6867 matches found
Microsoft Windows CVE-2019-0936 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain the elevated privileges on the system. Failed exploit attempts may result in a denial of service condition. Technologies Affected Microsoft Windows 10 Version 1607 for...
Microsoft Visual Studio CVE-2019-0537 Information Disclosure Vulnerability
Description Microsoft Visual Studio is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Visual Studio 2010 SP1 Microsoft Visual Studio 2012 Update 5 Recommendations R...
Oracle Coherence CVE-2020-2555 Multiple Remote Security Vulnerabilities
Description Oracle Coherence is prone to multiple remote security vulnerabilities. The vulnerability can be exploited over the 'T3' protocol. The 'Caching', 'CacheStore' and 'Invocation' components are affected. This vulnerability affects the following supported versions: 12.1.3.0.0, 12.2.1.3.0 a...
Oracle Java SE/Java SE Embedded CVE-2019-2989 Remote Security Vulnerability
Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over Multiple protocols. This issue affects the 'Networking' component. This vulnerability affects the following supported versions: Java SE: 7u231, 8u221, 11.0.4, 13;...
Microsoft Internet Explorer Scripting Engine CVE-2019-0920 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Internet...
Microsoft Windows CVE-2019-1025 Local Denial of Service Vulnerability
Description Microsoft Windows is prone to a local denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition, denying service to legitimate users. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Versio...
OpenSSL Vulnerabilities Sep 2020 - Feb 2021
Summary Symantec Network and Information Security NIS products using affected versions of OpenSSL may be susceptible to multiple vulnerabilities. A remote attacker may be able to decrypt encrypted communication from an SSL/TLS connection, downgrade a newly established SSL/TLS connection to SSLv2,...
Microsoft Windows Speech API CVE-2019-0985 Remote Code Execution Vulnerability
Description Microsoft Windows Speech API is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems...
Microsoft Internet Explorer and Edge CVE-2019-1081 Information Disclosure Vulnerability
Description Microsoft Internet Explorer and Edge are prone to an information disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Edge Microsoft Internet Explorer 10 Microsoft Internet...
Microsoft Windows CVE-2019-1039 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...
Microsoft Windows GDI Component CVE-2019-1011 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems...
Microsoft Internet Explorer and Edge CVE-2015-2542 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer and Edge are prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently...
NixOS Nix CVE-2019-17365 Local Privilege Escalation Vulnerability
Description NixOS Nix is prone to a local privilege-escalation vulnerability. An attacker may exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Nix versions through 2.3 are vulnerable. Technologies Affected NixOS Nix 1.0 NixOS Nix 1.5 NixOS Nix 1.9...
Microsoft Windows JET Database Engine CVE-2019-0906 Remote Code Execution Vulnerability
Description Microsoft Windows JET Database Engine is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...
Microsoft Windows Uniscribe CVE-2016-7274 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user to open a malicious file or webpage. A successful exploit may allow arbitrary code to run in the context of the currently logged-in user. Failed...
Microsoft Windows Kernel CVE-2016-0075 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft...
Oracle Java SE Rhino Script Engine Remote Code Execution Vulnerability
Description Oracle Java SE is prone to a remote code-execution vulnerability in Java Runtime Environment. The vulnerability can be exploited over multiple protocols. This issue affects the 'Scripting' sub-component. This vulnerability affects the following supported versions: JDK and JRE 7, 6...
Microsoft Windows Remote Desktop Protocol CVE-2020-0610 Remote Code Execution Vulnerability
Description Microsoft Windows Remote Desktop Protocol is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely cause a denial-of-service condition. Technologies...
Oracle Database Server CVE-2020-2510 Remote Security Vulnerability
Description Oracle Database Server is prone to a remote security vulnerability. The vulnerability can be exploited over the 'OracleNet' protocol. The 'Core RDBMS' component is affected. This vulnerability affects the following supported versions: 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c...
Microsoft ActiveX Data Objects CVE-2019-0888 Remote Code Execution Vulnerability
Description Microsoft ActiveX Data Objects is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Windows 10 Version 1607 for...
Microsoft Office CVE-2019-0540 Security Bypass Vulnerability
Description Microsoft Office is prone to a security bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions; this may aid in launching further attacks. Technologies Affected Microsoft Excel Viewer Microsoft Office 2010 Service Pack 2 32-bit editions...
Microsoft Internet Explorer and Edge CVE-2018-8288 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer and Edge are prone to an remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Successfully exploiting this issue allows remote attackers to execute arbitrary code in...
PHP 'php-cgi' Information Disclosure Vulnerability
Description PHP is prone to an information-disclosure vulnerability. Exploiting this issue allows remote attackers to view the source code of files in the context of the server process. This may allow the attacker to obtain sensitive information and to run arbitrary PHP code on the affected...
Authentication Bypass in ASG and ProxySG
Summary The Symantec Advanced Secure Gateway ASG and ProxySG web management consoles are susceptible to an authentication bypass vulnerability. An unauthenticated attacker can execute arbitrary CLI commands, view/modify the appliance configuration and policy, and shutdown/restart the appliance...
WordPress Prior to 5.3.1 Multiple Security Vulnerabilities
Description WordPress is prone to multiple security vulnerabilities. An attacker may leverage these issues to bypass certain security restrictions and perform unauthorized actions or execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...
Microsoft Office CVE-2015-2523 Memory Corruption Vulnerability
Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in...
Microsoft Remote Desktop Protocol Service CVE-2012-0152 Denial of Service Vulnerability
Description Microsoft Remote Desktop Protocol is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause the target service to stop responding, denying service to legitimate users. Technologies Affected Avaya Aura Conferencing 6.0 SP1 Standard Avaya Aura...
Apache Tomcat Vulnerabilities Oct 2018 – Feb 2020
Summary Symantec SWG products using affected versions of Apache Tomcat may be susceptible to multiple vulnerabilities. A remote attacker can execute arbitrary code on the target host, hijack an authenticated Tomcat user's session, redirect a Tomcat user to an arbitrary URL, execute arbitrary...
Microsoft .NET Core CVE-2020-0605 Remote Code Execution Vulnerability
Description Microsoft .NET Core is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected...
Microsoft Windows Event Viewer CVE-2019-0948 Information Disclosure Vulnerability
Description Microsoft Windows Event Viewer is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows ...
Microsoft Windows SMB Server CVE-2017-11780 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to execute arbitrary code on the target system. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit...
Microsoft Office CVE-2017-0281 Remote Code Execution Vulnerability
Description Microsoft Office is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...
Microsoft Windows CVE-2019-1045 Network File System Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain the elevated privileges on the system. Failed exploit attempts may result in a denial of service condition. Technologies Affected Microsoft Windows 10 Version 1709 for...
Microsoft Windows Win32k CVE-2019-1017 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...
SA112 : Linux Kernel Keyring Privilege Escalation
SUMMARY Blue Coat products that include affected versions of the Linux kernel and provide means for executing arbitrary code are susceptible to a privilege escalation vulnerability. A malicious local unprivileged user can exploit this vulnerability to escalate their privileges on the system or...
Microsoft Windows Shell CVE-2019-1053 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain the elevated privileges on the system. Failed exploit attempts may result in a denial of service condition. Technologies Affected Microsoft Windows 10 Version 1607 for...
Microsoft Skype for Business CVE-2017-11786 Privilege Escalation Vulnerability
Description Microsoft Skype for Business is prone to a privilege-escalation vulnerability. Attackers can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Lync 2013 32-bit SP1 Microsoft Lync 2013 64-bit SP1 Microsoft Skype for Business 2016 32-bit Microsoft Skype for...
Microsoft Windows Secondary Logon CVE-2016-0099 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with administrative privileges and perform unauthorized actions. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsoft Windows ...
Multiple Intel Processors CVE-2018-12207 Denial of Service Vulnerability
Description Multiple Intel Processors are prone to a denial of service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Technologies Affected Citrix Hypervisor 8.0 Citrix XenServer 7.0 Citrix XenServer 7.1 LTSR CU2 Citrix XenServer 7.6 Intel 2nd generation...
Microsoft Windows Audio Service CVE-2019-1027 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain the elevated privileges on the system. Technologies Affected Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1803 for 32-bit...
Microsoft Internet Explorer Scripting Engine CVE-2019-1005 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Internet...
Microsoft Windows Win32k CVE-2019-0808 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges. Failed exploit attempts may result in a denial of service condition. Technologies Affected Microsoft Windows 7 for 32-bit...
XML-RPC for PHP Remote Code Injection Vulnerability
Description XML-RPC for PHP is affected by a remote code-injection vulnerability. An attacker may exploit this issue to execute arbitrary commands or code in the context of the webserver. This may facilitate various attacks, including unauthorized remote access. XML-RPC for PHP 1.1 and prior...
Microsoft Internet Explorer CVE-2019-0676 Information Disclosure Vulnerability
Description Microsoft Internet Explorer are prone to an information-disclosure vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Successful exploits will allow attackers to obtain sensitive information that may aid in further...
curl/libcURL CVE-2019-5482 Heap Buffer Overflow Vulnerability
Description curl/libcURL is prone a heap-based buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. libcurl versions 7.19.4 through 7.65.3...
Microsoft Windows CVE-2018-0886 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Windows 10 Version 1607 f...
PHP CVE-2019-11049 Remote Denial Of Service Vulnerability
Description PHP is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service condition. Technologies Affected PHP PHP 7.0 PHP PHP 7.0.0 PHP PHP 7.0.1 PHP PHP 7.0.10 PHP PHP 7.0.11 PHP PHP 7.0.12 PHP PHP 7.0.13 PHP PHP 7.0.14 PHP PHP 7.0.15 PH...
Microsoft Windows Graphics Component CVE-2016-3216 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems...
Microsoft ASN.1 Library Length Integer Mishandling Memory Corruption Vulnerability
Description A vulnerability has been reported in the Microsoft ASN.1 library. This issue is related to insufficient checking of data supplied via an externally supplied length field in ASN.1 BER encoded data. This could result in an excessive value being used in a heap allocation routine, allowin...
Microsoft Word CVE-2019-1461 Remote Denial of Service Vulnerability
Description Microsoft Word is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service conditions. Technologies Affected Microsoft Office 2010 32-bit edition SP2 Microsoft Office 2010 64-bit edition SP2 Microsoft Office 2019 for 32-bit...