6867 matches found
Microsoft Skype for Android CVE-2019-0932 Information Disclosure Vulnerability
Description Microsoft Skype for Android is prone to a information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Skype for Android 8.35 Recommendations Run all software as a...
Microsoft SQL Server CVE-2019-0819 Information Disclosure Vulnerability
Description Microsoft SQL Server is prone to an information-disclosure vulnerability. An attacker can leverage this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft SQL Server 2017 for x64-based Systems Recommendations Block external access at...
Microsoft Excel CVE-2019-1448 Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...
Microsoft Windows Code Integrity Module CVE-2019-1344 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. A local attacker can leverage this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...
HTTP/2 CVE-2019-9517 Remote Denial of Service Vulnerability
Description HTTP/2 is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to consume excess memory, denying service to legitimate users. Technologies Affected Apache Apache 2.4.20 Apache Apache 2.4.23 Apache Apache 2.4.25 Apache Apache 2.4.26 Apache Apache 2.4.27...
Microsoft .NET Framework and Visual Studio CVE-2019-0613 Remote Code Execution Vulnerability
Description Microsoft .NET Framework and Visual Studio is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the current user. Failed exploit attempts may result in a denial of service condition. Technologies Affected...
Microsoft Internet Explorer and Edge CVE-2015-6161 ASLR Security Bypass Vulnerability
Description Microsoft Internet Explorer and Edge are prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. The following products are vulnerable:...
Multiple QNAP Products NAS-201911-27 Multiple Security Vulnerabilities
Description Multiple QNAP products are prone to multiple security vulnerabilities because they fail to properly sanitize user-supplied input. An attacker may leverage these issues to gain unauthorized access to the affected device and execute arbitrary script code in the browser of an unsuspectin...
Symantec Endpoint Protection SONAR Component CVE-2019-12752 Security Bypass Vulnerability
Description Symantec Endpoint Protection is prone to a security-bypass vulnerability. Successfully exploiting this issue may allow an attacker to bypass certain security restrictions and perform unauthorized actions. Symantec Endpoint Protection versions prior to 12.0.2 are vulnerable. Technologi...
Microsoft Windows CVE-2019-1322 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft...
Intel Xeon Scalable Processors CVE-2019-11139 Denial of Service Vulnerability
Description Intel Xeon Scalable Processors are prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Technologies Affected Intel Xeon Scalable Processors Redhat Enterprise Linux 5 Redhat Enterprise Linux 6 Redhat Enterprise Linux 7...
Microsoft Windows CVE-2019-1166 NTLM Tampering Security Bypass Vulnerability
Description Microsoft Windows is prone to a security bypass vulnerability. Successfully exploiting this issue may allow attackers to bypass certain security restrictions and perform unauthorized actions by conducting a man-in-the-middle attack. This may lead to other attacks. Technologies Affecte...
Microsoft Word CVE-2019-1201 Remote Code Execution Vulnerability
Description Microsoft Word is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...
libxslt CVE-2019-11068 Security Bypass Vulnerability
Description libxslt is prone to a security-bypass vulnerability. Attackers can leverage this issue to bypass security restrictions and perform unauthorized actions; this may aid in launching further attacks. Technologies Affected Oracle JDKLinux Production Release 1.8.0 Update 221 Oracle JDKSolar...
Microsoft .NET Framework CVE-2018-0764 Remote Denial of Service Vulnerability
Description Microsoft .NET Framework is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause a denial of service condition. Technologies Affected Microsoft .NET Framework 2.0 SP2 Microsoft .NET Framework 3.0 SP2 Microsoft .NET Framework 3.5 Microsoft .NET...
Microsoft Windows CVE-2017-0102 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft...
Multiple Fortinet Products CVE-2018-9195 Hardcoded Cryptographic Key Vulnerability
Description Multiple Fortinet products are prone to a hard-coded cryptographic key vulnerability. An attacker can exploit this issue to perform man-in-the-middle attacks and obtain sensitive information. Successful exploits will lead to other attacks. The following Fortinet products are affected:...
Microsoft Excel CVE-2019-1331 Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...
Microsoft Internet Explorer CVE-2019-0752 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Internet Explorer 10 and 11 are...
Microsoft Windows Kernel 'Win32k.sys' CVE-2016-7255 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit...
Microsoft SQL Server CVE-2016-7254 Privilege Escalation Vulnerability
Description Microsoft SQL Server is prone to a privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft SQL Server 2012 for 32-bit Systems Service Pack 2 Microsoft SQL Server 2012 for 32-bit Systems Service Pack 3 Microsof...
Symantec Endpoint Protection Elevation of Privilege Issues
SUMMARY The management console for Symantec Endpoint Protection Manager SEPM is susceptible to OS command execution, Java code execution elevation of privilege. SEP clients are susceptible to a binary planting vulnerability that could result in arbitrary code running with system privileges on a...
Microsoft Windows Win32k CVE-2020-0624 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version...
Foxit Reader CVE-2019-5031 Remote Code Execution Vulnerability
Description Foxit Reader is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely cause a denial-of-service condition. Technologies Affected Foxit Reader...
Microsoft Windows 'HTTP.sys' CVE-2019-9514 Denial of Service Vulnerability
Description Microsoft Windows is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause the affected system to become unresponsive, resulting in a denial-of-service condition. Technologies Affected Apple SwiftNIO HTTP/2 1.0.0 Apple SwiftNIO HTTP/2 1.1.0 App...
Microsoft Windows 'DirectWrite' API CVE-2019-1128 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsof...
Microsoft Windows Graphics Component CVE-2017-0108 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits may allow an attacker to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Live Meeting...
Mozilla Firefox and Firefox ESR CVE-2019-17024 Remote Security Vulnerability
Description Mozilla Firefox and Firefox ESR are prone to a remote security vulnerability. Attackers can exploit this issue to execute arbitrary code or cause denial-of-service conditions. This may aid in further attacks. This issue is fixed in: Firefox 72 Firefox ESR 68.4 Technologies Affected...
PHP CVE-2019-11045 Multiple Unspecified Security Vulnerabilities
Description PHP is prone to multiple unspecified security vulnerabilities. An attacker can exploit these issues to perform certain unauthorized actions and gain access to the affected application. Other attacks are also possible. PHP 7.2.0 through 7.2.26, 7.3.0 through 7.3.12 and 7.4.0 are...
Microsoft Windows Error Reporting CVE-2019-0863 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Attackers can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows ...
Linux Kernel CVE-2019-20096 Memory Leak Denial of Service Vulnerability
Description Linux Kernel is prone to a denial-of-service vulnerability. Attackers can exploit this issue to cause denial-of-service conditions. Linux Kernel versions prior to 5.1 are vulnerable. Technologies Affected Linux kernel 3.0 Linux kernel 3.0-rc1 Linux kernel 3.0.1 Linux kernel 3.0.18 Lin...
Microsoft Windows LSASS CVE-2017-0004 Denial of Service Vulnerability
Description Microsoft Windows LSASS is prone to a denial-of-service vulnerability. Successful exploitation of the issue will cause a denial of service on the target system's LSASS service, resulting in an automatic reboot of the system. Technologies Affected Microsoft Windows 7 for 32-bit Systems...
Microsoft Windows WebDAV CVE-2016-0051 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Failed exploit attempts will result in a denial of service condition. Technologies Affected Microsoft Windows 10 for...
Microsoft .NET Framework CVE-2020-0606 Remote Code Execution Vulnerability
Description Microsoft .NET Framework is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected...
PHP CVE-2019-11047 Heap Buffer Overflow Vulnerability
Description PHP is prone to a heap-based buffer-overflow vulnerability. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application. Failed exploits will result in denial-of-service conditions. PHP 7.2.x versions prior to 7.2.26, 7.3.x...
Microsoft Exchange Server CVE-2019-1373 Remote Code Execution Vulnerability
Description Microsoft Exchange Server is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected...
Microsoft Windows Kernel CVE-2019-1345 Local Information Disclosure Vulnerability
Description Microsoft Windows Kernel is prone to a local information-disclosure vulnerability. A local attacker can leverage this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...
Microsoft Windows ALPC CVE-2019-1162 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can leverage this issue to execute arbitrary code in the security context of the local system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...
Microsoft Office SharePoint CVE-2019-1036 Cross Site Scripting Vulnerability
Description Microsoft Office SharePoint is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This...
Microsoft Word PDF CVE-2018-8430 Remote Code Execution Vulnerability
Description Microsoft Word PDF is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microso...
Adobe Flash Player CVE-2014-0497 Remote Code Execution Vulnerability
Description Adobe Flash Player is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Technologies...
Linux Kernel CVE-2019-19241 Privilege Escalation Vulnerability
Description Linux Kernel is prone to a privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Linux Kernel version 5.3 is vulnerable; other versions may also be affected. Technologies Affected Linux kernel 5.3 Recommendations Permit local access for...
Lenovo ThinkPad CVE-2019-6170 Remote Code Execution Vulnerability
Description Lenovo ThinkPad is prone to a remote code-execution vulnerability. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application. Technologies Affected Lenovo Thinkpad Recommendations Block external access at the network...
Microsoft Azure Automation CVE-2019-0962 Local Privilege Escalation Vulnerability
Description Microsoft Azure Automation is prone to a local privilege-escalation vulnerability. An attacker may exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Technologies Affected Microsoft Azure Automation Recommendations Permit local access for...
Microsoft Visual Studio CVE-2019-1077 Local Privilege Escalation Vulnerability
Description Microsoft Visual Studio is prone to a local privilege-escalation vulnerability. An attackers may exploit this issue to gain elevated privileges. Technologies Affected Microsoft Visual Studio 2017 15.9 Microsoft Visual Studio 2019 16.0 Microsoft Visual Studio 2019 16.1 Recommendations...
Microsoft Windows LNK CVE-2018-8345 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to execute arbitrary code on the target system. Failed attacks may cause denial of service conditions. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit...
Microsoft Remote Desktop Protocol CVE-2015-2373 Remote Code Execution Vulnerability
Description Microsoft Remote Desktop Protocol is prone to a remote code-execution vulnerability. Successful exploits will allow the attacker to execute arbitrary code in the context of the affected process. This may facilitate a complete system compromise. Failed attacks may cause denial-of-servi...
Microsoft Windows Remote Desktop Protocol CVE-2014-6318 Security Bypass Vulnerability
Description Microsoft Windows Remote Desktop Protocol is prone to a security-bypass vulnerability. Successful exploits may allow an attacker to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. Technologies Affected Microsoft Windows...
OpenSSL Vulnerabilities Mar 2021
Summary Symantec Network and Information Security NIS products using affected versions of OpenSSL may be susceptible to two vulnerabilities. A remote attacker may be able to cause denial of service through application crashes. An application may successfully validate an invalid X.509 certificate...
Linux Kernel CVE-2019-17133 Buffer Overflow Vulnerability
Description Linux Kernel is prone to a buffer-overflow vulnerability. Attackers can exploit this issue to execute arbitrary code on the affected application. Failed attempts will likely cause a denial-of-service condition. Linux kernel versions through 5.3.2 are vulnerable. Technologies Affected...