Lucene search
+L
SymantecRecent

6867 matches found

symantec
symantec
•added 2019/11/12 12:0 a.m.•40 views

Microsoft Windows JET Database Engine CVE-2019-1406 Remote Code Execution Vulnerability

Description Microsoft Windows JET Database Engine is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...

0.7AI score0.12439EPSS
Exploits0Affected Software3
symantec
symantec
•added 2019/11/12 12:0 a.m.•40 views

Microsoft Windows Hyper-V CVE-2019-0719 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Hyper-V Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10...

1.5AI score0.1068EPSS
Exploits0Affected Software2
symantec
symantec
•added 2019/11/12 12:0 a.m.•30 views

Microsoft Windows Graphics Component CVE-2019-1438 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Window...

2.1AI score0.00827EPSS
Exploits0Affected Software3
symantec
symantec
•added 2019/11/12 12:0 a.m.•36 views

Microsoft Windows Hyper-V CVE-2019-1310 Denial of Service Vulnerability

Description Microsoft Windows is prone to a denial of service vulnerability. An attacker can exploit this issue to crash the host machine, resulting in a denial of service condition. Technologies Affected Microsoft Hyper-V Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows ...

0.5AI score0.05141EPSS
Exploits0Affected Software2
symantec
symantec
•added 2019/11/12 12:0 a.m.•25 views

Microsoft Edge Chakra Scripting Engine CVE-2019-1428 Remote Memory Corruption Vulnerability

Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...

0.6AI score0.09374EPSS
Exploits0
symantec
symantec
•added 2019/11/12 12:0 a.m.•34 views

Microsoft Windows Win32k CVE-2019-1434 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems...

1.3AI score0.00827EPSS
Exploits0Affected Software3
symantec
symantec
•added 2019/11/12 12:0 a.m.•43 views

Microsoft Internet Explorer Scripting Engine CVE-2019-1429 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Internet Explorer 9, 10, and 11 are...

0.2AI score0.72626EPSS
Exploits3Affected Software1
symantec
symantec
•added 2019/11/12 12:0 a.m.•28 views

Microsoft Office Online CVE-2019-1445 Spoofing Vulnerability

Description Microsoft Office Online is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft Office...

0.3AI score0.00751EPSS
Exploits0
symantec
symantec
•added 2019/11/12 12:0 a.m.•55 views

Microsoft Windows OpenType Fonts CVE-2019-1456 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Microsoft Window...

0.2AI score0.09071EPSS
Exploits0Affected Software3
symantec
symantec
•added 2019/11/12 12:0 a.m.•31 views

Microsoft Windows 'Win32k' CVE-2019-1408 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...

2AI score0.01324EPSS
Exploits0Affected Software3
symantec
symantec
•added 2019/11/12 12:0 a.m.•26 views

McAfee Total Protection CVE-2019-3648 Local Privilege Escalation Vulnerability

Description Multiple McAfee products are prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. McAfee Total Protection MTP version 16.0.R22 and prior are vulnerable. Technologies Affected McAfee Total Protection 16.0.R17 McAfee Total...

2.5AI score0.00661EPSS
Exploits0References1Affected Software1
symantec
symantec
•added 2019/11/12 12:0 a.m.•34 views

SAP Treasury and Risk Management CVE-2019-0384 Remote Authorization Bypass Vulnerability

Description SAP Treasury and Risk Management is prone to an authorization-bypass vulnerability. Attackers can exploit this issue to gain unauthorized access and obtain sensitive information. This may aid in further attacks. Technologies Affected SAP EA-FINSERV 6.0 SAP EA-FINSERV 6.03 SAP EA-FINSE...

0.8AI score0.00887EPSS
Exploits0References1Affected Software2
symantec
symantec
•added 2019/11/12 12:0 a.m.•23 views

Microsoft Windows Subsystem for Linux CVE-2019-1416 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1803 for 32-bit...

2.9AI score0.0045EPSS
Exploits0References1Affected Software2
symantec
symantec
•added 2019/11/12 12:0 a.m.•44 views

Microsoft Excel CVE-2019-1446 Information Disclosure Vulnerability

Description Microsoft Excel is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Excel 2010 Service Pack 2 32-bit editions Microsoft Excel 2010 Service Pack 2 64-bit...

0.2AI score0.08357EPSS
Exploits0Affected Software4
symantec
symantec
•added 2019/11/12 12:0 a.m.•39 views

Microsoft Office CVE-2019-1402 Local Information Disclosure Vulnerability

Description Microsoft Office is prone to a local information-disclosure vulnerability. A local attacker can leverage this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Office 2010 32-bit edition SP2 Microsoft Office 2010 64-bit edition SP2...

1AI score0.02365EPSS
Exploits0Affected Software1
symantec
symantec
•added 2019/11/12 12:0 a.m.•96 views

Microsoft Exchange Server CVE-2019-1373 Remote Code Execution Vulnerability

Description Microsoft Exchange Server is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected...

9.6AI score0.18161EPSS
Exploits0References1Affected Software1
symantec
symantec
•added 2019/11/12 12:0 a.m.•54 views

Microsoft Windows Netlogon CVE-2019-1424 Security Bypass Vulnerability

Description Microsoft Windows Netlogon is prone to a security bypass vulnerability. Successfully exploiting this issue may allow attackers to bypass certain security restrictions and perform unauthorized actions by conducting a man-in-the-middle attack. This may lead to other attacks. Technologie...

0.7AI score0.02574EPSS
Exploits0Affected Software3
symantec
symantec
•added 2019/11/12 12:0 a.m.•43 views

Microsoft Windows Win32k CVE-2019-1436 Local Information Disclosure Vulnerability

Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...

1.3AI score0.01659EPSS
Exploits0Affected Software2
symantec
symantec
•added 2019/11/12 12:0 a.m.•23 views

Siemens Desigo PX CVE-2019-13927 Denial of Service Vulnerability

Description Siemens Desigo PX is prone to denial of service vulnerability Remote attackers may exploit this issue to cause denial-of-service conditions. Technologies Affected Siemens Desigo PX PXA40-W0 Siemens Desigo PX PXA40-W1 Siemens Desigo PX PXA40-W2 Siemens Desigo PX PXC00-E.D Siemens Desig...

0.5AI score0.01675EPSS
Exploits5References1
symantec
symantec
•added 2019/11/12 12:0 a.m.•20 views

Adobe Bridge CC APSB19-53 Multiple Unspecified Memory Corruption Vulnerabilities

Description Adobe Bridge CC is prone to multiple unspecified memory-corruption vulnerabilities. Attackers can exploit these issues to obtain sensitive information that may aid in further attacks. Adobe Bridge CC 9.1 is vulnerable. Technologies Affected Adobe Bridge CC 9.1 Recommendations Deploy...

0.2AI score
Exploits0Affected Software1
symantec
symantec
•added 2019/11/12 12:0 a.m.•36 views

SAP BusinessObjects BI Platform CVE-2019-0396 XML External Entity Injection Vulnerability

Description SAP BusinessObjects Business Intelligence Platform is prone to an XML External Entity injection vulnerability. Attackers can exploit this issue to gain access to sensitive information or cause denial-of-service condition. SAP BusinessObjects Business Intelligence Platform versions 4.1...

0.1AI score0.00897EPSS
Exploits0References1Affected Software1
symantec
symantec
•added 2019/11/12 12:0 a.m.•85 views

Multiple Cisco Products CVE-2019-15992 Remote Code Execution Vulnerability

Description Multiple Cisco Products are prone to a remote code-execution vulnerability. Successfully exploiting this issue will allow attackers to execute arbitrary code within the context of the application. This issue is being tracked by Cisco Bug IDs CSCvr85295 and CSCvr96680 . Technologies...

1AI score0.04122EPSS
Exploits0References1Affected Software1
symantec
symantec
•added 2019/11/12 12:0 a.m.•29 views

SAP Business Objects Business Intelligence Platform CVE-2019-0382 Cross Site Scripting Vulnerability

Description SAP Business Objects Business Intelligence Platform is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Remote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the contex...

0.4AI score0.00526EPSS
Exploits0References1Affected Software1
symantec
symantec
•added 2019/11/12 12:0 a.m.•29 views

Microsoft Office CVE-2019-1449 Security Bypass Vulnerability

Description Microsoft Office is prone to a security bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions; this may aid in launching further attacks. Technologies Affected Microsoft Office 2019 for 32-bit editions Microsoft Office 2019 for 64-bit editio...

0.5AI score0.06363EPSS
Exploits0Affected Software1
symantec
symantec
•added 2019/11/12 12:0 a.m.•36 views

Lenovo ThinkPad CVE-2019-6172 Remote Code Execution Vulnerability

Description Lenovo is prone to a remote code-execution vulnerability. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application. Technologies Affected Lenovo Thinkpad Recommendations Block external access at the network boundary, unle...

0.7AI score0.00333EPSS
Exploits0References1
symantec
symantec
•added 2019/11/12 12:0 a.m.•94 views

Lenovo ThinkPad CVE-2019-6170 Remote Code Execution Vulnerability

Description Lenovo ThinkPad is prone to a remote code-execution vulnerability. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application. Technologies Affected Lenovo Thinkpad Recommendations Block external access at the network...

0.8AI score0.0035EPSS
Exploits0References1
symantec
symantec
•added 2019/11/12 12:0 a.m.•15 views

McAfee Advanced Threat Defense SB10304 Multiple Security Vulnerabilities

Description McAfee Advanced Threat Defense is prone to the following security vulnerabilities: 1. Multiple information disclosure vulnerabilities. 2. A remote command execution vulnerability 3. Directory-traversal vulnerability. 4. An SQL-injection vulnerability. 5. A security vulnerability...

7.9AI score
Exploits0References1Affected Software1
symantec
symantec
•added 2019/11/12 12:0 a.m.•102 views

Microsoft Excel CVE-2019-1448 Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...

0.8AI score0.28178EPSS
Exploits0Affected Software2
symantec
symantec
•added 2019/11/12 12:0 a.m.•31 views

Microsoft Windows Data Sharing Service CVE-2019-1383 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attackers may exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windo...

2.6AI score0.00713EPSS
Exploits0Affected Software2
symantec
symantec
•added 2019/11/12 12:0 a.m.•31 views

Microsoft Windows CVE-2019-1384 Security Bypass Vulnerability

Description Microsoft Windows is prone to a security bypass vulnerability. Successfully exploiting this issue may allow attackers to bypass certain security restrictions and perform unauthorized actions. This may lead to other attacks. Technologies Affected Microsoft Windows 10 Version 1607 for...

0.7AI score0.06112EPSS
Exploits0Affected Software3
symantec
symantec
•added 2019/11/12 12:0 a.m.•31 views

Microsoft Windows Remote Procedure Call CVE-2019-1409 Local Information Disclosure Vulnerability

Description Microsoft Windows is prone to a local information-disclosure vulnerability. A local attacker can leverage this issue to disclose sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Versi...

1.2AI score0.01307EPSS
Exploits0Affected Software3
symantec
symantec
•added 2019/11/12 12:0 a.m.•31 views

Microsoft Windows Installer CVE-2019-1415 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...

2.4AI score0.00786EPSS
Exploits0Affected Software3
symantec
symantec
•added 2019/11/12 12:0 a.m.•101 views

Intel Xeon Scalable Processors CVE-2019-11139 Denial of Service Vulnerability

Description Intel Xeon Scalable Processors are prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Technologies Affected Intel Xeon Scalable Processors Redhat Enterprise Linux 5 Redhat Enterprise Linux 6 Redhat Enterprise Linux 7...

1.7AI score0.00356EPSS
Exploits0References1Affected Software2
symantec
symantec
•added 2019/11/12 12:0 a.m.•35 views

SAP Enable Now CVE-2019-0385 Unspecified Cross Site Scripting Vulnerability

Description SAP Enable Now is prone to an unspecified cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Remote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site...

0.8AI score0.00526EPSS
Exploits0References1Affected Software1
symantec
symantec
•added 2019/11/12 12:0 a.m.•40 views

Microsoft SharePoint CVE-2019-1443 Information Disclosure Vulnerability

Description Microsoft SharePoint is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Foundation 2010 SP2...

0.6AI score0.0537EPSS
Exploits0Affected Software3
symantec
symantec
•added 2019/11/12 12:0 a.m.•39 views

Microsoft Windows AppX Deployment Extensions CVE-2019-1385 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft...

2.4AI score0.03595EPSS
Exploits4Affected Software2
symantec
symantec
•added 2019/11/12 12:0 a.m.•37 views

Microsoft Windows 'ATMFD.dll' CVE-2019-1412 Local Information Disclosure Vulnerability

Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Syste...

1.4AI score0.0159EPSS
Exploits0Affected Software3
symantec
symantec
•added 2019/11/12 12:0 a.m.•31 views

TIBCO EBX Add-on CVE-2019-17332 Cross Site Scripting Vulnerability

Description TIBCO EBX Add-on is prone to a cross-site scripting vulnerability because they fail to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let t...

0.2AI score0.00717EPSS
Exploits0References1Affected Software1
symantec
symantec
•added 2019/11/12 12:0 a.m.•29 views

Microsoft Windows Hyper-V CVE-2019-1389 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Hyper-V Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10...

1.3AI score0.04029EPSS
Exploits0Affected Software2
symantec
symantec
•added 2019/11/12 12:0 a.m.•50 views

Microsoft Azure Stack CVE-2019-1234 Spoofing Vulnerability

Description Microsoft Azure Stack is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft Azure Stac...

0.4AI score0.57938EPSS
Exploits0
symantec
symantec
•added 2019/11/12 12:0 a.m.•32 views

Microsoft Windows CVE-2019-1423 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges and execute arbitrary code. Technologies Affected Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for...

3.6AI score0.01333EPSS
Exploits0Affected Software2
symantec
symantec
•added 2019/11/12 12:0 a.m.•40 views

Microsoft Windows Win32k Graphics CVE-2019-1441 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely cause a denial-of-service condition. Technologies Affected Microsoft Windows ...

0.3AI score0.11953EPSS
Exploits0Affected Software2
symantec
symantec
•added 2019/11/12 12:0 a.m.•37 views

Microsoft Windows Win32k CVE-2019-1396 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...

2AI score0.01131EPSS
Exploits0Affected Software3
symantec
symantec
•added 2019/11/12 12:0 a.m.•37 views

Microsoft Windows GDI CVE-2019-1439 Information Disclosure Vulnerability

Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 16...

7.9AI score0.75859EPSS
Exploits0Affected Software3
symantec
symantec
•added 2019/11/12 12:0 a.m.•41 views

SAP ERP Sales and S/4HANA Sales CVE-2019-0386 Remote Authorization Bypass Vulnerability

Description SAP ERP Sales and S/4HANA Sales are prone to an authorization-bypass vulnerability. Attackers can exploit this issue to gain unauthorized access and obtain sensitive information. This may aid in further attacks. Technologies Affected SAP Erp 6.0 SAP Erp 6.02 SAP Erp 6.03 SAP Erp 6.04...

1.4AI score0.00737EPSS
Exploits0References1Affected Software2
symantec
symantec
•added 2019/11/12 12:0 a.m.•28 views

Microsoft Edge Chakra Scripting Engine CVE-2019-1427 Remote Memory Corruption Vulnerability

Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...

1AI score0.09374EPSS
Exploits0
symantec
symantec
•added 2019/11/12 12:0 a.m.•32 views

McAfee Data Loss Prevention CVE-2019-3640 Information Disclosure Vulnerability

Description McAfee Data Loss Prevention is prone to an information-disclosure vulnerability. Attackers can exploit this issue to gain access to sensitive information by sniffing the traffic through a man-in-the-middle attack. Successful exploits will lead to other attacks. McAfee Data Loss...

0.8AI score0.00528EPSS
Exploits0References1Affected Software1
symantec
symantec
•added 2019/11/12 12:0 a.m.•29 views

Microsoft Windows Win32k CVE-2019-1395 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...

2AI score0.01131EPSS
Exploits0Affected Software3
symantec
symantec
•added 2019/11/12 12:0 a.m.•30 views

Microsoft Windows DirectWrite CVE-2019-1432 Information Disclosure Vulnerability

Description Microsoft Windows is prone to an information-disclosure vulnerability. An attacker can leverage this issue to disclose sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1...

7.6AI score0.0521EPSS
Exploits0Affected Software3
symantec
symantec
•added 2019/11/12 12:0 a.m.•29 views

Microsoft Windows Win32k CVE-2019-1440 Local Information Disclosure Vulnerability

Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10...

1.3AI score0.01954EPSS
Exploits0Affected Software2
Total number of security vulnerabilities6867