
Oracle Java SE CVE-2020-2654 Remote Security Vulnerability
Description Oracle Java SE is prone to a remote security vulnerability. The vulnerability can be exploited over multiple protocols. This issue affects the 'Libraries' component. This vulnerability affects the following supported versions: Java SE: 7u241, 8u231, 11.0.5, 13.0.1 Technologies Affecte...
OpenSLP CVE-2019-5544 Heap Memory Corruption Vulnerability
Description OpenSLP is prone to a heap-memory-corruption vulnerability. An attacker can exploit this issue to crash the affected application or execute arbitrary code within the context of the affected application. OpenSLP 1.2.1 and 2.0.0 are vulnerable; other versions may also be affected...
Asterisk Manager Interface CVE-2019-18610 Arbitrary Command Execution Vulnerability
Description Asterisk Manager Interface is prone to an arbitrary command-execution vulnerability. An attacker can exploit this issue to execute arbitrary system command on the affected system. This may aid in further attacks. The following Asterisk products are affected: Asterisk Open Source...
Symantec Endpoint Protection Manager CVE-2018-18368 Local Privilege Escalation Vulnerability
Description Symantec Endpoint Protection Manager is prone to a local privilege-escalation vulnerability. A local attacker can leverage this issue to gain elevated privileges. Symantec Endpoint Protection Manager versions prior to 14.2 RU1 are vulnerable. Technologies Affected Symantec Endpoint...
Apple macOS/iOS/iPadOS Multiple Information Disclosure Vulnerabilities
Description Apple iOS, iPad and macOS are prone to multiple information-disclosure vulnerabilities. Attackers can exploit these issues to obtain sensitive information that may aid in further attacks. Technologies Affected Apple Ipad Mini- Apple iOS 10 Apple iOS 10.0.1 Apple iOS 10.1 Apple iOS 10....
Citrix NetScaler ADC and NetScaler Gateway CVE-2019-18225 Authentication Bypass Vulnerability
Description Citrix NetScaler Application Delivery Controller ADC and NetScaler Gateway are prone to an authentication-bypass vulnerability. An attacker can exploit this issue to bypass the authentication mechanism. This may aid in further attacks. The following Citrix products are affected: Citri...
Oracle Java SE/Java SE Embedded CVE-2019-2949 Remote Security Vulnerability
Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over 'Kerberos' protocol. This issue affects the 'Kerberos' component. This vulnerability affects the following supported versions: Java SE: 7u231, 8u221, 11.0.4, 13;...
OpenSSL CVE-2019-1549 Security Vulnerability
Description OpenSSL is prone to a security vulnerability. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. OpenSSL versions 1.1.1 through 1.1.1c are vulnerable. Technologies Affected IBM Cloud Private 3.2.0 CD IBM Cloud Private 3.2.1 CD...
Microsoft Windows Storage Service CVE-2019-0998 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain the elevated privileges on the system. Failed exploit attempts may result in a denial of service condition. Technologies Affected Microsoft Windows 10 Version 1709 for...
Microsoft Edge Chakra Scripting Engine CVE-2019-0991 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft Windows Audio Service CVE-2019-1026 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain the elevated privileges on the system. Technologies Affected Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based...
Microsoft Edge Chakra Scripting Engine CVE-2019-0914 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft Internet Explorer CVE-2019-0930 Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to an information-disclosure vulnerability Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Internet Explorer 10 Microsoft Internet Explorer 11 Microsoft...
Pulse Connect Secure and Policy Secure CVE-2019-11509 Access Bypass Vulnerability
Description Pulse Connect Secure and Policy Secure are prone to an access-bypass vulnerability. An attacker can exploit this execute arbitrary code and perform unauthorized actions; this may aid in launching further attacks. The following products are vulnerable: Pulse Connect Secure 9.0RX, 8.3RX...
Microsoft Edge Chakra Scripting Engine CVE-2019-0773 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft Internet Explorer Scripting Engine CVE-2019-0783 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Internet Explorer 10 and 11 are...
Microsoft Windows JET Database Engine CVE-2019-0617 Remote Code Execution Vulnerability
Description Microsoft Windows JET Database Engine is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...
Microsoft Windows GDI Component CVE-2019-0615 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 16...
Microsoft Windows CVE-2018-8314 Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a privilege-escalation vulnerability. An attackers may exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1...
Microsoft .NET Framework CVE-2018-8284 Remote Code Execution Vulnerability
Description Microsoft .NET Framework is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected system. Failed exploit attempts will result in denial-of-service conditions. Technologies Affected Microsoft .NET...
Microsoft Windows 'HTTP.sys' CVE-2018-8231 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Windows 10 Version 1607 f...
Microsoft Office CVE-2018-1028 Remote Code Execution Vulnerability
Description Microsoft Office is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...
Microsoft Windows SMB Server CVE-2017-0275 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 16...
SA134 : Linux Kernel Vulnerabilities Oct/Nov 2016
SUMMARY Blue Coat products that include a vulnerable version of the Linux kernel are susceptible to several vulnerabilities. A remote attacker, with access to the management interface, can exploit these vulnerabilities to cause denial of service through system crashes or have unspecified other...
Microsoft Windows Graphics Component CVE-2016-3304 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits may allow an attacker to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Live Meeting...
Microsoft .NET Framework Model View Controller CVE-2015-2526 Remote Denial of Service Vulnerability
Description Microsoft .NET Framework is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to degrade the performance of a .NET-enabled website, causing a denial of service condition. Technologies Affected Avaya Meeting Exchange - Client Registration Server 6.0...
Microsoft Windows Kerberos Checksum CVE-2014-6324 Remote Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges within the context of the application; this can result in the attacker gaining complete control of the affected system. Technologies Affected Avaya...