6867 matches found
Linux Kernel CVE-2019-19533 Local Denial of Service Vulnerability
Description Linux Kernel is prone to a local denial-of-service vulnerability. Local attackers can exploit this issue to cause denial-of-service conditions. Linux Kernel versions prior to 5.3.4 are vulnerable. Technologies Affected Linux kernel 2.0.0 Linux kernel 2.0.1 Linux kernel 2.0.10 Linux...
Google Chrome Prior to 79.0.3945.117 Use After Free Vulnerability
Description Google Chrome is prone to a use-after-free vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the browser, or cause denial-of-service conditions. Versions prior to Chrome 79.0.3945.117 are vulnerable. Technologies Affected Google Chrome 0.1.38....
Microsoft Azure Stack CVE-2019-1234 Spoofing Vulnerability
Description Microsoft Azure Stack is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft Azure Stac...
Microsoft Internet Explorer VBScript Engine CVE-2019-1390 Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the current user. Failed exploit attempts may result in a denial of service condition. Internet explorer 9, 10, and 11 are...
libarchive CVE-2019-18408 Arbitrary Code Execution Vulnerability
Description libarchive is prone to an arbitrary code-execution vulnerability. Attackers may leverage this issue to execute arbitrary code on the affected system. Failed attacks will cause denial-of-service conditions. Technologies Affected Ubuntu Ubuntu Linux 14.04 ESM Ubuntu Ubuntu Linux 16.04 L...
Broadcom Brocade SANnav CVE-2019-16206 Information Disclosure Vulnerability
Description Broadcom Brocade SANnav is prone to an information disclosure vulnerability Successfully exploiting this issue may allow an attacker to obtain sensitive information that may aid in further attacks or cause a denial-of-service condition. Versions prior to Brocade SANnav 2.0 are...
Oracle Java SE/Java SE Embedded CVE-2019-2973 Remote Security Vulnerability
Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over Multiple protocols. This issue affects the 'JAXP' component. This vulnerability affects the following supported versions: Java SE: 7u231, 8u221, 11.0.4, 13; Java S...
Oracle Web Services CVE-2019-2907 Remote Security Vulnerability
Description Oracle Web Services is prone to a remote security vulnerability. The vulnerability can be exploited over the 'HTTP' protocol. The 'SOAP with Attachments API for Java' component is affected. This vulnerability affects the following supported versions: 12.2.1.3.0 Technologies Affected...
McAfee Endpoint Security CVE-2019-3652 Local Code Injection Vulnerability
Description McAfee Endpoint Security is prone to a vulnerability that lets attackers inject and execute arbitrary code. Successfully exploiting this issue may allow attackers to inject and execute arbitrary code. This may lead to other attacks. McAfee Endpoint Security ENS versions prior to 10.6....
Microsoft Windows CVE-2019-1339 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain the elevated privileges on the affected system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-bas...
Cisco FXOS and Firepower Threat Defense Software Multiple Local Command Injection Vulnerabilities
Description Cisco FXOS and Firepower Threat Defense Software are prone to multiple local command-injection vulnerabilities. An attacker may exploit these issues to inject and execute arbitrary commands on the underlying OS with root privileges. These issues are being tracked by Cisco Bug IDs...
Redhat Undertow CVE-2019-10212 Information Disclosure Vulnerability
Description Redhat Undertow is prone to an information-disclosure vulnerability. Successfully exploiting this issue may allow an attacker to obtain sensitive information that may aid in further attacks. Undertow versions 2.0.20 and prior are vulnerable. Technologies Affected Redhat JBoss Data Gri...
Microsoft SharePoint CVE-2019-1260 Remote Privilege Escalation Vulnerability
Description Microsoft SharePoint is prone to a remote privilege-escalation vulnerability. An attacker may exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Technologies Affected Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Foundati...
Microsoft Git for Visual Studio CVE-2019-1211 Local Privilege Escalation Vulnerability
Description Microsoft Git for Visual Studio is prone to a local privilege-escalation vulnerability. A local attacker can leverage this issue to gain elevated privileges. Technologies Affected Microsoft Visual Studio 2017 15.9 Microsoft Visual Studio 2017 Microsoft Visual Studio 2019 16.0 Microsof...
Microsoft Windows Remote Desktop Services CVE-2019-1222 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Windows 10 Version 1803 f...
Microsoft Windows GDI Component CVE-2019-1100 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems...
Microsoft Internet Explorer Scripting Engine CVE-2019-1056 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Internet...
Microsoft Azure DevOps Server and Team Foundation Server Cross Site Scripting Vulnerability
Description Microsoft Azure DevOps Server and Team Foundation Server are prone to an cross-site scripting vulnerability because they fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...
Microsoft Windows LUAFV Driver CVE-2019-0836 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges on the system. Failed exploit attempts may result in a denial of service condition. Technologies Affected Microsoft Windows 1...
Microsoft Internet Explorer Scripting Engine CVE-2019-0835 Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to an information disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Internet Explorer 10 Microsoft Internet Explorer 11 Recommendation...
Microsoft Windows CSRSS CVE-2019-0735 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges on the affected system. Failed exploit attempts may result in a denial of service condition. Technologies Affected Microsoft...
Microsoft Windows Graphics Component CVE-2019-0822 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code on a target system. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft Office 2016 for Mac...
Linux Kernel CVE-2019-19966 Denial of Service Vulnerability
Description Linux Kernel is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service conditions. Versions prior to Linux kernel 5.1.6 are vulnerable. Technologies Affected Linux kernel 2.6.0 Linux kernel 2.6.1 Linux kernel 2.6.11 .11 Linux kernel...
Microsoft Office Access Connectivity Engine CVE-2019-0672 Remote Code Execution Vulnerability
Description Microsoft Office Access Connectivity Engine is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Office 2010 Service Pack 2 32-bit editions Microsoft Office...
Microsoft Windows Data Sharing Service CVE-2019-0573 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attackers may exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windo...
Microsoft Windows COM CVE-2019-0552 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attackers may exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windo...
Microsoft Edge CVE-2019-0566 Remote Privilege Escalation Vulnerability
Description Microsoft Edge is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Edge Recommendations Block external access at the network boundary, unless external parties require service. Filter...
Microsoft Windows Data Sharing Service CVE-2019-0574 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attackers may exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windo...
Microsoft Windows Kernel 'Win32k.sys' CVE-2018-8639 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit...
Microsoft .NET Framework CVE-2018-8517 Remote Denial of Service Vulnerability
Description Microsoft .NET Framework is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause a denial of service condition. Technologies Affected Microsoft .NET Framework 3.5 Microsoft .NET Framework 3.5.1 Microsoft .NET Framework 4.5.2 Microsoft .NET...
Microsoft Windows Hyper-V CVE-2018-0965 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the host operating system. Failed exploit attempts will result in a denial of service condition. Technologies Affected Microsoft Hyper-V...
Microsoft Windows 'Win32k.sys' Graphics CVE-2018-8332 Remote Code Execution Vulnerability
Description Microsoft Windows kernel is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely cause a denial-of-service condition. Technologies Affected Microsoft...
Microsoft Windows PowerShell CVE-2018-8327 Remote Code Execution Vulnerability
Description Microsoft Windows PowerShell is prone to a remote code-execution vulnerability. Successfully exploiting this issue may result in the execution of arbitrary code in the context of the affected process. Failed exploit attempts will likely result in denial-of-service conditions...
Microsoft Skype for Business and Lync CVE-2018-8311 Remote Code Execution Vulnerability
Description Microsoft Skype for Business and Lync are prone to a remote code-execution vulnerability. Successfully exploiting this issue may result in the execution of arbitrary code in the context of the current user. Failed exploit attempts will likely result in denial-of-service conditions...
Spring Security and Spring Framework CVE-2018-1258 Authorization Bypass Vulnerability
...
Microsoft Office CVE-2018-0812 Memory Corruption Vulnerability
Description Microsoft Office is prone to a memory-corruption vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...
Symantec Messaging Gateway RCE and CSRF
SUMMARY Symantec has released an update to address two issues that were discovered in the Symantec Messaging Gateway SMG. AFFECTED PRODUCTS Symantec Messaging Gateway SMG --- CVE | Affected Versions | Remediation CVE-2017-6327 CVE-2017-6328 | Prior to 10.6.3-267 | Upgrade to 10.6.3-267 ISSUES...
Microsoft Windows Kernel 'Win32k.sys' CVE-2017-8593 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges. Failed exploit attempts may result in a denial of service condition; this can result in the attacker gaining complete contro...
Microsoft Office CVE-2017-8511 Remote Code Execution Vulnerability
Description Microsoft Office is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...
Microsoft SharePoint Server CVE-2017-8551 Remote Privilege Escalation Vulnerability
Description Microsoft SharePoint Server is prone to a remote privilege-escalation vulnerability because it fails to properly sanitize user-supplied input. An attackers may exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Technologies Affected Microso...
Microsoft Windows Kernel CVE-2017-0258 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. A local attacker can leverage this issue to disclose sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Versi...
Microsoft Windows SMB Server CVE-2017-0273 Remote Denial of Service Vulnerability
Description Microsoft Windows is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microso...
Microsoft Office CVE-2017-0197 DLL Loading Remote Code Execution Vulnerability
Description Microsoft Office is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...
Microsoft Windows PDF Library CVE-2017-0023 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsof...
SA135 : OpenSSL Vulnerabilities 10-Nov-2016
SUMMARY Blue Coat products using affected versions of OpenSSL are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to cause denial of service and obtain SSL/TLS session key information. AFFECTED PRODUCTS The following products are vulnerable: Director -...
Microsoft Windows Media Foundation CVE-2016-7217 Memory Corruption Vulnerability
Description Microsoft Windows is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Windows 10 Version 1607 for...
Microsoft Office CVE-2016-7234 Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote memory-corruption vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected...
Microsoft Windows Kernel CVE-2016-7216 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R...
Microsoft Windows CVE-2016-3369 Denial of Service Vulnerability
Description Microsoft Windows is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 version 1511...
Microsoft OneNote CVE-2016-3315 Information Disclosure Vulnerability
Description Microsoft OneNote is prone to an information-disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft OneNote 2007 SP3 Microsoft OneNote 2010 Service Pack 2 32-bit editions...