6867 matches found
Microsoft Windows Kernel CVE-2011-1971 Remote Denial of Service Vulnerability
Description Microsoft Windows is prone to a remote denial-of-service vulnerability. A remote attacker can exploit this issue to crash the Windows kernel, denying service to legitimate users. Technologies Affected Avaya Aura Conferencing 6.0 Standard Microsoft Windows 7 for 32-bit Systems Microsof...
Microsoft Remote Desktop Web Access CVE-2011-1263 Cross Site Scripting Vulnerability
Description Microsoft Remote Desktop Web Access is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected...
Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1237) Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free condition. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...
Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-0672) Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free condition. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...
Microsoft Windows CSRSS (CVE-2011-0030) Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to retain certain processes that may aid in attacks against subsequent users. Successfully exploiting this issue may aid in the complete compromise of affected computers...
Microsoft Office PICT Image Converter (CVE-2010-3946) Integer Overflow Vulnerability
Description Microsoft Office is prone to a remote integer-overflow vulnerability because the software fails to perform adequate boundary-checks on user-supplied data. An attacker can exploit this issue by enticing an unsuspecting user into opening an Office document that contains a specially...
Microsoft Internet Explorer Cross Domain CVE-2010-3330 Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability because the application fails to properly enforce the same-origin policy. An attacker can exploit this issue to access content from a browser window in another domain or security zone. This may...
Oracle Java SE and Java for Business CVE-2010-3552 Remote New Java Plug-in Vulnerability
Description Oracle Java SE and Java for Business are prone to a remote vulnerability in the Java plug-in for Internet Explorer. An attacker can exploit this vulnerability by using a malicious webpage. Due to a buffer overflow, it is possible for an attacker to execute arbitrary code in the contex...
Microsoft Excel Out-of-Bounds Memory Write (CVE-2010-3241) Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Windows RPC Mutual Authentication Service Spoofing Vulnerability
Description Microsoft Windows is susceptible to a vulnerability in the RPC component, specifically when using the mutual authentication mechanism with the SSL Secure Socket Layer protocol. This issue is due to a flaw in the mutual authentication mechanism that can occur when it attempts to valida...
Oracle Java SE/Java SE Embedded CVE-2020-2583 Remote Security Vulnerability
Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over multiple protocols. This issue affects the 'Serialization' component. This vulnerability affects the following supported versions: Java SE: 7u241, 8u231, 11.0.5,...
Oracle Java SE/Java SE Embedded CVE-2020-2601 Remote Security Vulnerability
Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over 'Kerberos' protocol. This issue affects the 'Security' component. This vulnerability affects the following supported versions: Java SE: 7u241, 8u231, 11.0.5, 13.0....
Open-Xchange AppSuite Multiple Security Vulnerabilities
Description Open-Xchange AppSuite is prone to multiple security vulnerabilities. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected application. This may let the attacker steal cookie-based authentication...
Linux kernel CVE-2019-19927 Denial of Service Vulnerability
Description Linux kernel is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service conditions. Linux kernel 5.0.0-rc7 is vulnerable; other versions may also be affected. Technologies Affected Linux kernel 5.0.0-rc7 Recommendations Permit local...
D-Link DIR-859 Routers CVE-2019-20213 Information Disclosure Vulnerability
Description D-Link DIR-859 routers are prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information and perform unauthorized actions. Versions prior to D-Link DIR-859 1.07b03beta are vulnerable. Technologies Affected D-Link DIR-859 1.05 D-Link...
Microsoft Windows GDI Component CVE-2019-1465 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 16...
Apple iOS/iPadOS/tvOS/watchOS/macOS CVE-2019-8830 Arbitrary Code Execution Vulnerability
Description Apple iOS, iPadOS, tvOS, watchOS and macOS are prone to an arbitrary code execution vulnerability. A remote attacker can leverage this issue to execute arbitrary code in the context of the user running the application. Failed exploit attempts may result in a denial-of-service conditio...
IBM Spectrum Scale CVE-2019-4665 Cross Site Scripting Vulnerability
Description IBM Spectrum Scale is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication...
Microsoft Windows Hyper-V CVE-2019-1470 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Hyper-V Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft...
Adobe Stock CVE-2019-19595 Remote Code Execution Vulnerability
Description Adobe Stock is prone to remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected system. Technologies Affected Adobe Stock 4.8 PrestaShop PrestaShop 1.4 PrestaShop PrestaShop 1.6.0 Recommendations Deploy netwo...
Linux kernel CVE-2019-19449 Denial of Service Vulnerability
Description Linux kernel is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service conditions. Linux kernel 5.0.21 is vulnerable. Technologies Affected Linux kernel 5.0.21 Recommendations Permit local access for trusted individuals only. Where...
Joomla! Core Multiple SQL Injection and Information Disclosure Vulnerabilities
Description Joomla! Core is prone to an information-disclosure vulnerability and SQL-injection vulnerability. An attacker can exploit these issues to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database and gain access to sensitive...
Cisco Webex Teams for Windows CVE-2019-16001 DLL Loading Arbitrary Code Execution Vulnerability
Description Cisco Webex Teams for Windows is prone to a local arbitrary code-execution vulnerability. A local attacker can leverage this issue to execute arbitrary code. Failed exploit attempts will result in a denial of service condition. This issue is being tracked by Cisco Bug ID CSCvq87642...
Cisco Stealthwatch Enterprise CVE-2019-15994 Cross Site Scripting Vulnerability
Description Cisco Stealthwatch Enterprise is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. Th...
Multiple Symantec Products CVE-2019-12759 Local Privilege Escalation Vulnerability
Description Multiple Symantec Products are prone to an local privilege escalation vulnerability. A local attacker can leverage this issue to gain elevated privileges. The following products and versions are affected: Symantec Endpoint Protection Manager SEPM prior to versions 14.2 RU2 Symantec Ma...
Istio CVE-2019-18817 Remote Denial of Service Vulnerability
Description Istio is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause the application to crash, denying service to legitimate users. Istio versions prior to 1.3.5 are vulnerable. Technologies Affected Istio Istio 1.3.0 Istio Istio 1.3.1 Istio Istio...
Microsoft Windows Hyper-V CVE-2019-0719 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Hyper-V Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10...
Microsoft ActiveX Installer Service CVE-2019-1382 Local Privilege Escalation Vulnerability
Description Microsoft ActiveX Installer Service is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain the elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based...
Microsoft Windows JET Database Engine CVE-2019-1406 Remote Code Execution Vulnerability
Description Microsoft Windows JET Database Engine is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...
Trusted Platform Module CVE-2019-16863 Unspecified Security Vulnerability
Description Trusted Platform Module is prone to an unspecified security vulnerability. Successfully exploiting this issue will allow attackers to perform unauthorized actions; this may aid in launching further attacks. Technologies Affected STMicroelectronics Trusted Platform Module Trusted...
Fortinet FortiOS CVE-2019-15705 Denial of Service Vulnerability
Description Fortinet FortiOS is prone to a denial-of-service vulnerability. Attackers can exploit this issue to cause denial-of-service conditions. Technologies Affected Fortinet FortiOS 4.3.10 Fortinet FortiOS 4.3.12 Fortinet FortiOS 4.3.13 Fortinet FortiOS 4.3.14 Fortinet FortiOS 4.3.8 Fortinet...
Artifex Ghostscript CVE-2019-14869 Remote Privilege Escalation Vulnerability
Description Ghostscript is prone to a remote privilege-escalation vulnerability. A remote attacker can exploit this issue to gain elevated privileges and access arbitrary files or execute arbitrary commands on the affected system. Versions prior to Ghostscript 9.50 are vulnerable. Technologies...
Symantec SONAR Security Bypass
SUMMARY Symantec has released an update to address an issue that was discovered in the Symantec SONAR component. AFFECTED PRODUCTS Component: SONAR Engine --- CVE | Affected Versions | Remediation CVE-2019-12752 | Prior to 12.0.2 | Upgrade to 12.0.2 Note: Live updatable; no action required by...
D-Link DAP-1320 Wireless Range Extender CVE-2019-17505 Information Disclosure Vulnerability
Description D-Link DAP-1320 Wireless Range Extender is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information and perform unauthorized actions. D-Link DAP-1320 Rev A2 version 1.21 is vulnerable. Other versions may also be affected...
Oracle Java SE CVE-2019-2977 Remote Security Vulnerability
Description Oracle Java SE is prone to a remote security vulnerability. The vulnerability can be exploited over multiple protocols. This issue affects the 'Hotspot' component. This vulnerability affects the following supported versions: Java SE: 11.0.4, 13 Technologies Affected Oracle Java SE...
GE Mark VIe Controller CVE-2019-13554 Authorization Bypass Vulnerability
Description GE Mark VIe Controller is prone to an authorization-bypass vulnerability. Attackers can exploit this issue to gain unauthorized access to the affected system and obtain sensitive information. This may aid in further attacks. Technologies Affected Ge Mark VIe Controller Recommendations...
Cisco Prime Infrastructure CVE-2019-12713 Cross Site Scripting Vulnerability
Description Cisco Prime Infrastructure is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This...
OkayCMS CVE-2019-16885 Multiple Remote Code Execution Vulnerabilities
Description OkayCMS is prone to multiple remote code-execution vulnerabilities. Attackers can exploit these issues to execute arbitrary code on the system. OkayCMS versions through 2.3.4 are vulnerable. Technologies Affected OkayCMS OkayCMS 1.0.0 OkayCMS OkayCMS 1.1.0 OkayCMS OkayCMS 1.2.0 OkayCM...
Microsoft Windows CVE-2019-1303 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain the elevated privileges on the system. Technologies Affected Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1803 for 32-bit...
Microsoft Winlogon CVE-2019-1268 Local Privilege Escalation Vulnerability
Description Microsoft Winlogon is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges on the system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems...
Docker CVE-2019-14271 Arbitrary Code Execution Vulnerability
Description Docker is prone to an arbitrary code-execution vulnerability. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application. Technologies Affected Docker Docker 19.03.0 Docker Docker EE 17.06.2-ee-10 Docker Docker EE...
Microsoft Internet Explorer Scripting Engine CVE-2019-1133 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Internet...
Microsoft Windows JET Database Engine CVE-2019-1156 Remote Code Execution Vulnerability
Description Microsoft Windows JET Database Engine is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...
Microsoft Windows DHCP Server CVE-2019-1206 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code or cause the DHCP service to become nonresponsive. Technologies Affected Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows...
Microsoft Internet Explorer Scripting Engine CVE-2019-1194 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Internet...
Microsoft Windows JET Database Engine CVE-2019-1157 Remote Code Execution Vulnerability
Description Microsoft Windows JET Database Engine is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...
Microsoft Windows CVE-2019-1174 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain the elevated privileges on the system. Technologies Affected Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based...
Multiple F5 BIG-IP Products CVE-2019-6647 Memory Leak Denial of Service Vulnerability
Description Multiple F5 BIG-IP Products are prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause excessive memory consumption; resulting in denial-of-service conditions. Technologies Affected F5 BIG-IP AAM 11.5.1 F5 BIG-IP AAM 11.6.4 F5 BIG-IP AAM 12.1.0 F5 BIG-...
Microsoft Exchange Server CVE-2019-0817 Spoofing Vulnerability
Description Microsoft Exchange Server is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft Exchan...
Microsoft Windows LUAFV Driver CVE-2019-0730 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges on the system. Failed exploit attempts may result in a denial of service condition. Technologies Affected Microsoft Windows 1...