6867 matches found
Microsoft Windows CVE-2017-0171 Denial of Service Vulnerability
Description Microsoft Windows is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Technologies Affected Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft...
Microsoft Windows Graphics Component CVE-2016-3270 Local Privilege Escalation Vulnerability
Description Microsoft Graphics Component is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges within the context of the affected system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft...
Microsoft Internet Explorer CVE-2016-3298 Multiple Information Disclosure Vulnerabilities
Description Microsoft Internet Explorer is prone to multiple information-disclosure vulnerabilities. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. Internet explorer 9, 10, and 11 are vulnerable. Technologies Affected Microsoft Internet...
Microsoft Windows Kernel 'Win32k.sys' CVE-2016-0165 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsof...
Microsoft Windows Remote Desktop Protocol CVE-2016-0036 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Failed exploit attempts will result in a denial of service condition. Technologies Affected Microsoft Windows 10 for...
Microsoft Windows CVE-2015-6128 DLL Loading Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will result in a denial-of-service condition. Note: This issue was previously titl...
Microsoft .NET Framework CVE-2015-6096 XML Handling Information Disclosure Vulnerability
Description The Microsoft .NET Framework is prone to a remote information-disclosure vulnerability. Attackers can exploit this issue to gain access to sensitive information that may aid in further attacks. Technologies Affected Microsoft .NET Framework 2.0 SP2 Microsoft .NET Framework 3.5 Microso...
Microsoft DCOM RPC CVE-2015-2370 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevate privileges on a targeted system. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.1.0 Avaya Meeting Exchange - Client...
Microsoft Excel Name Record Array Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers may exploit this issue by enticing victims into opening a maliciously crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the...
Oracle Java SE CVE-2020-2654 Remote Security Vulnerability
Description Oracle Java SE is prone to a remote security vulnerability. The vulnerability can be exploited over multiple protocols. This issue affects the 'Libraries' component. This vulnerability affects the following supported versions: Java SE: 7u241, 8u231, 11.0.5, 13.0.1 Technologies Affecte...
Asterisk Manager Interface CVE-2019-18610 Arbitrary Command Execution Vulnerability
Description Asterisk Manager Interface is prone to an arbitrary command-execution vulnerability. An attacker can exploit this issue to execute arbitrary system command on the affected system. This may aid in further attacks. The following Asterisk products are affected: Asterisk Open Source...
Citrix NetScaler ADC and NetScaler Gateway CVE-2019-18225 Authentication Bypass Vulnerability
Description Citrix NetScaler Application Delivery Controller ADC and NetScaler Gateway are prone to an authentication-bypass vulnerability. An attacker can exploit this issue to bypass the authentication mechanism. This may aid in further attacks. The following Citrix products are affected: Citri...
Oracle Java SE/Java SE Embedded CVE-2019-2949 Remote Security Vulnerability
Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over 'Kerberos' protocol. This issue affects the 'Kerberos' component. This vulnerability affects the following supported versions: Java SE: 7u231, 8u221, 11.0.4, 13;...
Oracle Java SE/Java SE Embedded CVE-2019-2933 Remote Security Vulnerability
Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over Multiple protocols. This issue affects the 'Libraries' component. This vulnerability affects the following supported versions: Java SE: 7u231, 8u221, 11.0.4, 13;...
Microsoft Windows Storage Service CVE-2019-0998 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain the elevated privileges on the system. Failed exploit attempts may result in a denial of service condition. Technologies Affected Microsoft Windows 10 Version 1709 for...
Microsoft Edge Chakra Scripting Engine CVE-2019-0991 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft Windows Audio Service CVE-2019-1026 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain the elevated privileges on the system. Technologies Affected Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based...
Microsoft Internet Explorer CVE-2019-0930 Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to an information-disclosure vulnerability Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Internet Explorer 10 Microsoft Internet Explorer 11 Microsoft...
Microsoft Edge Chakra Scripting Engine CVE-2019-0914 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Pulse Connect Secure and Policy Secure CVE-2019-11509 Access Bypass Vulnerability
Description Pulse Connect Secure and Policy Secure are prone to an access-bypass vulnerability. An attacker can exploit this execute arbitrary code and perform unauthorized actions; this may aid in launching further attacks. The following products are vulnerable: Pulse Connect Secure 9.0RX, 8.3RX...
Microsoft Edge Chakra Scripting Engine CVE-2019-0773 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft Internet Explorer Scripting Engine CVE-2019-0783 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Internet Explorer 10 and 11 are...
Microsoft Windows JET Database Engine CVE-2019-0617 Remote Code Execution Vulnerability
Description Microsoft Windows JET Database Engine is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...
Microsoft Windows GDI Component CVE-2019-0615 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 16...
Microsoft Windows CVE-2018-8314 Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a privilege-escalation vulnerability. An attackers may exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1...
Microsoft .NET Framework CVE-2018-8284 Remote Code Execution Vulnerability
Description Microsoft .NET Framework is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected system. Failed exploit attempts will result in denial-of-service conditions. Technologies Affected Microsoft .NET...
Microsoft Windows 'HTTP.sys' CVE-2018-8231 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Windows 10 Version 1607 f...
Microsoft Office CVE-2018-1028 Remote Code Execution Vulnerability
Description Microsoft Office is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...
Microsoft Word CVE-2018-0797 Memory Corruption Vulnerability
Description Microsoft Word is prone to a memory-corruption vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft Offic...
Microsoft Windows CVE-2017-0043 XML External Entity Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information. Successful exploits may lead to other attacks. Technologies Affected Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft...
Microsoft Windows CVE-2017-0101 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows...
Microsoft Internet Explorer CVE-2017-0059 Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to an information-disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. Internet Explorer 9, 10, and 11 are vulnerable. Technologies Affected Microsoft Internet Explorer ...
Microsoft Windows Graphics Component CVE-2017-0062 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. An attacker can leverage this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607...
SA139 : November 2016 NTP Security Vulnerabilities
SUMMARY Symantec Network Protection products using affected versions of the NTP reference implementation from ntp.org are susceptible to multiple vulnerabilities. A remote attacker can modify the targets system time, prevent the target from synchronizing its time, cause denial of service through...
SA109 : Multiple OpenSSH Vulnerabilities (January 2016)
SUMMARY Blue Coat products using affected 5.x and 6.x versions of OpenSSH are susceptible to multiple vulnerabilities. An attacker, with access to the management interface, may exploit these vulnerabilities to execute arbitrary code and obtain information from the target's process memory. The...
Microsoft Windows TrueType Fonts CVE-2015-2463 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Microsoft .NET...
Microsoft Office CVE-2015-1770 Uninitialized Memory Use Remote Code Execution Vulnerability
Description Microsoft Office is prone to a remote code execution vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged in user. Failed exploit attempts will likely result in...
Microsoft Windows Kerberos Checksum CVE-2014-6324 Remote Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges within the context of the application; this can result in the attacker gaining complete control of the affected system. Technologies Affected Avaya...
Symantec Message Filter Security Issues
SUMMARY Symantecs Message Filter management interface, the Brightmail Control Center, is susceptible to a number of security concerns resulting from improper input validation and authentication. Successful exploitation of these issues could result in unauthorized privileged access to the...
Microsoft Windows Graphics Component CVE-2020-0622 Information Disclosure Vulnerability
Description Microsoft Windows is prone to a information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 160...
OpenSLP CVE-2019-5544 Heap Memory Corruption Vulnerability
Description OpenSLP is prone to a heap-memory-corruption vulnerability. An attacker can exploit this issue to crash the affected application or execute arbitrary code within the context of the affected application. OpenSLP 1.2.1 and 2.0.0 are vulnerable; other versions may also be affected...
Symantec Endpoint Protection Manager CVE-2018-18368 Local Privilege Escalation Vulnerability
Description Symantec Endpoint Protection Manager is prone to a local privilege-escalation vulnerability. A local attacker can leverage this issue to gain elevated privileges. Symantec Endpoint Protection Manager versions prior to 14.2 RU1 are vulnerable. Technologies Affected Symantec Endpoint...
Apple macOS/iOS/iPadOS Multiple Information Disclosure Vulnerabilities
Description Apple iOS, iPad and macOS are prone to multiple information-disclosure vulnerabilities. Attackers can exploit these issues to obtain sensitive information that may aid in further attacks. Technologies Affected Apple Ipad Mini- Apple iOS 10 Apple iOS 10.0.1 Apple iOS 10.1 Apple iOS 10....
Oracle Java SE/Java SE Embedded CVE-2019-2964 Remote Security Vulnerability
Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over Multiple protocols. This issue affects the 'Concurrency' component. This vulnerability affects the following supported versions: Java SE: 7u231, 8u221, 11.0.4, 13;...
Oracle Java SE/Java SE Embedded CVE-2019-2983 Remote Security Vulnerability
Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over Multiple protocols. This issue affects the 'Serialization' component. This vulnerability affects the following supported versions: Java SE: 7u231, 8u221, 11.0.4, 1...
Oracle JDeveloper and ADF CVE-2019-2899 Remote Security Vulnerability
Description Oracle JDeveloper and ADF are prone to a remote security vulnerability. The vulnerability can be exploited over the 'HTTP' protocol. The 'OAM' component is affected. This vulnerability affects the following supported versions: 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0, 12.2.1.3.0 Technologie...
Oracle WebLogic Server CVE-2019-2889 Remote Security Vulnerability
Description Oracle WebLogic Server is prone to a remote security vulnerability. The vulnerability can be exploited over the 'HTTP' protocol. The 'Sample apps' component is affected. This vulnerability affects the following supported versions: 12.2.1.3.0 Technologies Affected Oracle Weblogic Serve...
Exim CVE-2019-16928 Heap Buffer Overflow Vulnerability
Description Exim is prone to a heap-based buffer-overflow vulnerability. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application. Failed exploits will result in denial-of-service conditions. Exim versions 4.92 through 4.92.2 are...
Microsoft Windows CVE-2019-1215 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges on the system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems...
OpenSSL CVE-2019-1549 Security Vulnerability
Description OpenSSL is prone to a security vulnerability. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. OpenSSL versions 1.1.1 through 1.1.1c are vulnerable. Technologies Affected IBM Cloud Private 3.2.0 CD IBM Cloud Private 3.2.1 CD...