6867 matches found
Microsoft Excel CVE-2020-0651 Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...
Oracle Database Server CVE-2020-2517 Remote Security Vulnerability
Description Oracle Database Server is prone to a remote security vulnerability that exists in Database Gateway for ODBC. The vulnerability can be exploited over 'OracleNet' protocol. For an exploit to succeed, the attacker must have 'Create Procedure' and 'Create Database Link' privileges. This...
Microsoft Windows Remote Desktop Protocol CVE-2020-0612 Denial of Service Vulnerability
Description Microsoft Windows Remote Desktop Protocol is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause the target service to stop responding, denying service to legitimate users. Technologies Affected Microsoft Windows Server 2016 Microsoft Windows Server...
F5 BIG-IP AFM CVE-2019-6672 Denial of Service Vulnerability
Description F5 BIG-IP AFM is prone to a denial-of-service vulnerability. Attackers can exploit this issue to cause a denial-of-service condition, denying service to legitimate users. BIG-IP AFM 15.0.0 through 15.0.1, 14.1.0 through 14.1.2, and 13.1.0 through 13.1.3 are vulnerable. Technologies...
Microsoft Windows Netlogon CVE-2019-1424 Security Bypass Vulnerability
Description Microsoft Windows Netlogon is prone to a security bypass vulnerability. Successfully exploiting this issue may allow attackers to bypass certain security restrictions and perform unauthorized actions by conducting a man-in-the-middle attack. This may lead to other attacks. Technologie...
Linux Kernel CVE-2019-17666 Buffer Overflow Vulnerability
Description Linux Kernel is prone to a buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. An attacker can exploit this issue to cause a denial-of-service condition. Due to the nature of this issue, code...
Oracle Java SE/Java SE Embedded CVE-2019-2978 Remote Security Vulnerability
Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over Multiple protocols. This issue affects the 'Networking' component. This vulnerability affects the following supported versions: Java SE: 7u231, 8u221, 11.0.4, 13;...
Linux Kernel CVE-2019-17075 Denial of Service Vulnerability
Description Linux Kernel is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service conditions. Linux kernel versions through 5.3.2 are vulnerable. Technologies Affected Linux kernel 2.6.0 Linux kernel 2.6.1 Linux kernel 2.6.11 .11 Linux kernel...
Multiple Apple Products CVE-2019-8900 Arbitrary Code Execution Vulnerability
Description Multiple Apple Products are prone to an arbitrary code execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the user running the application. Failed exploit attempts may result in a denial-of-service condition. Technologies Affected...
Microsoft SharePoint CVE-2019-1261 Spoofing Vulnerability
Description Microsoft SharePoint is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft SharePoint...
Microsoft Windows Hyper-V CVE-2019-0710 Denial of Service Vulnerability
Description Microsoft Windows is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Technologies Affected Microsoft Hyper-V Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-bas...
Microsoft Edge Chakra Scripting Engine CVE-2019-0923 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Edge Recommendations...
Microsoft SharePoint Server CVE-2019-0951 Spoofing Vulnerability
Description Microsoft SharePoint Server is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft...
Microsoft SharePoint Server CVE-2019-0952 Remote Code Execution Vulnerability
Description Microsoft SharePoint Server is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft SharePoint Enterprise Server 2016...
Microsoft SharePoint Server CVE-2019-0963 Cross Site Scripting Vulnerability
Description Microsoft SharePoint Server is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This...
Microsoft Windows CVE-2019-0856 Arbitrary Code Execution Vulnerability
Description Microsoft Windows is prone to an arbitrary code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the system. Failed exploit attempts will likely cause a denial-of-service condition. Technologies Affected Microsoft Windows 10 Version...
Microsoft Office Access Connectivity Engine CVE-2019-0825 Remote Code Execution Vulnerability
Description Microsoft Office Access Connectivity Engine is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Office 2010 Service Pack 2 32-bit editions Microsoft Office...
Microsoft Windows ActiveX CVE-2019-0784 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the current user. Failed exploit attempts may result in a denial of service condition. Technologies Affected Microsoft Windows 10 Version...
Microsoft Edge Chakra Scripting Engine CVE-2019-0593 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft Exchange Server CVE-2019-0588 Information Disclosure Vulnerability
Description Microsoft Exchange Server is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Exchange Server 2010 SP3 Update Rollup 25 Microsoft Exchange Serve...
Reflected XSS Vulnerability in Web Isolation
SUMMARY Symantec Web Isolation WI is susceptible to a reflected cross-site scripting XSS vulnerability. A remote attacker can target end users protected by WI with social engineering attacks using crafted URLs for legitimate web sites. A successful attack allows injecting malicious JavaScript cod...
Microsoft Windows FTP Server CVE-2018-8206 Denial of Service Vulnerability
Description Microsoft Windows is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause the target service to stop responding, denying service to legitimate users. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...
Microsoft Office CVE-2018-0950 Information Disclosure Vulnerability
Description Microsoft Office is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Office 2010 Service Pack 2 32-bit editions Microsoft Office 2010 Service Pack 2 64-bi...
Microsoft Office CVE-2018-0919 Information Disclosure Vulnerability
Description Microsoft Office is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Office 2010 Service Pack 2 32-bit editions Microsoft Office 2010 Service Pack 2 64-bi...
Microsoft Office CVE-2018-0922 Memory Corruption Vulnerability
Description Microsoft Office is prone to a memory-corruption vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...
Symantec Endpoint Protection Multiple Issues
SUMMARY Symantec has released a set of updates to address three issues in the Symantec Endpoint Protection SEP product. AFFECTED PRODUCTS Symantec Endpoint Protection SEP --- CVE | Affected Versions | Remediation CVE-2017-13681 | Prior to 12.1 RU6 MP9 | Upgrade to 12.1 RU6 MP9 Symantec Endpoint...
Microsoft Internet Explorer CVE-2017-8733 Spoofing Vulnerability
Description Microsoft Internet Explorer is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Internet Explorer 9, 10 and 11 are...
Microsoft Remote Desktop Virtual Host CVE-2017-8714 Remote Code Execution Vulnerability
Description Microsoft Remote Desktop Virtual Host is prone to a remote code-execution vulnerability. Successful exploits will allow the attacker to execute arbitrary code on the affected system. Failed attacks may cause denial-of-service conditions. Technologies Affected Microsoft Windows 10...
Microsoft Office CVE-2017-8744 Remote Code Execution Vulnerability
Description Microsoft Office is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...
Microsoft Office CVE-2017-8631 Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote memory-corruption vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected...
Microsoft Windows Kernel CVE-2017-0175 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. A local attacker can leverage this issue to disclose sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based...
Microsoft Windows Active Directory CVE-2017-0164 Denial of Service Vulnerability
Description Microsoft Windows is prone to a denial of service vulnerability. An attacker can exploit this issue to cause a denial of service condition. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft...
Microsoft Edge CVE-2016-7206 Information Disclosure Vulnerability
Description Microsoft Edge is prone to an information disclosure vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Successful exploits will allow attackers to run arbitrary code and obtain sensitive information that may aid in...
Microsoft Windows SMB Server CVE-2016-3345 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to execute arbitrary code on the target system. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit...
Microsoft Windows Kerberos CVE-2016-3237 Security Bypass Vulnerability
Description Microsoft Windows is prone to a security bypass vulnerability. Successfully exploiting this issue may allow attackers to bypass certain security restrictions and perform unauthorized actions by conducting a man-in-the-middle attack. This may lead to other attacks. Note: This issue was...
Microsoft Windows Graphic Component CVE-2016-3219 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for...
SA121 : OpenSSH Shell Command Restriction Bypass
SUMMARY Blue Coat products that include vulnerable versions of OpenSSH and enable X11 forwarding are susceptible to a command injection vulnerability due to insufficient input data sanitization. An authenticated remote attacker can exploit this vulnerability to bypass intended command restriction...
SA115 : Multiple nginx DNS resolver vulnerabilities
SUMMARY Blue Coat products that include affected versions of nginx and enable the nginx DNS resolver are susceptible to multiple vulnerabilities. A remote attacker, with access to the management interface, can exploit these vulnerabilities to cause denial of service. In some cases, the attacker m...
Microsoft Windows Media Center CVE-2015-2509 Remote Code Execution Vulnerability
Description Microsoft Windows Media Center is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies...
Microsoft Windows Filesystem CVE-2015-2430 Remote Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges within the context of the currently logged-in user. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for...
Microsoft Windows DLL Loading CVE-2015-2369 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Avaya CallPilot...
Microsoft Internet Explorer CVE-2014-6329 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft ASP.NET MVC CVE-2014-4075 Cross Site Scripting Vulnerability
Description Microsoft ASP.NET MVC is prone to a cross-site scripting vulnerability because it fails to properly encode user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This could...
Symantec Encryption Management Server Web Email Protection View User’s Email
SUMMARY Symantec Encryption Management Server was susceptible to an authorized/authenticated web console user being able to view any other users stored outbound emails. The issue is in the Web Email Protection component not sufficiently restricting authorized user content access. This could allow...
Microsoft Windows Kernel 'Win32k.sys' CVE-2013-1344 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of the affected...
Apple QuickTime '_Marshaled_pUnk' Remote Code Execution Vulnerability
Description Apple QuickTime is prone to a remote code-execution vulnerability that affects the 'QTPlugin.ocx' ActiveX control because it fails to sufficiently validate user-supplied data. An attacker can exploit this issue by enticing an unsuspecting user to view a malicious webpage. Successful...
Microsoft Office Online CVE-2020-0647 Spoofing Vulnerability
Description Microsoft Office Online is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft Office...
Oracle Java SE/Java SE Embedded CVE-2020-2593 Remote Security Vulnerability
Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over multiple protocols. This issue affects the 'Networking' component. This vulnerability affects the following supported versions: Java SE: 7u241, 8u231, 11.0.5,...
cURL CVE-2019-15601 Remote Security Bypass Vulnerability
Description cURL is prone to a remote security-bypass vulnerability. An attacker can leverage this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. cURL versions prior to 7.68.0 are vulnerable. Technologies Affected Haxx Curl 7.34.0 Haxx Cur...
Apache Xerces-C CVE-2018-1311 Remote Code Execution Vulnerability
Description Apache Xerces-C is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application or cause denial-of-service conditions. Apache Xerces-C versions 3.0.0 through 3.2.2 are vulnerable. Technologies...