6867 matches found
Microsoft Office CVE-2019-1109 Spoofing Vulnerability
Description Microsoft Office is prone to a spoofing vulnerability. Attackers can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft Office 2013 RT Service Pack 1 Microsoft Office 2013 Service Pack 1...
Microsoft Edge Chakra Scripting Engine CVE-2018-8511 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft SharePoint Server CVE-2018-8480 Remote Privilege Escalation Vulnerability
Description Microsoft SharePoint Server is prone to a remote privilege-escalation vulnerability because it fails to properly sanitize user-supplied input. An attacker may exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Technologies Affected Microsof...
Microsoft ChakraCore Scripting Engine CVE-2018-8473 Remote Memory Corruption Vulnerability
Description Microsoft ChakraCore Scripting Engine is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsof...
Oracle Java SE CVE-2020-2585 Remote Security Vulnerability
Description Oracle Java SE is prone to a remote security vulnerability. The vulnerability can be exploited over multiple protocols. This issue affects the 'JavaFX' component. This vulnerability affects the following supported versions: Java SE: 8u241 Technologies Affected Oracle JDKLinux Producti...
Mozilla Network Security Services CVE-2019-17006 Heap Buffer Overflow Vulnerability
Description Mozilla Network Security Services NSS is prone to a heap-based buffer-overflow vulnerability. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application. Failed exploits will result in denial-of-service conditions. Mozilla...
Microsoft SharePoint Server CVE-2019-0594 Remote Code Execution Vulnerability
Description Microsoft SharePoint Server is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft SharePoint Enterprise Server 2016...
Adobe Acrobat and Reader CVE-2012-2049 Remote Buffer Overflow Vulnerability
Description Adobe Acrobat and Reader are prone to a remote stack-based buffer-overflow vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions...
Microsoft Edge Chakra Scripting Engine CVE-2018-8503 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft Windows Media Player CVE-2018-8482 Information Disclosure Vulnerability
Description Microsoft Windows Media Player is prone to a information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 1...
Microsoft Edge CVE-2018-8530 Security Bypass Vulnerability
Description Microsoft Edge is prone to a security-bypass vulnerability. Successfully exploiting this issue may allow an attacker to bypass certain security restrictions and perform unauthorized actions. This may lead to other attacks. Technologies Affected Microsoft Edge Recommendations Run all...
Microsoft Windows DirectX Graphics Kernel CVE-2018-8484 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to run processes with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Syste...
Microsoft Edge CVE-2018-8509 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Edge Recommendations...
Microsoft Windows HTTP Protocol Stack CVE-2015-1635 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the system account. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Avaya Meeting...
Microsoft SQL Server Management Studio CVE-2018-8532 Information Disclosure Vulnerability
Description Microsoft SQL Server Management Studio is prone to an information-disclosure vulnerability. An attacker can leverage this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft SQL Server Management Studio 17.9 Microsoft SQL Server...
Microsoft Windows Hyper-V CVE-2018-8489 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the host operating system. Failed exploit attempts will result in a denial of service condition. Technologies Affected Microsoft Hyper-V...
Microsoft SQL Server Management Studio CVE-2018-8527 Information Disclosure Vulnerability
Description Microsoft SQL Server Management Studio is prone to an information-disclosure vulnerability. An attacker can leverage this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft SQL Server Management Studio 17.9 Microsoft SQL Server...
Nginx Vulnerabilities Jul 2017 - Oct 2019
Summary Symantec SWG products using affected versions of Nginx may be susceptible to multiple Nginx vulnerabilities. A remote attacker can use crafted requests to obtain sensitive information or cause denial of service. An attacker can also obtain sensitive information or cause denial of service ...
Microsoft Office SharePoint CVE-2019-1033 Cross Site Scripting Vulnerability
Description Microsoft Office SharePoint is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This...
Microsoft SQL Server CVE-2017-8516 Information Disclosure Vulnerability
Description Microsoft SQL Server is prone to an information-disclosure vulnerability. An attacker can leverage this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft SQL Server 2012 for 32-bit Systems Service Pack 3 Microsoft SQL Server 2012 fo...
phpMyAdmin CVE-2020-5504 SQL Injection Vulnerability
...
Embedthis GoAhead Web Server CVE-2019-5096 Remote Code Execution Vulnerability
Description Embedthis GoAhead Web Server is prone to a remote code execution vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the application. Failed exploit attempts will likely cause a denial-of-service condition. Embedthis GoAhead Web Server...
Elasticsearch CVE-2019-7619 Information Disclosure Vulnerability
Description Elasticsearch is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks. Versions prior to Elasticsearch 7.4.0 or 6.8.4 are vulnerable. Technologies Affected Elasticsearch...
Microsoft Windows Search CVE-2017-8589 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to execute arbitrary code on the target system. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit...
Microsoft Windows Security Feature CVE-2019-1019 Remote Security Bypass Vulnerability
Description Microsoft Windows is prone to a remote security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit System...
Microsoft SharePoint Server CVE-2018-8518 Remote Privilege Escalation Vulnerability
Description Microsoft SharePoint Server is prone to a remote privilege-escalation vulnerability because it fails to properly sanitize user-supplied input. An attacker may exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Technologies Affected Microsof...
Apple iOS APPLE-SA-2015-09-16-1 Multiple Security Vulnerabilities
Description Apple iOS is prone to multiple security vulnerabilities. Attackers can exploit these issues to bypass security restrictions, obtain sensitive information, execute arbitrary code, cause a denial-of-service condition, perform unauthorized actions and gain system privileges; this may aid...
Microsoft Edge CVE-2017-0002 Remote Privilege Escalation Vulnerability
Description Microsoft Edge is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Edge Recommendations Block external access at the network boundary, unless external parties require service. Filter...
Microsoft IIS File Change Notification Local Privilege Escalation Vulnerability
Description Microsoft Internet Information Service IIS is prone to a local privilege-escalation vulnerability that occurs when handling file change notifications. A local attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue wil...
Microsoft Internet Explorer CVE-2018-8373 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context...
Microsoft Windows CryptoAPI CVE-2020-0601 Spoofing Vulnerability
Description Microsoft Windows is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft Windows 10...
OpenSSH Vulnerabilities Jan-Aug 2018
SUMMARY Symantec Network Protection products using affected versions of OpenSSH are susceptible to several vulnerabilities. A remote attacker, with access to the management interface, can obtain usernames for valid SSH users and cause denial of service through application crashes. AFFECTED PRODUC...
Oracle Java SE CVE-2013-2465 Memory Corruption Vulnerability
Description Oracle Java SE is prone to a memory-corruption vulnerability in Java Runtime Environment. Attackers can exploit this issue to execute arbitrary code within the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions...
Microsoft Windows ALPC CVE-2019-0943 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can leverage this issue to execute arbitrary code in the security context of the local system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...
Microsoft Windows CVE-2017-11829 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to overwrite files with elevated privileges in the context of the affected system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft...
Oracle Java SE/Java SE Embedded CVE-2020-2659 Remote Security Vulnerability
Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over multiple protocols. This issue affects the 'Networking' component. This vulnerability affects the following supported versions: Java SE: 7u241, 8u231; Java SE...
Microsoft Internet Explorer CVE-2019-0541 Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. An attacker can exploit this issue to execute arbitrary code in the context of the current user. Faile...
Linux Kernel CVE-2018-5391 Remote Denial of Service Vulnerability
Description Linux Kernel is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Technologies Affected Arista Extendible Operating System EOS 4.20.0F Arista Extendible Operating System EOS 4.20.1F Arista Extendible Operating...
FasterXML Jackson-databind CVE-2019-16943 Remote Code Execution Vulnerability
Description FasterXML Jackson-databind is prone to a remote-code execution vulnerability. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application. Failed exploits will result in denial-of-service conditions. FasterXML jackson-databi...
Microsoft Windows Shell CVE-2018-8414 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsof...
Multiple Linux Distributions CVE-2019-14899 Security Bypass Vulnerability
Description Multiple Linux Distributions are prone to a security-bypass vulnerability. Attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks. Technologies Affected Apple iOS Apple macOS Archlinux Linux 2019.05...
Microsoft Windows Installer CVE-2019-0973 DLL Loading Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can leverage this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for...
Microsoft Windows Common Log File System CVE-2019-0984 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based...
Microsoft Windows Graphics CVE-2016-7182 Remote Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the kernel privileges. Technologies Affected Microsoft Live Meeting 2007 Console Microsoft Lync 2010 32-bit Microsoft Lync 2010...
Honeywell equIP/Performance Series IP Cameras/Recorders Authentication Bypass Vulnerability
Description Honeywell Tuxedo Touch Controller is prone to a remote authentication-bypass vulnerability. An attacker can exploit this issue to bypass the authentication mechanism and perform unauthorized actions. This may aid in further attacks. Technologies Affected Honeywell BD3PR1 Honeywell...
Microsoft Windows 'HTTP.sys' CVE-2019-9512 Denial of Service Vulnerability
Description Microsoft Windows is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause the affected system to become unresponsive, resulting in a denial-of-service condition. Technologies Affected Apple SwiftNIO HTTP/2 1.0.0 Apple SwiftNIO HTTP/2 1.1.0 App...
Oracle Java Runtime Environment CVE-2013-2423 Security Bypass Vulnerability
Description Oracle Java Runtime Environment is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass sandbox protection and perform unauthorized actions in the context of the application. This vulnerability affects the following supported versions: 7 Update 17 and...
Apache HTTP Server Vulnerabilities Jan 2019 - Apr 2020
Summary Symantec Web Security Group WSG products using affected versions of Apache HTTP Server may be susceptible to multiple vulnerabilities. A remote attacker can bypass security controls, modify the behavior of HTTP Server configuration, obtain information from the server process memory, perfo...
Microsoft Windows CVE-2019-0936 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain the elevated privileges on the system. Failed exploit attempts may result in a denial of service condition. Technologies Affected Microsoft Windows 10 Version 1607 for...
Microsoft Visual Studio CVE-2019-0537 Information Disclosure Vulnerability
Description Microsoft Visual Studio is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Visual Studio 2010 SP1 Microsoft Visual Studio 2012 Update 5 Recommendations R...