6867 matches found
Microsoft Windows Kernel CVE-2015-6102 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. An attacker can leverage this issue to disclose sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems...
Microsoft Internet Explorer CVE-2015-2483 Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to an information disclosure vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Successful exploits will allow attackers to obtain sensitive information that may aid in further...
Microsoft Office CVE-2015-2466 Remote Code Execution Vulnerability
Description Microsoft Office is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...
Microsoft Windows Kernel 'Win32k.sys' CVE-2015-2365 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya CallPilot 5.0....
Symantec Data Loss Prevention Enforce Server Administration Console Cross-site Scripting, Cross-site
SUMMARY Symantec's Data Loss Prevention DLP Management Console is potentially susceptible to persistent cross-site scripting XSS issues and a possible cross-site request forgery CSRF in the Enforce Server administration console. Successful exploitation could result in potential unauthorized actio...
Microsoft Internet Explorer CVE-2015-1735 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Windows Kernel 'Win32k.sys' CVE-2015-1768 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges within the context of another user. Technologies Affected Microsoft Windows Server 2003 Itanium SP2 Microsoft Windows...
Microsoft Office CVE-2015-1760 Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in...
Microsoft Internet Explorer CVE-2015-1717 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft .NET Framework CVE-2015-1648 Information Disclosure Vulnerability
Description The Microsoft .NET Framework is prone to a remote information-disclosure vulnerability. Attackers can exploit this issue to gain access to sensitive information that may aid in further attacks. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya...
Microsoft Office CVE-2015-1651 Use After Free Remote Code Execution Vulnerability
Description Microsoft Office is prone to a remote code-execution vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in...
Adobe Flash Player CVE-2015-0339 Unspecified Memory Corruption Vulnerability
Description Adobe Flash Player is prone to an unspecified memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions...
Microsoft Exchange Server CVE-2015-1632 Cross Site Scripting Vulnerability
Description Microsoft Exchange Server is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow...
Microsoft Windows 'Win32k.sys' CVE-2015-0059 Remote Code Execution Vulnerability
Description Microsoft Windows kernel is prone to a remote code-execution vulnerability. An attacker can exploit this issue by tricking an unsuspecting victim into opening a specially malformed TrueType font. Successful exploits can allow attackers to execute arbitrary code with kernel-level...
Adobe Flash Player CVE-2015-0310 Unspecified Memory Corruption Vulnerability
Description Adobe Flash Player is prone to an unspecified memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions...
Microsoft Windows Kernel 'mrxdav.sys' CVE-2015-0011 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to bypass impersonation security levels and gain elevated privileges on the affected system. Technologies Affected Avaya Aura Conferencing Standard Edition 6.0 Avaya...
Adobe Reader and Acrobat CVE-2014-8448 Information Disclosure Vulnerability
Description Adobe Reader and Acrobat are prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. Technologies Affected Adobe Acrobat 10.0 Adobe Acrobat 10.0.1 Adobe Acrobat 10.0.2 Adobe Acrobat...
Microsoft Internet Explorer CVE-2014-6337 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft SharePoint Server CVE-2014-4116 Remote Privilege Escalation Vulnerability
Description Microsoft SharePoint Server is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges in the context of the currently logged-in user. Successful exploits may aid in further attacks. Technologies...
Microsoft .NET Framework CVE-2014-4122 ASLR Security Bypass Vulnerability
Description Microsoft .NET Framework is prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilo...
Microsoft SQL Server Master Data Services CVE-2014-1820 Cross Site Scripting Vulnerability
Description Microsoft SQL Server is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. Technologie...
Microsoft Internet Explorer CVE-2014-4055 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successfully exploiting this issue may allow attackers to execute arbitrary code in the context of the application. Failed exploit attempts will result in denial-of-service conditions. Internet Explorer ...
Microsoft Word File Converting CVE-2014-1757 Remote Code Execution Vulnerability
Description Microsoft Word is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...
Microsoft Windows Kernel 'Win32k.sys' CVE-2014-0262 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code with escalated privileges. Technologies Affected Avaya Aura Conferencing 6.0 SP1 Standard Avaya Aura Conferenci...
Microsoft Windows Common Control Library CVE-2013-3195 Remote Code Execution Vulnerability
Description Microsoft Windows Common Control Library 'Comctl32.dll' is prone to a remote code-execution vulnerability. Successful exploits will allow the attacker to execute arbitrary code in the context of the affected application, which can compromise the application, and possibly, the computer...
Microsoft Windows Kernel 'Win32k.sys' CVE-2013-3879 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of the affected...
Microsoft Word CVE-2013-3858 Remote Memory Corruption Vulnerability
Description Microsoft Word is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...
Microsoft Excel CVE-2013-1315 Memory Corruption Vulnerability
Description Microsoft Excel is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Excel 2003 SP3 Microsoft...
Microsoft Windows Uniscribe Font Parsing CVE-2013-3181 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability when handling crafted font data. An attacker can exploit this issue by enticing an unsuspecting user to open a malicious file or webpage. A successful exploit may allow arbitrary code to run in the context of the...
Symantec Security Information Manager Console Security Issues
SUMMARY Symantec's Security Information Manager SSIM management console is susceptible to multiple security issues. Successful exploitation could result in potential cookie stealing, session hijacking, unauthorized disclosure of sensitive application information and potential for unauthorized...
Microsoft Internet Explorer Shift JIS Character CVE-2013-0015 Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Internet Explorer 6, 7, 8, and 9 are vulnerable. Technologies Affected Avaya Aura Conferencing 6.0 Avaya...
Microsoft Windows OpenType Font (OTF) Driver CVE-2012-2556 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits will result in the execution of arbitrary code in the kernel-mode. Failed attempts will cause a denial-of-service condition. Technologies Affected Microsoft Windows 7 for 32-bit Systems Microsoft...
Microsoft .NET Framework CVE-2012-4776 Remote Code Execution Vulnerability
Description Microsoft .NET Framework is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code with the privileges of the currently logged-in user. Failed exploit attempts will likely result in a denial-of-service condition. Technologies...
Microsoft Windows CVE-2012-1890 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Technologies Affected...
Microsoft Windows CVE-2012-1893 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Technologies Affected...
Microsoft Internet Explorer And Microsoft Lync HTML Sanitizing Information Disclosure Vulnerability
Description Microsoft Internet Explorer and Microsoft Lync are prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Groove Server 2010 Microsoft Groove Server 2010 SP1...
Microsoft Word CVE-2012-0183 RTF Data Handling Remote Memory Corruption Vulnerability
Description Microsoft Word is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...
Microsoft GDI+ CVE-2012-0165 EMF Image Processing Remote Code Execution Vulnerability
Description Microsoft GDI+ is prone to a remote code-execution vulnerability that occurs when an application using the library tries to process a specially crafted Enhanced Metafile EMF image. An attacker can exploit this issue to execute arbitrary code with the privileges of the currently...
Microsoft Remote Desktop Web Access CVE-2011-1263 Cross Site Scripting Vulnerability
Description Microsoft Remote Desktop Web Access is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected...
Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1237) Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free condition. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...
Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-0672) Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free condition. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...
Microsoft Windows CSRSS (CVE-2011-0030) Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to retain certain processes that may aid in attacks against subsequent users. Successfully exploiting this issue may aid in the complete compromise of affected computers...
Microsoft Excel Out-of-Bounds Memory Write (CVE-2010-3241) Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Internet Explorer Cross Domain CVE-2010-3330 Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability because the application fails to properly enforce the same-origin policy. An attacker can exploit this issue to access content from a browser window in another domain or security zone. This may...
Oracle Java SE and Java for Business CVE-2010-3552 Remote New Java Plug-in Vulnerability
Description Oracle Java SE and Java for Business are prone to a remote vulnerability in the Java plug-in for Internet Explorer. An attacker can exploit this vulnerability by using a malicious webpage. Due to a buffer overflow, it is possible for an attacker to execute arbitrary code in the contex...
Adobe Flash Player, Reader, and Acrobat 'authplay.dll' Remote Code Execution Vulnerability
Description Adobe Flash Player, Reader, and Acrobat are prone to a remote code execution vulnerability. Adobe reports that this vulnerability is being exploited in the wild. This vulnerability is present in the following versions: Flash Player 10.0.45.2, 9.0.262, and earlier Flash Player 10.0.x a...
Microsoft Windows Vector Markup Language Buffer Overrun Vulnerability
Description Microsoft Windows is prone to a buffer-overrun vulnerability that arises because of an error in the processing of Vector Markup Language documents. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Technologies Affected Avaya...
Oracle Java SE/Java SE Embedded CVE-2020-2583 Remote Security Vulnerability
Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over multiple protocols. This issue affects the 'Serialization' component. This vulnerability affects the following supported versions: Java SE: 7u241, 8u231, 11.0.5,...
Microsoft Windows Search Indexer CVE-2020-0613 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for...
Oracle Java SE/Java SE Embedded CVE-2020-2601 Remote Security Vulnerability
Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over 'Kerberos' protocol. This issue affects the 'Security' component. This vulnerability affects the following supported versions: Java SE: 7u241, 8u231, 11.0.5, 13.0....