6867 matches found
Microsoft Edge Chakra Scripting Engine CVE-2019-1308 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft Windows DHCP Client CVE-2019-0736 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successfully exploiting this issue may result in the execution of arbitrary code in the context of the affected system. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affecte...
Microsoft Windows JET Database Engine CVE-2019-1155 Remote Code Execution Vulnerability
Description Microsoft Windows JET Database Engine is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Office 2010 32-bit edition SP2 Microsoft Office 2010 64-bit editi...
Microsoft Windows 'DirectWrite' API CVE-2019-1097 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 16...
Microsoft Windows Hyper-V CVE-2019-0966 Denial of Service Vulnerability
Description Microsoft Windows is prone to a denial of service vulnerability. An attacker can exploit this issue to crash the host machine, resulting in a denial of service condition. Technologies Affected Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1803 fo...
Microsoft Internet Explorer and Edge Scripting Engine Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer and Edge are prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsof...
Microsoft Windows LUAFV Driver CVE-2019-0731 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges on the system. Failed exploit attempts may result in a denial of service condition. Technologies Affected Microsoft Windows 1...
Microsoft Windows GDI+ Component CVE-2019-0853 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Technologies Affected...
Microsoft Windows Common Control Library CVE-2019-0765 Remote Code Execution Vulnerability
Description Microsoft Windows Common Control Library 'Comctl32.dll' is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service...
Microsoft Edge Chakra Scripting Engine CVE-2019-0644 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft Windows JET Database Engine CVE-2019-0581 Remote Code Execution Vulnerability
Description Microsoft Windows JET Database Engine is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...
Microsoft Windows Kernel 'Win32k.sys' CVE-2018-8641 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit...
Microsoft Windows DNS Server CVE-2018-8626 Heap Buffer Overflow Vulnerability
Description Microsoft Windows is prone to a heap-based buffer-overflow vulnerability. Successfully exploiting this issue may allow attackers to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. Technologies...
Microsoft Windows Kernel CVE-2018-8455 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based...
Microsoft Windows DirectX Graphics Kernel CVE-2018-8401 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to run processes with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Syste...
Apache Axis CVE-2018-8032 Cross-Site Scripting Vulnerability
Description Apache Axis is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the...
Microsoft Access CVE-2018-8312 Remote Code Execution Vulnerability
Description Microsoft Access is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Failed exploit attempts may result in a denial of service condition; this can result in the attacker gaining complete...
SA160: Return of the Bleichenbacher Oracle Threat (ROBOT)
SUMMARY Symantec Network Protection products using affected SSL/TLS server implementations and RSA key exchange are susceptible to a variation of the Bleichenbacher adaptive chosen ciphertext attack. A remote attacker, who has captured a pre-recorded encrypted SSL session to the target, can...
Microsoft Excel CVE-2018-1029 Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...
Microsoft Windows Device Guard CVE-2018-0827 Local Security Bypass Vulnerability
Description Microsoft Windows is prone to a local security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks. Technologies Affected Microsoft Windows 10 version 1703 for 32-bit Systems...
SA155: Multiple ASG and ProxySG Vulnerabilities
SUMMARY The Symantec ASG and ProxySG management consoles are susceptible to multiple vulnerabilities. A remote attacker can, under certain circumstances, obtain sensitive authentication credential information, redirect target users to malicious sites, and inject arbitrary JavaScript code into the...
Microsoft SharePoint Server CVE-2018-0790 Remote Privilege Escalation Vulnerability
Description Microsoft SharePoint Server is prone to a remote privilege-escalation vulnerability because it fails to properly sanitize user-supplied input. An attackers may exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Technologies Affected Microso...
Microsoft Office Outlook CVE-2017-11939 Information Disclosure Vulnerability
Description Microsoft Office Outlook is prone to an information-disclosure vulnerability. An attacker can leverage this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Outlook 2016 Click-to-Run C2R for 32-bit edition Microsoft Outlook 2016...
Microsoft Exchange Server CVE-2017-11932 Spoofing Vulnerability
Description Microsoft Exchange Server is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. The following versions are affected:...
Microsoft Internet Explorer CVE-2017-11887 Information Disclosure Vulnerability
Description Microsoft Internet Explorer are prone to an information-disclosure vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Successful exploits will allow attackers to obtain sensitive information that may aid in further...
Microsoft Excel CVE-2017-11878 Memory Corruption Vulnerability
Description Microsoft Excel is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Excel 2007 SP3 Microsoft...
Microsoft Windows Search CVE-2017-11772 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 16...
Microsoft Edge Scripting Engine CVE-2017-11799 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft Office CVE-2017-8567 Remote Code Execution Vulnerability
Description Microsoft Office is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...
Microsoft Edge CVE-2017-8599 Security Bypass Vulnerability
Description Microsoft Edge is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. Technologies Affected Microsoft Edge Recommendations Block external acces...
Microsoft Edge CVE-2017-8601 Scripting Engine Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Edge Recommendations...
Microsoft Edge CVE-2017-8520 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Edge Recommendations...
Microsoft Windows Kernel CVE-2017-0297 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for...
Microsoft Windows Kernel 'Win32k.sys' CVE-2017-8475 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. A local attacker can leverage this issue to disclose sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Versi...
Microsoft Edge CVE-2017-0221 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Faile...
Microsoft Outlook for Mac CVE-2017-0207 Spoofing Vulnerability
Description Microsoft Outlook for Mac is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft Outloo...
Microsoft Windows Uniscribe CVE-2017-0128 Information Disclosure Vulnerability
Description Microsoft Windows Uniscribe is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-bas...
Microsoft Windows Uniscribe CVE-2017-0114 Information Disclosure Vulnerability
Description Microsoft Windows Uniscribe is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-bas...
Microsoft Edge CVE-2017-0069 Spoofing Vulnerability
Description Microsoft Edge is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft Edge...
Microsoft Office CVE-2017-0029 Denial of Service Vulnerability
Description Microsoft Office is prone to a remote denial of service vulnerability. Attackers can exploit this issue to cause the affected application to stop responding, denying service to legitimate users. Technologies Affected Microsoft Office 2010 Service Pack 2 32-bit editions Microsoft Offic...
Microsoft Windows Animation Manager CVE-2016-7205 Memory Corruption Vulnerability
Description Microsoft Windows is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Windows 10 Version 1607 for...
Microsoft Windows Graphics Component CVE-2016-3263 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Live Meeting 2007 Console Microsoft Lync 2010 32-bit Microsoft Lync 2010...
Microsoft Windows Kernel CVE-2016-3305 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft...
Microsoft Office CVE-2016-0141 Information Disclosure Vulnerability
Description Microsoft Application Virtualization is prone to an information-disclosure vulnerability. An attacker can leverage this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Office 2007 SP3 Microsoft Office 2010 Service Pack 2 32-bit...
Microsoft Office CVE-2016-3362 Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in deni...
Microsoft Windows Netlogon CVE-2016-3300 Remote Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges within the context of the affected system. Technologies Affected Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Syste...
Microsoft Windows Netlogon CVE-2016-3228 Memory Corruption Vulnerability
Description Microsoft Windows is prone to a memory-corruption vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...
Symantec Embedded Security: Critical System Protection and Symantec Data Center Security: Server Adv
SUMMARY Symantec Embedded Security: Critical System Protection SES:CSP and Data Center Security: Server Advanced SDCS:SA were susceptible to security issues in the management server and deployed agents which could enable unauthorized elevated access, bypassing security protection on agents,...
Microsoft Windows Hyper-V CVE-2016-0089 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 for x64-based Systems Microsoft Windows 8.1 for x64-based Syste...
Microsoft Windows USB Mass Storage CVE-2016-0133 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Technologies Affected Microsoft...