6867 matches found
Symantec Messaging Gateway CVE-2019-18378 Cross Site Scripting Vulnerability
Description Symantec Messaging Gateway is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This...
Linux kernel CVE-2019-19447 Denial of Service Vulnerability
Description Linux kernel is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service conditions. Linux kernel 5.0.21 is vulnerable. Technologies Affected Linux kernel 5.0.21 Recommendations Permit local access for trusted individuals only. Where...
Apache cordova-plugin-inappbrowser CVE-2019-0219 Privilege Escalation Vulnerability
Description Apache cordova-plugin-inappbrowser is prone to a privilege-escalation vulnerability. Remote attackers can exploit this issue to gain elevated privileges or execute arbitrary code in the context of the affected application. Versions prior to Apache cordova-plugin-inappbrowser 3.1.0 are...
Multiple F5 BIG-IP Products CVE-2019-6671 Memory Leak Denial of Service Vulnerability
Description Multiple F5 BIG-IP Products are prone to a denial-of-service vulnerability. Attackers can exploit this issue to cause a denial of service condition. Technologies Affected F5 BIG-IP AAM 13.1.0 F5 BIG-IP AAM 13.1.3 F5 BIG-IP AAM 14.0.0 F5 BIG-IP AAM 14.0.1 F5 BIG-IP AAM 14.1.0 F5 BIG-IP...
Fortinet FortiGate CVE-2019-6697 HTML Injection Vulnerability
Description Fortinet FortiGate is prone to an HTML injection vulnerability because it fails to sanitize user-supplied input. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based...
Microsoft Windows Defender CVE-2019-1161 Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges on the system. Technologies Affected Microsoft Forefront Endpoint Protection 2010 Microsoft Security Essentials Microsoft System Center 2012 Endpoint...
Microsoft Windows CVE-2019-1074 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges on the system or gain unauthorized access. Failed exploit attempts may result in a denial of service condition. Technologies Affected Microsoft...
Microsoft Windows 'DirectWrite' API CVE-2019-1123 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsof...
Microsoft Windows JET Database Engine CVE-2019-0899 Remote Code Execution Vulnerability
Description Microsoft Windows JET Database Engine is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...
Microsoft Windows Kernel 'Win32k.sys' CVE-2019-0656 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for x64-based...
Symantec Ghost Solution Suite DLL Hijack
SUMMARY Symantec has released an update to address an issue that was discovered in the Ghost Solution Suite GSS product. AFFECTED PRODUCTS Ghost Solution Suite GSS --- CVE | Affected Versions | Remediation CVE-2018-18364 | Prior to 3.3 RU1 | Upgrade to 3.3 RU1 ISSUES CVE-2018-18364 ---...
Microsoft Windows JET Database Engine CVE-2019-0576 Remote Code Execution Vulnerability
Description Microsoft Windows JET Database Engine is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...
Microsoft Jet Database Engine CVE-2018-8393 Buffer Overflow Vulnerability
Description Microsoft Jet Database Engine is prone to a buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. An attacker can exploit this issue to execute arbitrary code in the context of an affect...
Microsoft Macro Assembler CVE-2018-8232 Security Bypass Vulnerability
Description Microsoft Macro Assembler is prone to a security bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions; this may aid in launching further attacks. Technologies Affected Microsoft Visual Studio 2017 15.7.5 Microsoft Visual Studio 2017 15.8...
Microsoft SharePoint Server CVE-2018-8149 Remote Privilege Escalation Vulnerability
Description Microsoft SharePoint Server is prone to a remote privilege-escalation vulnerability because it fails to properly sanitize user-supplied input. An attacker may exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Technologies Affected Microsof...
Microsoft Windows GDI Component CVE-2018-0815 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code within the context of the kernel privileges. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based...
Microsoft Windows SMB Server CVE-2018-0833 Denial of Service Vulnerability
Description Microsoft Windows is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Technologies Affected Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1...
Microsoft Windows Shell CVE-2017-11819 Remote Code Execution Vulnerability
Description Microsoft Windows Shell is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the current user. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Windows 7 for 32-bit System...
Microsoft Windows SMB Server CVE-2017-11815 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 16...
Microsoft Edge CVE-2017-11794 Information Disclosure Vulnerability
Description Microsoft Edge is prone to an information disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Edge Recommendations Run all software as a nonprivileged user with minimal acce...
Microsoft Office SharePoint CVE-2017-11820 Cross Site Scripting Vulnerability
Description Microsoft Office SharePoint is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This...
Microsoft Windows CVE-2017-8590 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to run processes with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Syste...
Microsoft Edge CVE-2017-0236 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Faile...
Microsoft Office CVE-2017-0052 Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote memory-corruption vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected...
Microsoft Windows DirectShow CVE-2017-0042 Information Disclosure Vulnerability
Description Microsoft Windows DirectShow is prone to an information-disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...
Microsoft Internet Explorer and Edge CVE-2017-0037 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer and Edge are prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Internet Explorer 10 and 11 ar...
Microsoft Office CVE-2016-7266 Remote Code Execution Vulnerability
Description Microsoft Office is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft Exc...
Microsoft Windows Graphics Component CVE-2016-3393 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits may allow an attacker to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Windows 10...
SA129 : Multiple libxml2 Vulnerabilities
SUMMARY Blue Coat products that include a vulnerable version of the libxml2 library are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to execute arbitrary code and cause denial of service through memory corruption. AFFECTED PRODUCTS The following...
Microsoft Windows Kernel 'Win32k.sys' CVE-2016-0174 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsof...
Microsoft Windows PGM Protocol CVE-2015-6126 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges on a targeted system. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Window...
Microsoft Windows Kernel 'Win32k.sys' CVE-2015-2433 Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information, bypass certain security restrictions and perform unauthorized actions. Successful exploits may lead to other attacks. Technologies Affect...
Microsoft Windows Kernel 'Win32k.sys' CVE-2015-2381 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. An attacker can leverage this issue to disclose kernel memory and obtain sensitive information that may aid in further attacks. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5...
Microsoft VBScript and JScript CVE-2015-1686 ASLR Security Bypass Vulnerability
Description Microsoft VBScript and JScript are prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. Technologies Affected Avaya CallPilot 4.0 Avaya...
Microsoft Internet Explorer CVE-2014-6368 ASLR Security Bypass Vulnerability
Description Microsoft Internet Explorer is prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. Internet Explorer 11 is vulnerable. Technologies...
Microsoft Internet Explorer CVE-2014-2823 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successfully exploiting this issue may allow attackers to execute arbitrary code in the context of the application. Failed exploit attempts will result in denial-of-service conditions. Internet Explorer ...
Microsoft Windows Kernel 'Win32k.sys' CVE-2014-0300 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges and gain access to kernel memory. Technologies Affected Avaya Aura Conferencing 6.0 SP1 Standard Avaya Aura Conferencing...
Microsoft DirectShow CVE-2014-0301 Remote Code Execution Vulnerability
Description Microsoft DirectShow is prone to a remote code-execution vulnerability. Successful exploits allow remote attackers to execute arbitrary code in the context of the user running the application that uses DirectShow. Failed exploit attempts will result in a denial-of-service condition...
Microsoft Windows Kernel 'portcls.sys' CVE-2013-3907 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the audio port-class driver. A local attacker can exploit this issue to execute arbitrary code with elevated privileges and gain access to kernel memory. Technologies Affected Avaya Aura Conferenci...
Microsoft Windows CVE-2012-0181 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers or cause denial of servi...
Microsoft Windows Ancillary Function Driver CVE-2012-0149 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Technologies Affected Avaya Aura...
Microsoft Windows TCP/IP ICMP CVE-2011-1871 Remote Denial Of Service Vulnerability
Description Microsoft Windows is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to restart the affected system, therefore denying service to legitimate users. Technologies Affected Avaya Conferencing Standard Edition 6.0 Avaya Conferencing Standard Edition 6...
OpenSSL Vulnerabilities Sep 2019 – Apr 2020
Summary Symantec Web Security Group WSG products using affected versions of OpenSSL may be susceptible to multiple vulnerabilities. A local or remote attacker can obtain private key or other secret key information. A remote attacker can also cause denial of service. Affected Products The followin...
Microsoft Windows Search Indexer CVE-2020-0626 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for...
Oracle Siebel CRM CVE-2020-2559 Remote Security Vulnerability
Description Oracle Siebel CRM is prone to a remote security vulnerability. This vulnerability affects the 'UIF Open UI' component and can be exploited over the 'HTTP' protocol. This vulnerability affects the following supported versions: 19.7 and prior Technologies Affected Oracle Siebel UI...
Microsoft Internet Explorer VBScript Engine CVE-2019-1485 Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the current user. Failed exploit attempts may result in a denial of service condition. Internet explorer 9, 10 and 11 are...
Microsoft Git for Visual Studio CVE-2019-1352 Remote Code Execution Vulnerability
Description Microsoft Git for Visual Studio is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected...
SAP NetWeaver AS Java CVE-2019-0391 Information Disclosure Vulnerability
Description SAP NetWeaver AS Java is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. SAP NetWeaver AS Java versions 7.10, 7.20, 7.30, 7.31, 7.4 and 7.5 are vulnerable. Technologies Affect...
Joomla! Core CVE-2019-18674 Information Disclosure Vulnerability
Description Joomla! Core is prone to a remote information-disclosure vulnerability. Attackers can exploit this issue to gain access to sensitive information that may aid in further attacks. Joomla! Core versions 3.6.0 through 3.9.12 are vulnerable. Technologies Affected Joomla Joomla! 3.2 Joomla...
Adobe Acrobat and Reader CVE-2019-8237 Security Bypass Vulnerability
Description Adobe Acrobat and Reader are prone to a security-bypass vulnerability. Successfully exploiting this issue will allow attackers to bypass security restrictions and perform unauthorized actions; this may aid in launching further attacks. Technologies Affected Adobe Acrobat 2017.008.3005...