Lucene search
K
SymantecMost viewed

6867 matches found

Symantec
Symantec
•added 2007/06/06 12:0 a.m.•28 views

Yahoo! Messenger Webcam Viewer ActiveX Control Buffer Overflow Vulnerability

Description Yahoo! Messenger Webcam Viewer ActiveX control is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of applications th...

7.9AI score
Exploits0References4
Symantec
Symantec
•added 2007/02/23 12:0 a.m.•28 views

Microsoft Office Publisher Invalid Memory Reference Remote Code Execution Vulnerability

Description Microsoft Office Publisher is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting victim to open a maliciously crafted Publisher file. Successful exploits may allow attackers to execute arbitrary code with privileges of the us...

2.1AI score
Exploits0Affected Software2
Symantec
Symantec
•added 2006/10/10 12:0 a.m.•28 views

Microsoft PowerPoint Object Pointer Remote Code Execution Vulnerability

Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. Exploiting this issue can allow remote attackers to execute arbitrary code on a vulnerable computer by supplying a malicious PowerPoint .ppt document to a user. Technologies Affected Microsoft Office 2000 Microsof...

8.2AI score
Exploits0References3Affected Software2
Symantec
Symantec
•added 2006/02/21 12:0 a.m.•28 views

Apple Mac OS X Archive Metadata Command Execution Vulnerability

Description Apple Mac OS X is prone to an arbitrary command-execution vulnerability when processing metadata in archive files. Commands would be executed in the context of the user opening the archive file. Attackers can reportedly use Safari and Apple Mail as exploitation vectors for this...

1.2AI score
Exploits0References2Affected Software2
Symantec
Symantec
•added 2005/04/12 12:0 a.m.•28 views

Microsoft Internet Explorer DHTML Object Race Condition Memory Corruption Vulnerability

Description A vulnerability in Microsoft Internet Explorer may allow remote attackers to execute arbitrary code in the context of users visiting malicious Web sites. This issue presents itself the affected application attempts to process certain script objects, a race condition may lead to the...

7.9AI score
Exploits0References1Affected Software1
Symantec
Symantec
•added 2004/04/13 12:0 a.m.•28 views

Microsoft Windows Private Communications Transport Protocol Buffer Overrun Vulnerability

Description Various Microsoft Windows operating systems are prone to a remotely exploitable stack-based buffer overrun via the PCT Private Communications Transport protocol. Successful exploitation of this issue could allow a remote attacker to execute malicious code on a vulnerable system,...

7.5CVSS7.1AI score0.05141EPSS
Exploits0References5Affected Software7
Symantec
Symantec
•added 2003/11/11 12:0 a.m.•28 views

Microsoft FrontPage Server Extensions SmartHTML Interpreter Denial Of Service Vulnerability

Description A denial of service vulnerability has been reported in the SmartHTML interpreter component of FrontPage Server Extensions that may be exploited by remote attackers. This issue could be exploited to deny availability of CPU resources on the system, potentially causing a denial of servi...

7.3AI score
Exploits0References1Affected Software4
Symantec
Symantec
•added 2003/10/10 12:0 a.m.•28 views

Microsoft Windows RPCSS Multi-thread Race Condition Vulnerability

Description It has been reported that a variant attack in the RPCSS service of Microsoft Windows exists. Because of this, it may be possible for an attacker to mount denial of service attacks and execute arbitrary code on the affected system. The source of the issue is reportedly a multi-thread...

8.3AI score
Exploits0References7Affected Software7
Symantec
Symantec
•added 2003/07/01 12:0 a.m.•28 views

InterSystems Cache Insecure Default Permissions Vulnerability

Description It has been reported that the permissions set by default on the files and directories comprising InterSystems Cache are insecure. The permissions on directories allegedly allow for any user to overwrite any file. This creates many opportunities for local attackers to obtain root...

2.1AI score
Exploits0References3Affected Software1
Symantec
Symantec
•added 2003/06/19 12:0 a.m.•28 views

Multiple Sun Database Functions Buffer Overflow Vulnerabilities

Description Sun dbmopen, ndbm, dbm and dbminit library functions have been reported prone to buffer overflow vulnerabilities. Each of these issues likely present themselves due to a lack of sufficient bounds checking performed when copying externally supplied data into an internal memory buffer...

0.1AI score
Exploits0References3Affected Software3
Symantec
Symantec
•added 2001/01/22 12:0 a.m.•28 views

GoodTech FTP Server Denial of Service

Description GoodTech FTP Server is subject to a denial of service. If an attacker successfully makes an unusually large number of connections, the server will crash. Technologies Affected GoodTech FTP Server 95/98 3.0.1 GoodTech FTP Server NT/2000 3.0.1 GoodTech has addressed this issue in a new...

1.1AI score
Exploits0References1Affected Software1
Symantec
Symantec
•added 2020/01/14 12:0 a.m.•27 views

Oracle GraalVM Enterprise Edition CVE-2020-2581 Local Security Vulnerability

Description Oracle GraalVM Enterprise Edition is prone to a local security vulnerability. The 'LLVM Interpreter' component is affected. This vulnerability affects the following supported versions: 19.3.0.2 Technologies Affected Oracle GraalVM Enterprise Edition 19.3.0.2 Recommendations Block...

2.1AI score0.00402EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2020/01/14 12:0 a.m.•27 views

Microsoft Windows Subsystem for Linux CVE-2020-0636 Local Privilege Escalation Vulnerability

Description Microsoft Windows Subsystem for Linux is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based...

2.7AI score0.0082EPSS
Exploits0Affected Software2
Symantec
Symantec
•added 2020/01/08 12:0 a.m.•27 views

Cisco UCS Director CVE-2019-16003 Information Disclosure Vulnerability

Description Cisco UCS Director is prone to an information-disclosure vulnerability. An attacker can exploit this issue to obtain sensitive information that may aid in further attacks. This issue is being tracked by Cisco bug ID CSCvr00602. Technologies Affected Cisco UCS Director 4.0.0.0 Cisco UC...

0.6AI score0.01221EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/12/19 12:0 a.m.•27 views

RedHat Ceph CVE-2019-19337 Remote Denial of Service Vulnerability

Description RedHat Ceph is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to cause denial-of-service conditions. Technologies Affected Redhat Ceph Storage 3 Redhat Ceph Storage 3.3 Redhat Ceph Storage MON 3 Redhat Ceph Storage MON for Power 3 Redhat Ceph Stora...

0.9AI score0.0132EPSS
Exploits0References2Affected Software6
Symantec
Symantec
•added 2019/12/19 12:0 a.m.•27 views

Telos AMHS Multiple Cross Site Scripting and Information Disclosure Vulnerabilities

Description Telos AMHS is prone to multiple cross-site scripting vulnerabilities and an information-disclosure vulnerability. An attacker may leverage these issues to obtain sensitive information or execute arbitrary script code in the browser of an unsuspecting user in the context of the affecte...

0.1AI score
Exploits0References1
Symantec
Symantec
•added 2019/12/12 12:0 a.m.•27 views

Equinox Control Expert CVE-2019-18234 SQL Injection Vulnerability

Description Equinox Control Expert is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying...

1.6AI score0.01889EPSS
Exploits0References1
Symantec
Symantec
•added 2019/12/11 12:0 a.m.•27 views

Drupal Modal Page Module SA-CONTRIB-2019-094 Unauthorized Access Vulnerability

Description The modal page module for Drupal is prone to an unauthorized-access vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. Drupal Modal Page versions 8.x-2.4, 8.x-2.3,...

1.9AI score
Exploits0References2Affected Software1
Symantec
Symantec
•added 2019/12/11 12:0 a.m.•27 views

Libsixel CVE-2019-20022 Denial of Service Vulnerability

Description Libsixel is prone to a denial-of-service vulnerability. An attacker can exploit this issue to crash the application; denying service to legitimate users. Libsixel versions prior to 1.8.3 are vulnerable. Technologies Affected Libsixel Libsixel 1.0.0 Libsixel Libsixel 1.1.0 Libsixel...

0.3AI score0.00933EPSS
Exploits1References2Affected Software1
Symantec
Symantec
•added 2019/12/10 12:0 a.m.•27 views

Adobe Acrobat and Reader APSB19-55 Multiple Security Vulnerabilities

Description Adobe Acrobat and Reader are prone to multiple security vulnerabilities. Successfully exploiting these issues allow attackers to execute arbitrary code in the context of current user running the affected application and bypass security restrictions and perform unauthorized actions...

8.2AI score
Exploits0Affected Software2
Symantec
Symantec
•added 2019/12/10 12:0 a.m.•27 views

Microsoft Windows OLE CVE-2019-1484 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...

0.9AI score0.08859EPSS
Exploits0Affected Software3
Symantec
Symantec
•added 2019/12/10 12:0 a.m.•27 views

Siemens XHQ Operations Intelligence SSA-525454 Multiple Input Validation Vulnerabilities

Description Siemens XHQ Operations Intelligence is prone to multiple input-validation vulnerabilities. An attacker can exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, o...

0.4AI score
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/11/27 12:0 a.m.•27 views

Node.js 'lodahs' Package CVE-2019-19771 Unspecified Security Vulnerability

Description The 'lodahs' Package for Node.js is prone to an unspecified security vulnerability. Successfully exploiting this issue will allow attackers to perform unauthorized actions; this may aid in launching further attacks. Node.js lodahs version 1.0.0 is vulnerable Technologies Affected Node...

1.2AI score0.01257EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/11/20 12:0 a.m.•27 views

Cisco SD-WAN Solution CVE-2019-16002 Cross Site Request Forgery Vulnerability

Description Cisco SD-WAN Solution is prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain unauthorized actions and gain access to the affected application. Other attacks are also possible. This issue is being tracked by Cisco Bu...

0.2AI score0.00671EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/11/19 12:0 a.m.•27 views

Microsoft Outlook for Android CVE-2019-1460 Spoofing Vulnerability

Description Microsoft Outlook for Android is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft...

0.2AI score0.01445EPSS
Exploits0
Symantec
Symantec
•added 2019/11/18 12:0 a.m.•27 views

Moodle CVE-2019-14881 Cross Site Scripting Vulnerability

Description Moodle is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attack...

6.6AI score0.01113EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/11/12 12:0 a.m.•27 views

SAP Quality Management CVE-2019-0393 Unspecified SQL Injection Vulnerability

Description SAP Quality Management is prone to an unspecified SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this issue to compromise the application, access or modify data, or exploit latent...

1.4AI score0.00692EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/11/12 12:0 a.m.•27 views

Microsoft Windows Win32k CVE-2019-1395 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...

2AI score0.01131EPSS
Exploits0Affected Software3
Symantec
Symantec
•added 2019/11/12 12:0 a.m.•27 views

Adobe Illustrator CVE-2019-7962 DLL Loading Privilege Escalation Vulnerability

Description Adobe Illustrator is prone to a privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Adobe Illustrator CC version 23.1 and prior are vulnerable. Technologies Affected Adobe Illustrator CC 19 Adobe Illustrator CC 21 Adobe Illustrator CC 22...

1.9AI score0.00779EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2019/11/07 12:0 a.m.•27 views

FriBidi CVE-2019-18397 Stack Buffer Overflow Vulnerability

...

4.2AI score0.02182EPSS
Exploits0Affected Software2
Symantec
Symantec
•added 2019/11/04 12:0 a.m.•27 views

Google Android Library CVE-2019-2201 Remote Code Execution Vulnerability

Description Google Android is prone to a remote code execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the affected application. This issue is being tracked by Android bug ID A-120551338. Technologies Affected Google Android 10.0 Google Androi...

1.2AI score0.02461EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/28 12:0 a.m.•27 views

Trend Micro Apex One CVE-2019-18188 Command Injection Vulnerability

Description Trend Micro Apex One is prone to a command-injection vulnerability because it fails to properly sanitize user-supplied input. Successfully exploiting this issue may allow an attacker to execute arbitrary code in the context of the affected application. Failed exploit attempts will...

0.1AI score0.04661EPSS
Exploits0
Symantec
Symantec
•added 2019/10/23 12:0 a.m.•27 views

IBM Cloud Orchestrator CVE-2019-4397 Information Disclosure Vulnerability

Description IBM Cloud Orchestrator is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks. The following versions are affected: IBM Cloud Orchestrator 2.5, 2.5.0.1, 2.5.0.2, 2.5.0.3, 2.5.0.4...

0.5AI score0.00957EPSS
Exploits0Affected Software2
Symantec
Symantec
•added 2019/10/22 12:0 a.m.•27 views

IBM Security Guardium Big Data Intelligence CVE-2019-4339 Information Disclosure Vulnerability

Description IBM Security Guardium Big Data Intelligence is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected IBM Security Guardium Big Data Intelligence 4.0 Recommendations Bloc...

5CVSS1.1AI score0.00976EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2019/10/17 12:0 a.m.•27 views

Multiple IBM Products CVE-2019-4546 Unauthorized Access Vulnerability

Description Multiple IBM Products are prone to an unauthorized-access vulnerability Attackers can exploit this issue to gain unauthorized access and perform unauthorized actions. This may aid in further attacks. Technologies Affected IBM Maximo Asset Management IBM Maximo Health Safety and...

6.5CVSS7.2AI score0.0066EPSS
Exploits0References1Affected Software2
Symantec
Symantec
•added 2019/10/17 12:0 a.m.•27 views

GNU Guix CVE-2019-18192 Local Privilege Escalation Vulnerability

Description GNU Guix is prone to a local privilege-escalation vulnerability. An attacker may exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. GNU Guix version 1.0.1 is vulnerable; other versions may also be affected. Technologies Affected GNU Guix...

4.6CVSS2.2AI score0.00344EPSS
Exploits1References2Affected Software1
Symantec
Symantec
•added 2019/10/16 12:0 a.m.•27 views

Cisco TelePresence CE Software CVE-2019-15274 Local Command Injection Vulnerability

Description Cisco TelePresence CE Software is prone to a local command-injection vulnerability. An attacker may exploit this issue to inject and execute arbitrary commands. This issue being tracked by Cisco Bug IDs CSCvq29893. Technologies Affected Cisco TelePresence CE Software 8.0.0 Cisco...

7.2CVSS1.3AI score0.00512EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/15 12:0 a.m.•27 views

Oracle Database Server Multiple Remote Security Vulnerabilities

Description Oracle Database Server is prone to multiple remote security vulnerabilities. These vulnerabilities can be exploited over the 'OracleNet' protocol. These vulnerabilities affects the following supported versions: 12.2.0.1, 18c and 19c Technologies Affected Oracle Database Server 12.2.0....

1.4AI score
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/15 12:0 a.m.•27 views

Oracle PeopleSoft Enterprise SCM eProcurement CVE-2019-3001 Remote Security Vulnerability

Description Oracle PeopleSoft Enterprise SCM eProcurement is prone to a remote security vulnerability. These vulnerabilities can be exploited over the 'HTTP' protocol. These vulnerabilities affect the following supported versions: 9.2 Technologies Affected Oracle PeopleSoft Enterprise SCM...

1AI score0.01479EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/15 12:0 a.m.•27 views

Oracle Hospitality Cruise Dining Room Management CVE-2019-2953 Remote Security Vulnerability

Description Oracle Hospitality Cruise Dining Room Management is prone to a remote security vulnerability. The vulnerability can be exploited over the 'HTTP' protocol. This vulnerability affects the following supported versions: 8.0.80 Technologies Affected Oracle Hospitality Cruise Dining Room...

0.3AI score0.01244EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/15 12:0 a.m.•27 views

Adobe Acrobat and Reader CVE-2019-8166 Arbitrary Code Execution Vulnerability

Description Adobe Acrobat and Reader are prone to an arbitrary code-execution vulnerability. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of current user running the affected application. Failed exploits will result in denial-of-service conditions...

9.4AI score0.04101EPSS
Exploits0Affected Software6
Symantec
Symantec
•added 2019/10/09 12:0 a.m.•27 views

PHP 'Closure::bindTo' Memory Corruption Vulnerability

Description PHP is prone to a a memory-corruption vulnerability. Successful exploits may allow the attacker to cause denial-of-service condition. Versions prior to PHP 7.4.0 are vulnerable. Technologies Affected PHP PHP 7.3.0 PHP PHP 7.3.1 PHP PHP 7.3.10 PHP PHP 7.3.11 PHP PHP 7.3.2 PHP PHP 7.3.3...

1.3AI score
Exploits0References2Affected Software1
Symantec
Symantec
•added 2019/10/09 12:0 a.m.•27 views

Juniper Junos CVE-2019-0071 Local Security Bypass Vulnerability

Description Juniper Junos is prone to a local security-bypass vulnerability. Attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions. Junos OS versions 18.1R3-S4 and 18.3R1-S3 for EX2300, EX2300-C and EX3400 platforms are vulnerable. Technologies...

1.2AI score0.00185EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/04 12:0 a.m.•27 views

HP Access Control CVE-2019-6330 Unspecified Privilege Escalation Vulnerability

Description HP Access Control is prone to an unspecified privilege-escalation vulnerability. Attackers can leverage this issue to gain elevated privileges. Successful exploits may compromise affected computers. Note: Technical details are currently unavailable. We will update this BID as soon as...

1.2AI score0.02384EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/02 12:0 a.m.•27 views

Cisco Unified Contact Center Express CVE-2019-15259 HTTP Response Splitting Vulnerability

Description Cisco Unified Contact Center Express is prone to an HTTP response-splitting vulnerability. Attackers can leverage this issue to influence or misrepresent how web content is served, cached, or interpreted. This could aid in various attacks that try to entice client users into having a...

0.5AI score0.01057EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/01 12:0 a.m.•27 views

Palo Alto Networks Zingbox Inspector CVE-2019-15017 Security Vulnerability

Description Palo Alto Networks Zingbox Inspector is prone to a security vulnerability. An attacker can exploit this issue to gain unauthorized access to the vulnerable system and perform unauthorized actions. Versions prior to Zingbox Inspector 1.295 are vulnerable. Technologies Affected...

0.5AI score0.00356EPSS
Exploits0References2Affected Software1
Symantec
Symantec
•added 2019/09/25 12:0 a.m.•27 views

F5 BIG-IQ Centralized Management CVE-2019-6653 HTML Injection Vulnerability

Description F5 BIG-IQ Centralized Management is prone to an HTML-injection vulnerability because it fails to sanitize user-supplied input. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected site, potentially allowing the attacker to steal...

3.5CVSS0.00631EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/09/20 12:0 a.m.•27 views

Adobe Flash Player CVE-2019-8075 Security Bypass Vulnerability

Description Adobe Flash Player is prone to a security-bypass vulnerability. Attackers can exploit this issue to bypass security restrictions to obtain sensitive information; this may aid in launching further attacks. Technologies Affected Adobe Adobe Flash Player 11 11.7 Adobe Adobe Flash Player...

1.5AI score0.03011EPSS
Exploits0Affected Software2
Symantec
Symantec
•added 2019/09/10 12:0 a.m.•27 views

Microsoft Windows Hyper-V CVE-2019-0928 Denial of Service Vulnerability

Description Microsoft Windows is prone to a denial of service vulnerability. An attacker can exploit this issue to crash the host machine, resulting in a denial of service condition. Technologies Affected Microsoft Hyper-V Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows ...

0.5AI score0.01721EPSS
Exploits0Affected Software2
Symantec
Symantec
•added 2019/09/10 12:0 a.m.•27 views

Microsoft Windows ALPC CVE-2019-1269 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can leverage this issue to execute arbitrary code in the security context of the local system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...

2.5AI score0.00939EPSS
Exploits0Affected Software3
Total number of security vulnerabilities5000