6867 matches found
Microsoft Windows DirectShow CVE-2017-0042 Information Disclosure Vulnerability
Description Microsoft Windows DirectShow is prone to an information-disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...
Microsoft Office CVE-2016-7266 Remote Code Execution Vulnerability
Description Microsoft Office is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft Exc...
Microsoft Internet Explorer CVE-2016-7278 Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to an information-disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. Internet Explorer 9, 10, and 11 are vulnerable. Technologies Affected Microsoft Internet Explorer ...
Microsoft Windows Open Type Font CVE-2016-7256 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Windows 10 Version 1607 f...
Microsoft Windows SMB Server CVE-2016-3345 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to execute arbitrary code on the target system. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit...
SA129 : Multiple libxml2 Vulnerabilities
SUMMARY Blue Coat products that include a vulnerable version of the libxml2 library are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to execute arbitrary code and cause denial of service through memory corruption. AFFECTED PRODUCTS The following...
Microsoft Windows Graphic Component CVE-2016-3219 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511 for...
SA121 : OpenSSH Shell Command Restriction Bypass
SUMMARY Blue Coat products that include vulnerable versions of OpenSSH and enable X11 forwarding are susceptible to a command injection vulnerability due to insufficient input data sanitization. An authenticated remote attacker can exploit this vulnerability to bypass intended command restriction...
SA115 : Multiple nginx DNS resolver vulnerabilities
SUMMARY Blue Coat products that include affected versions of nginx and enable the nginx DNS resolver are susceptible to multiple vulnerabilities. A remote attacker, with access to the management interface, can exploit these vulnerabilities to cause denial of service. In some cases, the attacker m...
Microsoft Windows Media Center CVE-2015-2509 Remote Code Execution Vulnerability
Description Microsoft Windows Media Center is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies...
Microsoft Windows Kernel 'Win32k.sys' CVE-2015-2433 Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information, bypass certain security restrictions and perform unauthorized actions. Successful exploits may lead to other attacks. Technologies Affect...
Microsoft Windows Kernel 'Win32k.sys' CVE-2015-2381 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. An attacker can leverage this issue to disclose kernel memory and obtain sensitive information that may aid in further attacks. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5...
Microsoft Internet Explorer CVE-2014-6368 ASLR Security Bypass Vulnerability
Description Microsoft Internet Explorer is prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. Internet Explorer 11 is vulnerable. Technologies...
Microsoft Internet Explorer CVE-2014-2823 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successfully exploiting this issue may allow attackers to execute arbitrary code in the context of the application. Failed exploit attempts will result in denial-of-service conditions. Internet Explorer ...
Microsoft Windows Kernel 'Win32k.sys' CVE-2014-0300 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges and gain access to kernel memory. Technologies Affected Avaya Aura Conferencing 6.0 SP1 Standard Avaya Aura Conferencing...
Microsoft DirectShow CVE-2014-0301 Remote Code Execution Vulnerability
Description Microsoft DirectShow is prone to a remote code-execution vulnerability. Successful exploits allow remote attackers to execute arbitrary code in the context of the user running the application that uses DirectShow. Failed exploit attempts will result in a denial-of-service condition...
Microsoft Windows Kernel 'portcls.sys' CVE-2013-3907 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the audio port-class driver. A local attacker can exploit this issue to execute arbitrary code with elevated privileges and gain access to kernel memory. Technologies Affected Avaya Aura Conferenci...
Microsoft Windows CVE-2012-0181 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers or cause denial of servi...
Microsoft Windows Ancillary Function Driver CVE-2012-0149 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Technologies Affected Avaya Aura...
Apple QuickTime '_Marshaled_pUnk' Remote Code Execution Vulnerability
Description Apple QuickTime is prone to a remote code-execution vulnerability that affects the 'QTPlugin.ocx' ActiveX control because it fails to sufficiently validate user-supplied data. An attacker can exploit this issue by enticing an unsuspecting user to view a malicious webpage. Successful...
OpenSSL Vulnerabilities Sep 2019 – Apr 2020
Summary Symantec Web Security Group WSG products using affected versions of OpenSSL may be susceptible to multiple vulnerabilities. A local or remote attacker can obtain private key or other secret key information. A remote attacker can also cause denial of service. Affected Products The followin...
Microsoft Windows Search Indexer CVE-2020-0626 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for...
Apache Xerces-C CVE-2018-1311 Remote Code Execution Vulnerability
Description Apache Xerces-C is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application or cause denial-of-service conditions. Apache Xerces-C versions 3.0.0 through 3.2.2 are vulnerable. Technologies...
Symantec Messaging Gateway CVE-2019-18378 Cross Site Scripting Vulnerability
Description Symantec Messaging Gateway is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This...
Microsoft Internet Explorer VBScript Engine CVE-2019-1485 Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the current user. Failed exploit attempts may result in a denial of service condition. Internet explorer 9, 10 and 11 are...
Microsoft Git for Visual Studio CVE-2019-1352 Remote Code Execution Vulnerability
Description Microsoft Git for Visual Studio is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected...
Linux kernel CVE-2019-19447 Denial of Service Vulnerability
Description Linux kernel is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service conditions. Linux kernel 5.0.21 is vulnerable. Technologies Affected Linux kernel 5.0.21 Recommendations Permit local access for trusted individuals only. Where...
Apache cordova-plugin-inappbrowser CVE-2019-0219 Privilege Escalation Vulnerability
Description Apache cordova-plugin-inappbrowser is prone to a privilege-escalation vulnerability. Remote attackers can exploit this issue to gain elevated privileges or execute arbitrary code in the context of the affected application. Versions prior to Apache cordova-plugin-inappbrowser 3.1.0 are...
SAP NetWeaver AS Java CVE-2019-0391 Information Disclosure Vulnerability
Description SAP NetWeaver AS Java is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. SAP NetWeaver AS Java versions 7.10, 7.20, 7.30, 7.31, 7.4 and 7.5 are vulnerable. Technologies Affect...
Adobe Acrobat and Reader CVE-2019-8237 Security Bypass Vulnerability
Description Adobe Acrobat and Reader are prone to a security-bypass vulnerability. Successfully exploiting this issue will allow attackers to bypass security restrictions and perform unauthorized actions; this may aid in launching further attacks. Technologies Affected Adobe Acrobat 2017.008.3005...
Microsoft Edge and Internet Explorer CVE-2019-1357 Spoofing Vulnerability
Description Microsoft Edge and Internet Explorer are prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected...
SAP NetWeaver Process Integration CVE-2019-0367 Remote Authorization Bypass Vulnerability
Description SAP NetWeaver Process Integration is prone to an authorization-bypass vulnerability. Attackers can exploit this issue to gain unauthorized access and obtain sensitive information. This may aid in further attacks. SAP NetWeaver Process Integration versions 1.0 and 2.0 are vulnerable...
Cisco Security Manager CVE-2019-12630 Java Deserialization Command Execution Vulnerability
Description Cisco Security Manager is prone to a command-execution vulnerability. Attackers can exploit this issue to execute arbitrary commands within the context of the affected device. Failed exploit attempts may result in a denial-of-service condition. This issue is tracked by Cisco Bug ID...
Linux Kernel CVE-2019-18680 Denial of Service Vulnerability
Description Linux Kernel is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service conditions. Linux kernel versions 4.4.x prior to 4.4.195 are vulnerable. Technologies Affected Linux kernel 4.4.0-57 Linux kernel 4.4.1 Linux kernel 4.4.105 Linux...
Microsoft Windows Common Log File System CVE-2019-1214 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based...
Apache Commons Beanutils CVE-2019-10086 Remote Security Vulnerability
Description Apache Commons Beanutils is prone to a remote security vulnerability. An attacker can leverage this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. Apache Commons Beanutils 1.9.2, and 1.9.3 are vulnerable. Technologies Affected...
Microsoft Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability
Description Microsoft Azure DevOps Server and Team Foundation Server are prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Azure DevOps Server 2019 Microsoft...
Microsoft Open Enclave SDK CVE-2019-0876 Information Disclosure Vulnerability
Description Microsoft Open Enclave SDK is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Open Enclave SDK Recommendations Run all software as a nonprivileged user...
Microsoft Edge Chakra Scripting Engine CVE-2019-0640 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft Office CVE-2018-0950 Information Disclosure Vulnerability
Description Microsoft Office is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Office 2010 Service Pack 2 32-bit editions Microsoft Office 2010 Service Pack 2 64-bi...
Microsoft Windows CLFS CVE-2018-0844 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges. Failed exploit attempts may result in a denial of service condition; this can result in the attacker gaining complete contro...
Microsoft Windows SMB Server CVE-2018-0833 Denial of Service Vulnerability
Description Microsoft Windows is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Technologies Affected Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1...
Microsoft Windows SMB Server CVE-2017-11815 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 16...
Microsoft Edge CVE-2017-11794 Information Disclosure Vulnerability
Description Microsoft Edge is prone to an information disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Edge Recommendations Run all software as a nonprivileged user with minimal acce...
Microsoft Office SharePoint CVE-2017-11820 Cross Site Scripting Vulnerability
Description Microsoft Office SharePoint is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This...
Microsoft Windows CVE-2017-8590 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to run processes with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Syste...
Microsoft Edge CVE-2017-0236 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Faile...
Microsoft Windows Kernel 'Win32k.sys' CVE-2017-0058 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information, bypass certain security restrictions and perform unauthorized actions. Successful exploits may lead to other attacks. Technologies Affect...
Microsoft Internet Explorer and Edge CVE-2017-0037 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer and Edge are prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Internet Explorer 10 and 11 ar...
Microsoft Edge CVE-2016-7206 Information Disclosure Vulnerability
Description Microsoft Edge is prone to an information disclosure vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Successful exploits will allow attackers to run arbitrary code and obtain sensitive information that may aid in...