6867 matches found
Microsoft Exchange Server CVE-2018-0940 Remote Privilege Escalation Vulnerability
Description Microsoft Exchange Server is prone to a remote privilege-escalation vulnerability. Attackers can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Exchange Server 2010 SP3 Update Rollup 20 Microsoft Exchange Server 2013 Cumulative Update 18 Microsoft...
Microsoft Windows Kernel CVE-2017-11851 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...
Microsoft Windows DHCP Server CVE-2017-8686 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the system account. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft Windows...
Symantec Messaging Gateway RCE and CSRF
SUMMARY Symantec has released an update to address two issues that were discovered in the Symantec Messaging Gateway SMG. AFFECTED PRODUCTS Symantec Messaging Gateway SMG --- CVE | Affected Versions | Remediation CVE-2017-6327 CVE-2017-6328 | Prior to 10.6.3-267 | Upgrade to 10.6.3-267 ISSUES...
Microsoft Windows CVE-2017-0191 Denial of Service Vulnerability
Description Microsoft Windows is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft...
Microsoft Windows Kernel CVE-2017-0103 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R...
Microsoft Windows PDF Library CVE-2017-0023 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsof...
SA135 : OpenSSL Vulnerabilities 10-Nov-2016
SUMMARY Blue Coat products using affected versions of OpenSSL are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to cause denial of service and obtain SSL/TLS session key information. AFFECTED PRODUCTS The following products are vulnerable: Director -...
Microsoft Windows Kernel CVE-2016-3371 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft...
SA130 : Security Control Bypass Vulnerability in ProxySG, ASG, and CacheFlow
SUMMARY Some HTTP and HTTPS requests may trigger reverse DNS RDNS lookups in ProxySG, ASG, and CacheFlow. When these products are configured with policy rules that use hostnames from RDNS lookup results, such requests may bypass security controls such as blocking a request, requiring user...
SA124 : NSS Vulnerabilities March 2016
SUMMARY Blue Coat products that include affected versions of NSS are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to cause denial of service through application crashes, or to possibly execute arbitrary code. AFFECTED PRODUCTS The following products...
Microsoft Office CVE-2015-6094 Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in...
Microsoft VBScript and JScript CVE-2015-6052 ASLR Security Bypass Vulnerability
Description Microsoft VBScript and JScript are prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. Technologies Affected Microsoft Internet Explorer...
Microsoft Windows Adobe Font Driver CVE-2015-2507 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Avaya Meeting Exchange - Client Registration Server 6.0 Avaya Meeting Exchange - Client...
Microsoft Windows Mount Manager CVE-2015-1769 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges within the context of the affected system. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based...
Microsoft Windows OpenType Fonts CVE-2015-2458 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Microsoft Window...
Microsoft Windows Server Message Block CVE-2015-2474 Memory Corruption Vulnerability
Description Microsoft Windows is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Windows Server 2008 for 32-bit Systems...
SA95 : VENOM Vulnerability in Virtualization Platforms
SUMMARY The VENOM vulnerability allows a local guest user in affected virtualized platforms to escape from the virtual environment and execute code on the host. An attacker can use this vulnerability to gain complete access to the host and to the host's local network and adjacent systems. AFFECTE...
Microsoft Windows CVE-2015-1643 Remote Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain admin privileges on a targeted system. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya CallPilot 5.0.1 Avaya CallPilot 5.1.0...
Microsoft Internet Explorer CVE-2015-1661 ASLR Security Bypass Vulnerability
Description Microsoft Internet Explorer is prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. Internet Explorer 6, 7, 8, 9, 10, and 11 are...
Microsoft Word CVE-2015-0064 Memory Corruption Vulnerability
Description Microsoft Word is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Office 2010 Service Pack 2...
Symantec Data Center Security: Server Advanced, Multiple Security Issues on Management Server and Pr
SUMMARY The management server for Symantec Critical System Protection SCSP 5.2.9 and Data Center Security: Server Advanced SDCS:SA 6.0.x is susceptible to security issues which could enable privileged access to the management server. Rules in the prevention policies could be bypassed if deployed ...
Microsoft Internet Explorer CVE-2014-2810 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successfully exploiting this issue may allow attackers to execute arbitrary code in the context of the application. Failed exploit attempts will result in denial-of-service conditions. Internet Explorer ...
Microsoft DirectX DirectPlay CVE-2012-1537 Heap Overflow Remote Code Execution Vulnerability
Description Microsoft DirectX is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted office documents. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user runnin...
Microsoft Data Access Components CVE-2012-1891 Buffer Overflow Vulnerability
Description Microsoft Data Access Components MDAC are prone to a heap-based buffer-overflow vulnerability because they fail to properly bounds-check user-supplied data. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed...
Microsoft Excel Malformed Object CVE-2011-1986 Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers could exploit this issue by enticing victims to open a maliciously crafted Excel file. Successful exploits will allow attackers to execute arbitrary code with the privileges of the user running the applicatio...
Oracle Java SE and Java for Business CVE-2010-0094 Remote Java Runtime Environment Vulnerability
Description Oracle Java SE and Java for Business are prone to a remote vulnerability in Java Runtime Environment. The vulnerability can be exploited over multiple protocols. An attacker does not require privileges to exploit this vulnerability. This vulnerability affects the following supported...
IBM Lotus Domino HTTP Redirect Buffer Overflow Vulnerability
...
Microsoft Windows Common Log File System CVE-2020-0634 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Window...
Broadcom CA Client Automation CVE-2019-19231 Local Privilege Escalation Vulnerability
Description Broadcom CA Client Automation is prone to a local privilege-escalation vulnerability. Local attackers may exploit this issue to execute arbitrary command with elevated privileges on the affected system. Broadcom CA Client Automation versions 14.0, 14.1, 14.2, 14.3 are vulnerable...
Linux Kernel CVE-2019-19769 Local Denial of Service Vulnerability
Description Linux Kernel is prone to a local denial-of-service vulnerability. Attackers can exploit this issue to crash the affected application, denying service to legitimate users. Linux Kernel versions 5.3.10 is vulnerable; other versions may also be affected. Technologies Affected Linux kerne...
Linux Kernel CVE-2019-19533 Local Denial of Service Vulnerability
Description Linux Kernel is prone to a local denial-of-service vulnerability. Local attackers can exploit this issue to cause denial-of-service conditions. Linux Kernel versions prior to 5.3.4 are vulnerable. Technologies Affected Linux kernel 2.0.0 Linux kernel 2.0.1 Linux kernel 2.0.10 Linux...
Linux kernel CVE-2019-19448 Use After Free Denial of Service Vulnerability
Description Linux kernel is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service conditions. Linux kernel versions 5.0.21 and 5.3.11 are vulnerable. Technologies Affected Linux kernel 5.0.21 Linux kernel 5.3.11 Recommendations Permit local acce...
Pivotal RabbitMQ CVE-2019-11287 Remote Denial of Service Vulnerability
Description Pivotal RabbitMQ is prone to a remote denial-of-service vulnerability because it fails to sufficiently bounds check user supplied data. Attackers can exploit this issue to crash the affected application, denying service to legitimate users. Technologies Affected Pivotal RabbitMQ for P...
Linux Kernel CVE-2019-14898 Incomplete Fix Local Race Condition Vulnerability
Description The Linux Kernel is prone to a local race-condition vulnerability. An attacker can exploit this issue to obtain sensitive information and cause a denial-of-service condition. This may lead to other attacks. Technologies Affected Linux kernel 2.6.38 Linux kernel 2.6.38.2 Linux kernel...
Symantec Norton App Lock CVE-2019-18373 Local Security Bypass Vulnerability
Description Symantec Norton App Lock for Android is prone to a local security-bypass vulnerability. Local attackers can exploit this issue to bypass certain security restrictions to perform unauthorized actions. This may aid in further attacks. Norton App Lock versions prior to 1.4.0.503 are...
Intel WIFI Drivers and PROSet/Wireless WiFi Software Multiple Memory Corruption Vulnerabilities
Description Intel WIFI Drivers and PROSet/Wireless WiFi Software are prone to multiple memory-corruption vulnerabilities. A local attacker can leverage these issues to gain elevated privileges, gain sensitive information and cause denial-of-service conditions. Intel WIFI Drivers and PROSet/Wirele...
McAfee Endpoint Security CVE-2019-3652 Local Code Injection Vulnerability
Description McAfee Endpoint Security is prone to a vulnerability that lets attackers inject and execute arbitrary code. Successfully exploiting this issue may allow attackers to inject and execute arbitrary code. This may lead to other attacks. McAfee Endpoint Security ENS versions prior to 10.6....
Juniper Junos CVE-2019-0058 Local Privilege Escalation Vulnerability
Description Juniper Junos is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. Juniper Junos 12.3X48 versions prior to 12.3X48-D80 are vulnerable Technologies Affected Juniper Junos 12.3X48 Juniper Junos 12.3X48-D10 Juniper...
Cisco FXOS and Firepower Threat Defense Software Multiple Local Command Injection Vulnerabilities
Description Cisco FXOS and Firepower Threat Defense Software are prone to multiple local command-injection vulnerabilities. An attacker may exploit these issues to inject and execute arbitrary commands on the underlying OS with root privileges. These issues are being tracked by Cisco Bug IDs...
Microsoft SharePoint CVE-2019-1260 Remote Privilege Escalation Vulnerability
Description Microsoft SharePoint is prone to a remote privilege-escalation vulnerability. An attacker may exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Technologies Affected Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Foundati...
Microsoft Windows Network Connectivity Assistant CVE-2019-1287 Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain the elevated privileges on the system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based System...
Microsoft Windows GDI Component CVE-2019-1100 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems...
Microsoft Internet Explorer Scripting Engine CVE-2019-1056 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Internet...
Microsoft Windows Kernel CVE-2019-1067 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based...
Microsoft Edge Chakra Scripting Engine CVE-2019-0922 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft Windows Admin Center CVE-2019-0813 Privilege Escalation Vulnerability
Description Microsoft Windows Admin Center is prone to a privilege-escalation vulnerability. Attackers can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows Admin Center Recommendations Block external access at the network boundary, unless external parties...
Microsoft Windows Hyper-V CVE-2019-0701 Remote Denial of Service Vulnerability
Description Microsoft Windows is prone to a remote denial of service vulnerability. An attacker can exploit this issue to crash the host machine, resulting in a denial of service condition. Technologies Affected Microsoft Hyper-V Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft...
Microsoft Internet Explorer CVE-2019-0761 Security Bypass Vulnerability
Description Microsoft Windows is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. Technologies Affected Microsoft Internet Explorer 10 Microsoft Interne...
Microsoft Windows Data Sharing Service CVE-2019-0573 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attackers may exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windo...