6867 matches found
Microsoft Internet Explorer and Edge CVE-2019-0940 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer and Edge are prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsof...
Microsoft Edge Chakra Scripting Engine CVE-2019-0925 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft Office CVE-2019-0801 Remote Code Execution Vulnerability
Description Microsoft Office is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...
Microsoft Windows DHCP Client CVE-2019-0726 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successfully exploiting this issue may result in the execution of arbitrary code in the context of the affected system. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affecte...
Microsoft Windows VBScript Engine CVE-2019-0772 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the current user. Failed exploit attempts may result in a denial of service condition. Technologies Affected Microsoft Windows 10 Version...
Microsoft Windows GDI+ Component CVE-2019-0618 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Successful exploitatio...
Microsoft Windows Human Interface Devices CVE-2019-0601 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 f...
Spring Framework CVE-2018-15756 Denial-Of-Service Vulnerability
...
Microsoft Windows XML Core Services MSXML parser CVE-2018-8420 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely cause a denial-of-service condition. Technologies Affected Microsoft Windows ...
Microsoft Exchange Server CVE-2018-0941 Information Disclosure Vulnerability
Description Microsoft Exchange Server is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Exchange Server 2016 Cumulative Update 7 Microsoft Exchange Server...
Microsoft Exchange Server CVE-2018-0940 Remote Privilege Escalation Vulnerability
Description Microsoft Exchange Server is prone to a remote privilege-escalation vulnerability. Attackers can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Exchange Server 2010 SP3 Update Rollup 20 Microsoft Exchange Server 2013 Cumulative Update 18 Microsoft...
SA157: OpenSSL Vulnerabilities 28-Aug-2017 and 2-Nov-2017
SUMMARY Symantec Network Protection products using affected versions of OpenSSL are susceptible to several vulnerabilities. A remote attacker can send a crafted X.509 certificate to cause unspecified impact. They can exploit, under certain circumstances, a computational flaw in the Montgomery...
Microsoft Windows Kernel CVE-2017-11851 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...
Microsoft Windows DHCP Server CVE-2017-8686 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the system account. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft Windows...
Symantec Messaging Gateway Multiple Vulnerabilities
SUMMARY Symantec has released an update to address three issues that were discovered in the Symantec Messaging Gateway SMG. AFFECTED PRODUCTS Symantec Messaging Gateway SMG --- CVE | Affected Versions | Remediation CVE-2017-6326 CVE-2017-6324 CVE-2017-6325 | Prior to 10.6.3 | Upgrade to 10.6.3 an...
Microsoft Outlook CVE-2017-8507 Memory Corruption Vulnerability
Description Microsoft Outlook is prone to a remote memory-corruption vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected...
Microsoft SharePoint CVE-2017-0255 Cross Site Scripting Vulnerability
Description Microsoft SharePoint is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...
Microsoft Windows CVE-2017-0191 Denial of Service Vulnerability
Description Microsoft Windows is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft...
Microsoft Office CVE-2017-0105 Information Disclosure Vulnerability
Description Microsoft Office is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Office 2010 32-bit edition SP2 Microsoft Office 2010 64-bit edition SP2 Microsoft...
Microsoft Office CVE-2017-0019 Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote memory-corruption vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected...
Microsoft Windows Kernel CVE-2017-0103 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R...
Microsoft Windows Input Method Editor CVE-2016-7221 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated system privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems...
Microsoft Windows Kernel CVE-2016-3371 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft...
Microsoft Windows Kernel 'Win32k.sys' CVE-2016-3309 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit...
Microsoft Windows Kernel 'Win32k.sys' CVE-2016-0167 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsof...
SA113 : January 2016 NTP Security Vulnerabilities
SUMMARY Blue Coat products using affected versions of the NTP software distribution from ntp.org are susceptible to multiple vulnerabilities. A remote attacker may exploit these vulnerabilities to set the victim's system time to an arbitrary value or cause it to become out of sync. The attacker c...
Microsoft Windows CVE-2015-6131 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Microsoft Window...
Microsoft Office CVE-2015-6094 Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in...
Microsoft VBScript and JScript CVE-2015-6052 ASLR Security Bypass Vulnerability
Description Microsoft VBScript and JScript are prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. Technologies Affected Microsoft Internet Explorer...
Microsoft Windows Mount Manager CVE-2015-1769 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges within the context of the affected system. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based...
Microsoft Windows OpenType Fonts CVE-2015-2458 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Microsoft Window...
Microsoft Windows Kernel 'Win32k.sys' CVE-2015-2382 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. An attacker can leverage this issue to disclose kernel memory and obtain sensitive information that may aid in further attacks. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5...
Adobe Flash Player ActionScript 3 ByteArray Use After Free Remote Memory Corruption Vulnerability
Description Adobe Flash Player is prone to a remote memory-corruption vulnerability because of a use-after-free error. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a...
Microsoft Internet Explorer CVE-2015-1661 ASLR Security Bypass Vulnerability
Description Microsoft Internet Explorer is prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. Internet Explorer 6, 7, 8, 9, 10, and 11 are...
Microsoft Windows CVE-2015-1643 Remote Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain admin privileges on a targeted system. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya CallPilot 5.0.1 Avaya CallPilot 5.1.0...
Microsoft Word CVE-2015-0064 Memory Corruption Vulnerability
Description Microsoft Word is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Office 2010 Service Pack 2...
Microsoft Internet Explorer CVE-2014-6366 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Internet Explorer CVE-2014-2810 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successfully exploiting this issue may allow attackers to execute arbitrary code in the context of the application. Failed exploit attempts will result in denial-of-service conditions. Internet Explorer ...
IBM Lotus Notes CVE-2013-2977 Integer Overflow Vulnerability
Description IBM Lotus Notes is prone to an integer-overflow vulnerability. Successful exploits may allow attackers to execute arbitrary code in the context of affected applications. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected IBM Lotus Notes 8...
Microsoft Windows 'Win32k.sys' CVE-2013-1283 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges and to read arbitrary amounts of kernel memory. Technologies Affected Avaya Aura Conferencing 6.0 SP1 Standard Avaya Aura Conferencing 6.0.0...
Microsoft Remote Desktop Protocol CVE-2012-2526 Remote Code Execution Vulnerability
Description Microsoft Remote Desktop Protocol is prone to a remote code-execution vulnerability. Successful exploits will allow the attacker to execute arbitrary code in the context of the affected process. This may facilitate a complete system compromise. Failed attacks may cause denial-of-servi...
Oracle Java SE and Java for Business CVE-2010-0094 Remote Java Runtime Environment Vulnerability
Description Oracle Java SE and Java for Business are prone to a remote vulnerability in Java Runtime Environment. The vulnerability can be exploited over multiple protocols. An attacker does not require privileges to exploit this vulnerability. This vulnerability affects the following supported...
Microsoft GDI+ WMF Image File Buffer Overflow Vulnerability
Description Microsoft GDI+ is prone to a buffer-overflow vulnerability because the vector graphics linked library improperly allocates memory when parsing WMF image files. Successfully exploiting this issue would allow an attacker to corrupt memory and execute arbitrary code in the context of the...
IBM Lotus Domino HTTP Redirect Buffer Overflow Vulnerability
...
Session Hijacking Vulnerability in ProxySG and ASG
Summary The ASG and ProxySG management consoles are susceptible to a session hijacking vulnerability. A remote attacker, with access to the appliance management interface, can hijack the session of a currently logged-in user and access the management console. Affected Products Advanced Secure...
Symantec Endpoint Protection Multiple Issues
Summary Symantec has released updates to address issues that were discovered in the Symantec Endpoint Protection SEP, Symantec Endpoint Protection Manager SEPM, and Symantec Endpoint Protection Small Business Edition SEP SBE products. At this time, Symantec is not aware of any exploitations or...
SAP Disclosure Management CVE-2020-6303 Input Validation Security Vulnerability
Description SAP Disclosure Management is prone to a security vulnerability because it fails to properly sanitize user-supplied input. An attacker may exploit this issue to obtain sensitive information, access or modify data within the context of the affected application; this may aid in further...
Microsoft Windows Common Log File System CVE-2020-0634 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Window...
OpenBSD CVE-2019-19726 Local Privilege Escalation Vulnerability
Description OpenBSD is prone to a local privilege escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. OpenBSD versions 6.1, 6.2, 6.5 and 6.6 are vulnerable. Other versions may also be affected. Technologies Affected OpenBSD Openbsd 6.1 OpenBSD Openbsd 6....
Linux Kernel CVE-2019-19533 Local Denial of Service Vulnerability
Description Linux Kernel is prone to a local denial-of-service vulnerability. Local attackers can exploit this issue to cause denial-of-service conditions. Linux Kernel versions prior to 5.3.4 are vulnerable. Technologies Affected Linux kernel 2.0.0 Linux kernel 2.0.1 Linux kernel 2.0.10 Linux...