6867 matches found
Microsoft Internet Explorer CVE-2016-3213 WPAD Remote Privilege Escalation Vulnerability
Description Microsoft Internet Explorer is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Internet Explorer 9, 10, and 11 are vulnerable. Technologies Affected Microsoft Internet...
Microsoft Windows Shell CVE-2016-0179 Remote Code Execution Vulnerability
Description Microsoft Windows Shell is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Windows 10 for 32-b...
Microsoft Windows Journal CVE-2016-0182 Memory Corruption Vulnerability
Description Microsoft Windows is prone to a remote memory-corruption vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected...
Microsoft Office CVE-2016-0126 Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in deni...
Microsoft Internet Explorer and Edge CVE-2016-0154 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer and Edge are prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently...
Microsoft Edge CVE-2016-0080 ASLR Security Bypass Vulnerability
Description Microsoft Edge is prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. Technologies Affected Microsoft Edge Microsoft Windows 10 for 32-b...
Microsoft Internet Explorer and Edge CVE-2016-0062 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer and Edge are prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently...
Symantec Endpoint Encryption Client Memory Dump Information Disclosure
SUMMARY Symantecs Endpoint Encryption SEE Client is susceptible to information disclosure if a user with access to a system hosting a client is able to force a client memory dump and access the content of the memory dump. This could result in unauthorized exposure of such things as stored...
Microsoft Internet Explorer CVE-2015-6152 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Internet Explorer CVE-2015-6150 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft VBScript and JScript CVE-2015-6135 Information Disclosure Vulnerability
Description Microsoft VBScript and JScript are prone to a remote information disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. The following products are vulnerable: Internet Explorer 8, 9, 10, and 11 Microsoft...
Microsoft Office CVE-2015-6118 Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote memory-corruption vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected...
Microsoft Windows Kernel CVE-2015-6100 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems...
Microsoft Windows Kerberos CVE-2015-6095 Local Security Bypass Vulnerability
Description Microsoft Windows is prone to a local security-bypass vulnerability. A local attacker can leverage this issue to bypass certain security restrictions and perform unauthorized actions. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based...
Microsoft Internet Explorer CVE-2015-6056 Scripting Engine Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can take advantage of this vulnerability to execute arbitrary code in the context of the...
Microsoft Windows Kernel Mode Driver CVE-2015-2517 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Avaya Meeting Exchange - Client Registration Server 6.0 Avaya Meeting Exchange -...
Microsoft Skype for Business and Lync Server CVE-2015-2536 Cross Site Scripting Vulnerability
Description Microsoft Skype for Business and Lync Server are prone to a cross-site scripting vulnerability because they fail to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...
Microsoft Internet Explorer CVE-2015-2444 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Windows OpenType Fonts CVE-2015-2461 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Microsoft Window...
Microsoft Windows Shell Security Feature CVE-2015-2465 Local Security Bypass Vulnerability
Description Microsoft Windows is prone to a local security-bypass vulnerability. Local attackers can exploit this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. Successful exploits may lead to other attacks...
Microsoft Windows Kernel KMD Security Feature CVE-2015-2454 Local Security Bypass Vulnerability
Description Microsoft Windows is prone to a local security-bypass vulnerability. Local attackers can exploit this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. Successful exploits may lead to other attacks...
Microsoft Windows TrueType Fonts CVE-2015-2455 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Microsoft .NET...
Microsoft Internet Explorer CVE-2015-2398 Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to an information-disclosure vulnerability. An attacker can exploit this issue to execute arbitrary script code in the context of the user running the application. This may allow the attacker to obtain sensitive information that may aid in further...
Microsoft Internet Explorer CVE-2015-1753 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Internet Explorer CVE-2015-1750 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Internet Explorer CVE-2015-1706 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Internet Explorer CVE-2015-1718 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Internet Explorer CVE-2015-1657 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft VBScript CVE-2015-0032 Remote Code Execution Vulnerability
Description Microsoft VBScript is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Technologies...
Microsoft Windows Adobe Font Driver CVE-2015-0088 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Avaya...
Microsoft Exchange Server Outlook Web Access CVE-2015-1628 Cross Site Scripting Vulnerability
Description Microsoft Exchange Server is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow...
Microsoft Windows Adobe Font Driver CVE-2015-0092 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Avaya...
Microsoft Windows Kernel CVE-2015-0075 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges on the affected system. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.1.0 Avaya Meeting Exchange - Client...
Symantec Encryption Management Server Database Backup Command Line Injection and Email Header Inject
SUMMARY Symantec Encryption Management Server is susceptible to a shell command line injection when an authorized, but less privileged administrator, is submitting a request for a database backup. This could potentially result in the malicious administrator gaining privileged access on the server...
Microsoft Windows CVE-2015-0004 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Successful exploits will result in the complete compromise of affected computers. Technologies Affected Avaya Aura...
Microsoft Internet Explorer CVE-2014-6375 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Adobe Flash Player and AIR CVE-2014-0577 Type Confusion Remote Code Execution Vulnerability
Description Adobe Flash Player and AIR are prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions...
Microsoft Windows FAT32 Disk Partition Driver CVE-2014-4115 Local Privilege Escalation Vulnerability
Description Microsoft Windows FAT32 Disk Partition Driver is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Successful exploits will result in the complete compromise of affected computers...
Microsoft Internet Explorer CVE-2014-4133 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Adobe Reader and Acrobat CVE-2014-0565 Remote Code Execution Vulnerability
Description Adobe Reader and Acrobat are prone to an unspecified remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts likely result in denial-of-service conditions. The affected...
Microsoft Internet Explorer CVE-2014-2819 Remote Privilege Escalation Vulnerability
Description Microsoft Internet Explorer is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Internet Explorer 7, 8, 9, 10, and 11 are vulnerable. Technologies Affected Microsoft...
Microsoft Internet Explorer CVE-2014-2826 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successfully exploiting this issue may allow attackers to execute arbitrary code in the context of the application. Failed exploit attempts will result in denial-of-service conditions. Internet Explorer ...
Microsoft Internet Explorer CVE-2014-2820 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successfully exploiting this issue may allow attackers to execute arbitrary code in the context of the application. Failed exploit attempts will result in denial-of-service conditions. Internet Explorer ...
Microsoft Internet Explorer CVE-2014-4067 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successfully exploiting this issue may allow attackers to execute arbitrary code in the context of the application. Failed exploit attempts will result in denial-of-service conditions. Internet Explorer ...
Microsoft Windows Journal File Processing CVE-2014-1824 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Avaya Au...
Microsoft Internet Explorer CVE-2014-1792 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successfully exploiting this issue may allow attackers to execute arbitrary code in the context of the application. Failed exploit attempts will result in denial-of-service conditions. Internet Explorer ...
Microsoft Windows Remote Desktop Protocol CVE-2014-0296 Security Bypass Vulnerability
Description Microsoft Windows Remote Desktop Protocol is prone to a security-bypass vulnerability. Successful exploits may allow an attacker to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. Technologies Affected Microsoft Windows...
Microsoft Office Chinese Grammar Checking Feature CVE-2014-1756 Remote Code Execution Vulnerability
Description Microsoft Office is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...
Microsoft Windows iSCSI Connections Handling CVE-2014-0256 Remote Denial of Service Vulnerability
Description Microsoft Windows is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to render the affected system unresponsive, resulting in a denial-of-service condition. Technologies Affected Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft...
Symantec LiveUpdate Administrator Unauthenticated/Unauthorized Account Access Modification and SQL i
SUMMARY The management GUI for Symantec LiveUpdate Administrator does not properly protect the forgotten password functionality of the web interface. An unauthorized individual with knowledge of the email address for an authorized LUA user can potentially force an arbitrary password reset leading...