6867 matches found
Google Chrome CVE-2019-13692 Security Bypass Vulnerability
Description Google Chrome is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass security restrictions and perform unauthorized actions; this may aid in launching further attacks. Versions prior to Chrome 77.0.3865.75 are vulnerable. Technologies Affected Google...
Microsoft Windows Audio Service CVE-2019-1277 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain the elevated privileges on the system. Technologies Affected Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1803 for 32-bit...
Microsoft Windows Graphics Component CVE-2019-1283 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Syste...
Microsoft Excel CVE-2019-1263 Information Disclosure Vulnerability
Description Microsoft Excel is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Excel 2010 Service Pack 2 32-bit editions Microsoft Excel 2010 Service Pack 2 64-bit...
IBM WebSphere Application Server CVE-2019-4442 Directory Traversal Vulnerability
Description IBM WebSphere Application Server is prone to a directory-traversal vulnerability. An attacker can exploit this issue using directory-traversal characters '../' to access and write arbitrary files or to execute arbitrary files. IBM WebSphere Application Server version 9.0, 8.5, 8.0 and...
lodash CVE-2019-1010266 Denial of Service Vulnerability
Description lodash is prone to a denial-of-service vulnerability. Attackers can exploit this issue to cause a denial-of-service condition. lodash versions prior to 4.17.11 are vulnerable. Technologies Affected Cisco Application Policy Infrastructure Controller APIC IBM Cloud Private 3.2.0 CD IBM...
Redhat 3scale API Management CVE-2019-14849 Information Disclosure Vulnerability
Description Redhat 3scale API Management is prone to an information-disclosure vulnerability Remote attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Redhat 3scale API Management versions 2.6 and prior are vulnerable. Technologies Affected Redhat...
Microsoft Windows CVE-2019-1179 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges on the system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems...
Microsoft Windows Graphics Component CVE-2019-1158 Information Disclosure Vulnerability
Description Microsoft Windows is prone to a information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 160...
Microsoft Outlook CVE-2019-1200 Remote Code Execution Vulnerability
Description Microsoft Outlook is prone to a remote code-execution vulnerability. Successful exploits may allow an attacker to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Office 2019...
Microsoft Windows Kernel CVE-2019-1227 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. A local attacker can leverage this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version...
Foxit PhantomPDF CVE-2019-17139 Out of Bounds Write Remote Code Execution Vulnerability
Description Foxit PhantomPDF is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code within the context of the affected application or gain sensitive information. Failed exploit attempts will likely cause a denial-of-service condition...
Microsoft Windows 'dnsrlvr.dll' CVE-2019-1090 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain the elevated privileges on the system. Technologies Affected Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based...
Microsoft Windows GDI Component CVE-2019-1094 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 16...
Symantec Messaging Gateway Privilege Escalation
SUMMARY Symantec has released an update to address an issue that was discovered in the Symantec Messaging Gateway SMG product. AFFECTED PRODUCTS Symantec Messaging Gateway SMG --- CVE | Affected Versions | Remediation CVE-2019-12751 | Prior to 10.7.1 | Upgrade to 10.7.1 ISSUES CVE-2019-12751 ---...
Atlassian JIRA CVE-2019-3401 Information Disclosure Vulnerability
Description Atlassian JIRA is prone to an information-disclosure vulnerability. Successful exploits of this issue lead to the disclosure of sensitive information which may aid in launching further attacks. Jira versions prior to 7.13.3 and 8.0.0 through and prior to 8.1.1 are vulnerable...
Microsoft Azure DevOps Server CVE-2019-0857 Spoofing Vulnerability
Description Microsoft Azure DevOps Server is prone to a spoofing vulnerability. An attacker can exploit this issue to conduct spoofing attacks and to bypass certain security restrictions and perform unauthorized actions. This may lead to other attacks. Technologies Affected Microsoft Azure DevOps...
Microsoft Edge Chakra Scripting Engine CVE-2019-0812 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft Edge Chakra Scripting Engine CVE-2019-0611 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft Internet Explorer CVE-2019-0763 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Internet Explorer 10 and 11 are...
Xen CVE-2019-17347 Denial of Service Vulnerability
Description Xen is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition or gain elevated privileges. Xen Xen version 4.1 and later are vulnerable. Technologies Affected Xen Xen 4.1 Xen Xen 4.1.0 Xen Xen 4.1.1 Xen Xen 4.1.2 Xen Xen...
Microsoft Visual Studio CVE-2019-0728 Remote Code Execution Vulnerability
Description Microsoft Visual Studio is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the current-user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft Visu...
Microsoft Windows Subsystem for Linux CVE-2019-0553 Local Information Disclosure Vulnerability
Description Microsoft Windows Subsystem for Linux is prone to a local information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft...
Microsoft Chakra Scripting Engine CVE-2019-0539 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft ChakraCore Scripting Engine CVE-2018-8354 Remote Memory Corruption Vulnerability
Description Microsoft ChakraCore Scripting Engine is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsof...
Adobe Acrobat and Reader APSB18-29 Multiple Arbitrary Code Execution Vulnerabilities
Description Adobe Acrobat and Reader are prone to multiple arbitrary code-execution vulnerabilities. Successfully exploiting these issues allows attackers to execute arbitrary code in the context of the current user. Failed exploits will result in denial-of-service conditions. The following...
Microsoft Edge CVE-2018-8370 Information Disclosure Vulnerability
Description Microsoft Edge is prone to an information disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Edge Recommendations Run all software as a nonprivileged user with minimal acce...
Microsoft Windows Kernel CVE-2018-8341 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...
Microsoft ChakraCore Scripting Engine CVE-2018-8276 Security Bypass Vulnerability
Description Microsoft ChakraCore is prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application; this may aid in launching further attacks. Technologies...
Microsoft Internet Explorer and Edge CVE-2018-8291 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer and Edge are prone to an remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Successfully exploiting this issue allows remote attackers to execute arbitrary code in...
Microsoft Windows Kernel CVE-2018-8121 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version...
Microsoft Windows Device Guard CVE-2018-8211 Local Security Bypass Vulnerability
Description Microsoft Windows is prone to a local security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems...
Microsoft Edge CVE-2018-8111 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Edge Recommendations...
Microsoft Internet Explorer CVE-2018-0978 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Internet Explorer 9, 10 and 11 are...
Microsoft Windows Device Guard CVE-2018-8217 Local Security Bypass Vulnerability
Description Microsoft Windows is prone to a local security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems...
Microsoft Windows Device Guard CVE-2018-8212 Local Security Bypass Vulnerability
Description Microsoft Windows is prone to a local security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems...
Microsoft Internet Explorer Scripting Engine CVE-2018-8114 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Internet...
Microsoft Internet Explorer and Edge CVE-2018-1025 Information Disclosure Vulnerability
Description Microsoft Internet Explorer and Edge are prone to an information-disclosure vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Successful exploits will allow attackers to obtain sensitive information that may aid in...
Microsoft Windows Kernel CVE-2018-0887 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems...
Microsoft Windows SNMP Service CVE-2018-0967 Denial of Service Vulnerability
Description Microsoft Windows SNMP Service is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause the target service to stop responding, denying service to legitimate users. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft...
Microsoft SharePoint Server CVE-2018-0915 Remote Privilege Escalation Vulnerability
Description Microsoft SharePoint Server is prone to a remote privilege-escalation vulnerability because it fails to properly sanitize user-supplied input. An attacker may exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Technologies Affected Microsof...
Microsoft Windows Kernel CVE-2018-0898 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...
Microsoft Edge CVE-2018-0879 Information Disclosure Vulnerability
Description Microsoft Edge is prone to an information disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Edge Recommendations Run all software as a nonprivileged user with minimal acce...
Microsoft SharePoint Server CVE-2018-0864 Remote Privilege Escalation Vulnerability
Description Microsoft SharePoint Server is prone to a remote privilege-escalation vulnerability because it fails to properly sanitize user-supplied input. An attacker may exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Technologies Affected Microsof...
Microsoft Windows Scripting Engine CVE-2018-0847 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607...
Microsoft Windows Kernel CVE-2018-0829 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...
Microsoft Edge Scripting Engine CVE-2018-0775 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Edge Recommendations...
Symantec Messaging Gateway Directory Traversal
SUMMARY Symantec has released an update to address one issue in the Symantec Messaging Gateway product. AFFECTED PRODUCTS Symantec Messaging Gateway SMG --- CVE | Affected Versions | Remediation CVE-2017-15532 | Prior to 10.6.4 | Upgrade to 10.6.4 ISSUES CVE-2017-15532 --- Severity/CVSSv3: | Medi...
Microsoft Edge Scripting Engine CVE-2017-11908 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft Edge Scripting Engine CVE-2017-11910 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...