Lucene search
K
SymantecMost viewed

6867 matches found

Symantec
Symantec
•added 2012/06/12 12:0 a.m.•36 views

Microsoft Internet Explorer CVE-2012-1880 'insertRow()' Method Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Internet...

9.3CVSS7.1AI score0.24052EPSS
Exploits1Affected Software1
Symantec
Symantec
•added 2012/06/12 12:0 a.m.•36 views

Microsoft Windows CVE-2012-1864 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Technologies Affected...

7.2CVSS1.3AI score0.01577EPSS
Exploits0Affected Software4
Symantec
Symantec
•added 2012/05/17 8:0 a.m.•36 views

Symantec Web Gateway Multiple Security Issues

SUMMARY Symantecs Web Gateway management GUI is susceptible to file include command injection/execution, file upload/execution and file download/deletion security issues. The management GUI is also susceptible to cross-site scripting XSS. Successful exploitation could result in execution of...

10CVSS0.1AI score0.72596EPSS
Exploits28Affected Software1
Symantec
Symantec
•added 2012/05/08 12:0 a.m.•36 views

Microsoft Excel CVE-2012-1847 Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the...

9.3CVSS0.25099EPSS
Exploits1Affected Software2
Symantec
Symantec
•added 2012/04/17 12:0 a.m.•36 views

Oracle JRockit CVE-2012-1695 Remote Security Vulnerability

Description Oracle JRockit is prone to a remote security vulnerability. The vulnerability can be exploited over the 'Multiple' protocol. This vulnerability affects the following supported versions: 28.2.2 and before: JDK/JRE 5 and 6 27.7.1 and before: JKD/JRE 5 and 6 Technologies Affected Oracle...

10CVSS1.2AI score0.03819EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2012/04/10 12:0 a.m.•36 views

Microsoft Internet Explorer CVE-2012-0169 JScript9 Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks may cause denial-of-service conditions. Technologies Affected Avaya Aura Conferencin...

9.3CVSS0.30421EPSS
Exploits1Affected Software6
Symantec
Symantec
•added 2012/01/16 8:0 a.m.•36 views

Symantec Endpoint Protection Manager Cross-Site Request Forgery and Cross-Site Scripting

SUMMARY Symantec Endpoint Protection Manager 12.1 web console is susceptible to cross-site scripting and cross-site request forgery that could potentially lead to arbitrary code execution. AFFECTED PRODUCTS Product | Version | Build | Solutions ---|---|---|--- Symantec Endpoint Protection | 12.1 ...

6.8CVSS0.2AI score0.01328EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2011/09/13 12:0 a.m.•36 views

Microsoft SharePoint Calendar CVE-2011-0653 Cross Site Scripting Vulnerability

Description Microsoft SharePoint is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...

4.3CVSS6.2AI score0.16912EPSS
Exploits0References1Affected Software2
Symantec
Symantec
•added 2011/08/09 12:0 a.m.•36 views

Microsoft Windows NDISTAPI CVE-2011-1974 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Technologies Affected...

7.2CVSS0.3AI score0.06983EPSS
Exploits4Affected Software1
Symantec
Symantec
•added 2011/07/27 12:0 a.m.•36 views

Drupal Core CVE-2011-2726 Access Bypass Vulnerability

Description Drupal is prone to an access-bypass vulnerability. Successfully exploiting this issue may allow an attacker to bypass certain security restrictions and perform unauthorized actions. Drupal 7.0 through 7.4 are vulnerable. Technologies Affected Drupal Drupal 7.0 Drupal Drupal 7.1 Drupal...

1.9AI score0.01598EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2011/07/12 12:0 a.m.•36 views

Microsoft Windows CSRSS 'AllocConsole()' Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Technologies Affected...

7.2CVSS0.1AI score0.02116EPSS
Exploits1References2Affected Software14
Symantec
Symantec
•added 2011/07/12 12:0 a.m.•36 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1878) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free error. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

7.2CVSS0.01405EPSS
Exploits0Affected Software15
Symantec
Symantec
•added 2011/04/12 12:0 a.m.•36 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1228) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a NULL-pointer dereference. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

7.2CVSS0.01398EPSS
Exploits0Affected Software15
Symantec
Symantec
•added 2010/10/12 12:0 a.m.•36 views

Microsoft Windows OpenType Font (OTF) Format Driver CVE-2010-2741 Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Attackers may exploit this issue to execute arbitrary code with kernel-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Failed exploit attempts...

7.2CVSS0.01792EPSS
Exploits1Affected Software2
Symantec
Symantec
•added 2010/10/12 12:0 a.m.•36 views

Microsoft Windows OpenType Font (OTF) Format Driver CVE-2010-2740 Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Attackers may exploit this issue to execute arbitrary code with kernel-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Failed exploit attempts...

7.2CVSS0.01807EPSS
Exploits1Affected Software2
Symantec
Symantec
•added 2010/10/12 12:0 a.m.•36 views

Microsoft Word (CVE-2010-3220) Remote Code Execution Vulnerability

Description Microsoft Word is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Word file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...

9.3CVSS0.7AI score0.19751EPSS
Exploits1Affected Software2
Symantec
Symantec
•added 2010/10/12 12:0 a.m.•36 views

Microsoft Internet Explorer Uninitialized Memory CVE-2010-3328 Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura...

9.3CVSS8.8AI score0.31932EPSS
Exploits1Affected Software5
Symantec
Symantec
•added 2009/09/22 8:0 a.m.•36 views

Symantec Altiris Deployment Solution and Notification Server Management Console FileDownload Vulnera

SUMMARY Symantecs Altiris Deployment Solution and Notification Server install a vulnerable ActiveX control. Exploitation of this issue could possibly lead to unauthorized information disclosure, system information corruption or potentially allow arbitrary code execution in the context of the user...

6.8CVSS0.2AI score0.42598EPSS
Exploits5Affected Software1
Symantec
Symantec
•added 2009/08/26 8:0 a.m.•36 views

Symantec Altiris Deployment Solution Multiple Vulnerabilities

SUMMARY Symantecs Altiris Deployment Solution contains vulnerabilities that could potentially be leveraged for unauthorized file access or a denial of service on a client system, authentication bypass on the Server to local system-level access on a client system. AFFECTED PRODUCTS Product | Versi...

9.3CVSS0.7AI score0.03763EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2009/08/25 8:0 a.m.•36 views

Symantec Products Autonomy KeyView Module Vulnerability

SUMMARY Symantec products that ship a third-party Autonomy KeyView module have updated the module to address a vulnerability in the processing of Excel spreadsheets reported against the KeyView module. AFFECTED PRODUCTS Product | Version | Build | Solutions ---|---|---|--- Symantec Mail Security...

9.3CVSS0.05718EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2009/02/10 12:0 a.m.•36 views

Microsoft Exchange Server EMSMDB2 MAPI Command Remote Denial of Service Vulnerability

Description Microsoft Exchange Server is prone to a remote denial-of-service vulnerability. A successful exploit allows a remote attacker to cause the application to stop responding, denying service to legitimate users. Technologies Affected Avaya Messaging Application Server Avaya Messaging...

0.2AI score
Exploits0References2Affected Software3
Symantec
Symantec
•added 2007/10/09 12:0 a.m.•36 views

Microsoft Internet Explorer Script Error Handling Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. An attacker may exploit this issue by enticing victims into viewing maliciously crafted HTML content. Successfully exploiting this issue allows arbitrary machine code to execute in the context of the affect...

Exploits0Affected Software5
Symantec
Symantec
•added 2007/06/12 12:0 a.m.•36 views

Microsoft Outlook Express Content Disposition Parsing Information Disclosure Vulnerability

Description Outlook Express is prone to a cross-domain information-disclosure vulnerability. This vulnerability may let a malicious website access properties of a site in an arbitrary external domain in the context of the victim's browser. Attackers could exploit this issue to access sensitive...

0.5AI score
Exploits0References2Affected Software1
Symantec
Symantec
•added 2004/04/13 12:0 a.m.•36 views

Microsoft Windows Local Descriptor Table Local Privilege Escalation Vulnerability

Description Microsoft Windows Local Descriptor Table programming interface is prone to a privilege-escalation vulnerability. A local attacker may be able to create a malicious entry in the Local Descriptor Table. This entry may point into protected memory. Since this memory space is reserved for...

1AI score
Exploits0References2Affected Software5
Symantec
Symantec
•added 2004/02/10 12:0 a.m.•36 views

Microsoft Windows ASN.1 Library Bit String Processing Integer Handling Vulnerability

Description Microsoft ASN.1 handling library has been reported prone to an integer overflow vulnerability that may result in arbitrary heap-based memory corruption. The issue presents itself in the ASN.1 BER decoding/encoding routines. Exploitation of this issue will result in the corruption of...

8.1AI score
Exploits0References3Affected Software15
Symantec
Symantec
•added 2003/10/25 12:0 a.m.•36 views

Atrium Software Mercur Mailserver POP3 AUTH Remote Buffer Overflow Vulnerability

Description A problem has been reported in MERCUR Mailserver when handling the POP3 AUTH command. This problem may make it possible for an attacker crash the service on a vulnerable system, or gain unauthorized access. Technologies Affected Atrium Software MERCUR Mailserver 3.3.0 Atrium Software...

1.3AI score
Exploits0References2Affected Software1
Symantec
Symantec
•added 2020/04/09 9:15 p.m.•35 views

CSRF Token Information Disclosure in MC

Summary The Management Center MC web UI is susceptible to a CSRF token disclosure vulnerability. A remote attacker, who has access to an authenticated MC user's web browser history or a network device that intercepts/logs traffic to MC, can obtain CSRF tokens and use them to perform CSRF attacks...

4.3CVSS0.9AI score0.00705EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2020/01/14 12:0 a.m.•35 views

Microsoft Windows Search Indexer CVE-2020-0630 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for...

1.4AI score0.00749EPSS
Exploits0Affected Software3
Symantec
Symantec
•added 2020/01/08 12:0 a.m.•35 views

Juniper Junos CVE-2020-1600 Denial of Service Vulnerability

Description Juniper Junos is prone to a denial-of-service vulnerability. Attackers can exploit this issue to cause the device to consume excessive CPU resources, denying service to legitimate users. Technologies Affected Juniper Junos 12.3X48 Juniper Junos 12.3X48-D10 Juniper Junos 12.3X48-D15...

0.5AI score0.01196EPSS
Exploits0References2Affected Software1
Symantec
Symantec
•added 2020/01/08 12:0 a.m.•35 views

Cisco Unified Customer Voice Portal CVE-2019-16017 Denial of Service Vulnerability

Description Cisco Unified Customer Voice Portal is prone to a remote denial-of-service vulnerability. Successfully exploiting this issue allows remote attackers to cause denial-of-service conditions. This issue is being tracked by Cisco Bug ID CSCvp72741. Technologies Affected Cisco Unified...

1.2AI score0.00934EPSS
Exploits0References1
Symantec
Symantec
•added 2019/12/18 12:0 a.m.•35 views

Rack CVE-2019-16782 Information Disclosure Vulnerability

Description Rack is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Rack Project Rack 0.1 Rack Project Rack 0.2 Rack Project Rack 0.3 Rack Project Rack 0.4 Rack Project Rack...

0.6AI score0.03687EPSS
Exploits0References2Affected Software1
Symantec
Symantec
•added 2019/12/10 12:0 a.m.•35 views

Microsoft Visual Studio CVE-2019-1486 Spoofing Vulnerability

Description Microsoft Visual Studio is prone to an security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft Visual...

0.2AI score0.01482EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2019/12/10 12:0 a.m.•35 views

Microsoft Excel CVE-2019-1464 Information Disclosure Vulnerability

Description Microsoft Excel is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Excel 2010 SP2 32-bit editions Microsoft Excel 2010 SP2 64-bit editions Microsoft Exce...

0.08123EPSS
Exploits0Affected Software2
Symantec
Symantec
•added 2019/12/03 12:0 a.m.•35 views

Redhat KeyCloak CVE-2019-14909 Authentication Bypass Vulnerability

Description Redhat KeyCloak is prone to an authentication-bypass vulnerability. Remote attackers can exploit this issue to bypass the authentication mechanism and gain unauthorized access. Technologies Affected Redhat keycloak 7.0.0 Redhat keycloak 7.0.1.Final Recommendations Block external acces...

2AI score0.01076EPSS
Exploits0References2Affected Software1
Symantec
Symantec
•added 2019/11/20 12:0 a.m.•35 views

McAfee Client Proxy CVE-2019-3654 Local Authentication Bypass Vulnerability

Description McAfee Client Proxy is prone to a local authentication-bypass vulnerability. An attacker can exploit this issue to bypass the authentication mechanism. This may aid in further attacks. McAfee Client Proxy MCP versions prior to 3.0.0 are vulnerable. Technologies Affected McAfee Client...

2.1AI score0.00665EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/11/18 12:0 a.m.•35 views

Moodle CVE-2019-14880 Security Bypass Vulnerability

Description Moodle is prone to a security-bypass vulnerability. Attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks. Versions prior to Moodle 3.5.9, 3.6.7 and 3.7.3 are vulnerable. Technologies Affected Moodle...

7.2AI score0.01079EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/11/18 12:0 a.m.•35 views

Moodle CVE-2019-14883 Remote Security Vulnerability

Description Moodle is prone to a remote security vulnerability. An attacker can leverage this issue to perform unauthorized actions. This may aid in further attacks. Moodle 3.7 through 3.7.2 and 3.6 through 3.6.6 versions are vulnerable. Technologies Affected Moodle Moodle 3.6 Moodle Moodle 3.6.1...

5.2AI score0.01068EPSS
Exploits0References2Affected Software1
Symantec
Symantec
•added 2019/11/18 12:0 a.m.•35 views

Moodle CVE-2019-14882 Open Redirection Vulnerability

Description Moodle is prone to an open-redirection vulnerability because it fails to properly sanitize user-supplied input. An attacker can leverage this issue by constructing a crafted URI and enticing a user to follow it. When an unsuspecting victim follows the link, they may be redirected to a...

0.5AI score0.0108EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/11/17 12:0 a.m.•35 views

Apache Atlas CVE-2019-10070 HTML Injection Vulnerability

Description Apache Atlas is prone to an HTML injection vulnerability because it fails to sanitize user-supplied input. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based...

0.5AI score0.01787EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/11/15 12:0 a.m.•35 views

Multiple F5 BIG-IP Products CVE-2019-6664 Remote Security Vulnerability

Description Multiple F5 BIG-IP Products are prone to a remote security vulnerability. An attacker can leverage this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. Technologies Affected F5 BIG-IP AAM 14.1.0 F5 BIG-IP AAM 15.0.0 F5 BIG-IP AF...

5CVSS0.2AI score0.00872EPSS
Exploits0References1Affected Software13
Symantec
Symantec
•added 2019/11/12 12:0 a.m.•35 views

SAP BusinessObjects BI Platform CVE-2019-0396 XML External Entity Injection Vulnerability

Description SAP BusinessObjects Business Intelligence Platform is prone to an XML External Entity injection vulnerability. Attackers can exploit this issue to gain access to sensitive information or cause denial-of-service condition. SAP BusinessObjects Business Intelligence Platform versions 4.1...

0.1AI score0.00897EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/11/12 12:0 a.m.•35 views

Microsoft Windows Data Sharing Service CVE-2019-1379 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker may exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft...

3.4AI score0.00713EPSS
Exploits0Affected Software2
Symantec
Symantec
•added 2019/11/12 12:0 a.m.•35 views

SAP Enable Now CVE-2019-0385 Unspecified Cross Site Scripting Vulnerability

Description SAP Enable Now is prone to an unspecified cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Remote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site...

0.8AI score0.00526EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/11/12 12:0 a.m.•35 views

Microsoft Visual Studio CVE-2019-1425 Remote Privilege Escalation Vulnerability

Description Microsoft Visual Studio is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Visual Studio 2017 15.9 Microsoft Visual Studio 2019 16.0 Microsoft Visual Studio 2019 16.3 Recommendations...

0.1AI score0.03116EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2019/11/05 12:0 a.m.•35 views

Linux Kernel CVE-2019-18786 Information Disclosure Vulnerability

Description Linux kernel is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Linux kernel versions through 5.3.8 are vulnerable. Technologies Affected Linux kernel 2.0.0 Linux kernel 2.0.1...

2.1CVSS1.2AI score0.00347EPSS
Exploits0References2Affected Software1
Symantec
Symantec
•added 2019/10/31 12:0 a.m.•35 views

Xen CVE-2019-18421 Privilege Escalation Vulnerability

Description Xen is prone to a privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges, obtain sensitive information or cause denial-of-service conditions. Technologies Affected Citrix Hypervisor 8.0 Citrix XenServer 7.0 Citrix XenServer 7.1 LTSR CU2 Citr...

0.1AI score0.01679EPSS
Exploits0References1Affected Software3
Symantec
Symantec
•added 2019/10/31 12:0 a.m.•35 views

Xen CVE-2019-18423 Denial of Service Vulnerability

Description Xen is prone to a denial-of-service vulnerability. An attacker can exploit this issue to crash hypervisor, denying service to legitimate users. Xen version 4.8 and later are vulnerable. Technologies Affected Xen Xen 4.10 Xen Xen 4.10.0 Xen Xen 4.10.1 Xen Xen 4.10.2 Xen Xen 4.11.0 Xen...

1.4AI score0.02059EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/24 12:0 a.m.•35 views

IBM Security Guardium Big Data Intelligence CVE-2019-4311 Information Disclosure Vulnerability

Description IBM Security Guardium Big Data Intelligence is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Security Guardium Big Data Intelligence 4.0 is vulnerable; other versions may also be...

1.7AI score0.01245EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2019/10/23 12:0 a.m.•35 views

Cisco TelePresence Advanced Media Gateway CVE-2019-15966 Denial of Service Vulnerability

Description Cisco TelePresence Advanced Media Gateway is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. This issue is being tracked by Cisco Bug ID CSCvr69362. Technologies Affected Cisco TelePresence Advanced Media...

2.1AI score0.01154EPSS
Exploits0References3
Symantec
Symantec
•added 2019/10/23 12:0 a.m.•35 views

CODESYS ENI Server CVE-2019-16265 Stack Buffer Overflow Vulnerability

Description CODESYS ENI Server is prone to a stack-based buffer-overflow vulnerability. Exploiting this issue may allow remote attackers to execute arbitrary code within the context of the affected application. Failed attacks will cause denial-of-service conditions. CODESYS ENI Server versions...

7.5CVSS0.4AI score0.01636EPSS
Exploits0References1Affected Software2
Total number of security vulnerabilities5000