6867 matches found
Microsoft Windows Kernel CVE-2018-8224 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft...
Microsoft Office CVE-2018-8247 Privilege Escalation Vulnerability
Description Microsoft Office is prone to a privilege-escalation vulnerability. An attackers may exploit this issue to gain elevated privileges. Technologies Affected Microsoft Office Online Server 2016 Microsoft Office Web Apps Server 2013 SP1 Recommendations Run all software as a nonprivileged...
Microsoft Windows Desktop Bridge VFS CVE-2018-0877 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code within the context of the affected system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Versio...
Microsoft Windows GDI Component CVE-2018-0817 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code within the context of the kernel privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...
Microsoft Excel CVE-2017-11935 Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...
Microsoft SharePoint CVE-2017-11936 Privilege Escalation Vulnerability
Description Microsoft SharePoint is prone to a privilege-escalation vulnerability. An attackers may exploit this issue to gain elevated privileges. Technologies Affected Microsoft SharePoint Enterprise Server 2016 Recommendations Run all software as a nonprivileged user with minimal access rights...
OWASP AntiSamy CVE-2017-14735 Cross Site Scripting Vulnerability
Description OWASP AntiSamy is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the...
Microsoft Edge CVE-2017-8735 Spoofing Vulnerability
Description Microsoft Edge is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft Edge...
Microsoft Internet Explorer CVE-2017-0064 Security Bypass Vulnerability
Description Microsoft Internet Explorer is prone to a security-bypass vulnerability. An attacker can exploit this issue by tricking an unsuspecting victim into viewing a page containing malicious content. This could allow the attacker to bypass certain security restrictions. This may lead to othe...
Microsoft Office CVE-2017-0030 Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote memory-corruption vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected...
Microsoft Internet Explorer CVE-2017-0018 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-i...
Symantec Endpoint Protection Multiple Security Issues
SUMMARY Symantec Endpoint Protection SEP was susceptible to a number of security vulnerabilities potentially resulting in a user being able to leverage elevated privilege or access to unauthorized files on the management console. Additionally, a race condition in the device control of a SEP clien...
Microsoft Windows Kernel 'Win32k.sys' CVE-2016-0173 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsof...
Microsoft Office CVE-2016-0122 Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in deni...
Microsoft Windows Graphics Component CVE-2016-0145 Memory Corruption Vulnerability
Description Microsoft Windows is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft .NET Framework 3.0 SP2...
Microsoft Windows CVE-2016-0087 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with SYSTEM privileges. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft...
Microsoft Windows CVE-2016-0009 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Microsoft...
Microsoft VBScript and JScript CVE-2015-6055 Multiple Remote Memory Corruption Vulnerabilities
Description Microsoft VBScript and JScript are prone to multiple remote memory-corruption vulnerabilities. Attackers can exploit these issues by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit these issues to execute arbitrary code in the context of the...
Microsoft Internet Explorer CVE-2015-2483 Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to an information disclosure vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Successful exploits will allow attackers to obtain sensitive information that may aid in further...
Microsoft Windows OpenType Fonts CVE-2015-2506 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges and execute arbitrary code on affected system. Note: This issue was previously titled 'Microsoft Windows OpenType Fonts CVE-2015-2506 Denial of...
Microsoft Office CVE-2015-2521 Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in...
Microsoft VBScript CVE-2015-2372 Remote Code Execution Vulnerability
Description Microsoft VBScript is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Technologies...
Microsoft Windows Kernel 'Win32k.sys' CVE-2015-2365 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya CallPilot 5.0....
Microsoft Internet Explorer CVE-2015-1735 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Windows Kernel 'Win32k.sys' CVE-2015-1768 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges within the context of another user. Technologies Affected Microsoft Windows Server 2003 Itanium SP2 Microsoft Windows...
Microsoft Internet Explorer CVE-2015-1741 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Internet Explorer CVE-2015-1717 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Windows 'Win32k.sys' CVE-2015-0059 Remote Code Execution Vulnerability
Description Microsoft Windows kernel is prone to a remote code-execution vulnerability. An attacker can exploit this issue by tricking an unsuspecting victim into opening a specially malformed TrueType font. Successful exploits can allow attackers to execute arbitrary code with kernel-level...
Microsoft Internet Explorer CVE-2015-0070 Cross Domain Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability. An attacker can exploit this issue to view content from a browser window in another domain or security zone. This may allow the attacker to obtain sensitive information or aid in further...
Microsoft Windows Kernel 'mrxdav.sys' CVE-2015-0011 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to bypass impersonation security levels and gain elevated privileges on the affected system. Technologies Affected Avaya Aura Conferencing Standard Edition 6.0 Avaya...
Microsoft Excel CVE-2014-6360 Memory Corruption Vulnerability
Description Microsoft Excel is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Excel 2007 SP3 Microsoft...
Microsoft Internet Explorer CVE-2014-6337 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft .NET Framework CVE-2014-4122 ASLR Security Bypass Vulnerability
Description Microsoft .NET Framework is prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilo...
Microsoft Internet Explorer CVE-2014-4055 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successfully exploiting this issue may allow attackers to execute arbitrary code in the context of the application. Failed exploit attempts will result in denial-of-service conditions. Internet Explorer ...
Microsoft SQL Server Master Data Services CVE-2014-1820 Cross Site Scripting Vulnerability
Description Microsoft SQL Server is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. Technologie...
Microsoft Windows Kernel 'Win32k.sys' CVE-2014-0262 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code with escalated privileges. Technologies Affected Avaya Aura Conferencing 6.0 SP1 Standard Avaya Aura Conferenci...
Microsoft Windows 'Win32k.sys' CVE-2013-3903 Denial Of Serivce Vulnerability
Description Microsoft Windows is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause the system to stop responding, denying service to legitimate users. Technologies Affected Avaya Aura Conferencing 6.0 SP1 Standard Avaya Aura Conferencing 6.0 Standard Avaya Au...
Microsoft Windows DirectAccess CVE-2013-3876 Security Bypass Vulnerability
Description Microsoft Windows DirectAccess is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and impersonate a legitimate server to perform man-in-the-middle attacks. Successfully exploiting this issue allows attackers to obtai...
Microsoft Windows Common Control Library CVE-2013-3195 Remote Code Execution Vulnerability
Description Microsoft Windows Common Control Library 'Comctl32.dll' is prone to a remote code-execution vulnerability. Successful exploits will allow the attacker to execute arbitrary code in the context of the affected application, which can compromise the application, and possibly, the computer...
Microsoft Windows Kernel 'Win32k.sys' CVE-2013-3879 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of the affected...
Microsoft SharePoint CVE-2013-1330 Remote Code Execution Vulnerability
Description Microsoft SharePoint is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the guest account on the SharePoint server. Failed exploit attempts will result in a denial-of-service condition. Technologies...
Microsoft Windows Uniscribe Font Parsing CVE-2013-3181 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability when handling crafted font data. An attacker can exploit this issue by enticing an unsuspecting user to open a malicious file or webpage. A successful exploit may allow arbitrary code to run in the context of the...
Microsoft Windows OpenType Font (OTF) Driver CVE-2012-2556 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits will result in the execution of arbitrary code in the kernel-mode. Failed attempts will cause a denial-of-service condition. Technologies Affected Microsoft Windows 7 for 32-bit Systems Microsoft...
Microsoft Windows Kernel 'Win32k.sys' CVE-2012-2530 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free error. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...
Microsoft Windows CVE-2012-1893 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Technologies Affected...
Microsoft Windows CVE-2012-1890 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Technologies Affected...
Microsoft .NET Framework Input Serialization CVE-2012-0160 Remote Code Execution Vulnerability
Description Microsoft .NET Framework is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting victim to run a malicious .NET application or visit a site that hosts the malicious content as an Extensible Application Markup Language XAML...
Microsoft Word CVE-2012-0183 RTF Data Handling Remote Memory Corruption Vulnerability
Description Microsoft Word is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...
Microsoft GDI+ CVE-2012-0165 EMF Image Processing Remote Code Execution Vulnerability
Description Microsoft GDI+ is prone to a remote code-execution vulnerability that occurs when an application using the library tries to process a specially crafted Enhanced Metafile EMF image. An attacker can exploit this issue to execute arbitrary code with the privileges of the currently...
Microsoft Windows Kernel CVE-2011-1971 Remote Denial of Service Vulnerability
Description Microsoft Windows is prone to a remote denial-of-service vulnerability. A remote attacker can exploit this issue to crash the Windows kernel, denying service to legitimate users. Technologies Affected Avaya Aura Conferencing 6.0 Standard Microsoft Windows 7 for 32-bit Systems Microsof...