6867 matches found
Microsoft ChakraCore Scripting Engine CVE-2018-8541 Remote Memory Corruption Vulnerability
Description Microsoft ChakraCore is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore...
Microsoft SharePoint Server CVE-2018-8572 Remote Privilege Escalation Vulnerability
Description Microsoft SharePoint Server is prone to a remote privilege-escalation vulnerability because it fails to properly sanitize user-supplied input. An attacker may exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Technologies Affected Microsof...
Microsoft Outlook CVE-2018-8582 Remote Code Execution Vulnerability
Description Microsoft Outlook is prone to a remote code-execution vulnerability. Successful exploits may allow an attacker to execute arbitrary code in the context of the affected system. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Office 2019 for 32-bi...
Microsoft Windows COM CVE-2018-8550 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for...
Microsoft Internet Explorer CVE-2018-8552 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a memory corruption vulnerability. An attacker can exploit this issue to gain access to sensitive information or cause denial of service conditions. Other attacks are also possible. Technologies Affected Microsoft Internet Explorer 10 Microsoft...
Microsoft Dynamics 365 CVE-2018-8609 Remote Code Execution Vulnerability
Description Microsoft Dynamics 365 is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the SQL service account. Failed exploit attempts will result in denial-of-service conditions. Technologies Affected Microsoft Dynamics...
Microsoft Outlook CVE-2018-8524 Remote Code Execution Vulnerability
Description Microsoft Outlook is prone to a remote code-execution vulnerability. Successful exploits may allow an attacker to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Office 2019...
Microsoft Windows JScript Security Feature CVE-2018-8417 Local Security Bypass Vulnerability
Description Microsoft Windows is prone to a local security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems...
Microsoft Windows Kernel CVE-2018-8408 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...
Microsoft ChakraCore Scripting Engine CVE-2018-8588 Remote Memory Corruption Vulnerability
Description Microsoft ChakraCore is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore...
Microsoft ChakraCore Scripting Engine CVE-2018-8556 Remote Memory Corruption Vulnerability
Description Microsoft ChakraCore is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore...
Microsoft Windows DirectX CVE-2018-8485 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attackers may exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windo...
Microsoft Team Foundation Server CVE-2018-8529 Remote Code Execution Vulnerability
Description Microsoft Team Foundation Server is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will result in denial-of-service conditions. Technologies Affected Microso...
Microsoft Windows Graphics Component CVE-2018-8553 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code on a target system. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft Windows 10 Version 1607 fo...
Microsoft Active Directory Federation Services CVE-2018-8547 Cross-Site Scripting Vulnerability
Description Microsoft Active Directory Federation Services is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected...
Microsoft Dynamics 365 CVE-2018-8605 Cross Site Scripting Vulnerability
Description Microsoft Dynamics 365 is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...
Microsoft Excel CVE-2018-8577 Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...
Microsoft Windows DirectX CVE-2018-8554 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attackers may exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windo...
Microsoft Windows DirectX CVE-2018-8561 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attackers may exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windo...
Microsoft Powershell CVE-2018-8415 Tampering Security Bypass Vulnerability
Description Microsoft Powershell is prone to a security bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. Technologies Affected Microsoft PowerShell Core 6.0.0 Microsoft PowerShell Core 6.1.0 Microsoft Windows 10...
Microsoft Word CVE-2018-8539 Remote Code Execution Vulnerability
Description Microsoft Word is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...
Microsoft Windows VBScript Engine CVE-2018-8544 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the current user. Failed exploit attempts may result in a denial of service condition. Technologies Affected Microsoft Windows 10 Version...
Microsoft Windows MSRPC CVE-2018-8407 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. A local attacker can leverage this issue to disclose sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Versi...
Microsoft ChakraCore Scripting Engine CVE-2018-8557 Remote Memory Corruption Vulnerability
Description Microsoft ChakraCore is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore...
Microsoft Windows Audio Service CVE-2018-8454 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. A local attackers can exploit this issue to obtain sensitive information. This may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10...
Apache HTTP Server Vulnerabilities Jul 2017 - Sep 2018
SUMMARY Symantec Network Protection products using affected versions of Apache httpd are susceptible to multiple security vulnerabilities. A remote attacker can obtain sensitive information, bypass intended security restrictions, modify session information in CGI applications, replay authenticate...
OpenSSL CVE-2018-0734 Side Channel Attack Information Disclosure Vulnerability
Description OpenSSL is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information. This may aid in further attacks. Technologies Affected Bluecoat BCAAA 6.1 IBM AIX 5.3 IBM AIX 6.1 IBM AIX 7.1 IBM Aix 7.2 IBM DataPower Gateway...
FasterXML Jackson-databind Polymorphic Deserialization Multiple Security Vulnerability
Description FasterXML Jackson-databind is prone to multiple security vulnerabilities. Successfully exploiting these issues may allow an attacker to execute arbitrary code, bypass certain security restrictions, perform unauthorized actions or obtain potentially sensitive information. Failed exploi...
GitLab CVE-2018-19495 Server Side Request Forgery Security Bypass Vulnerability
Description GitLab is prone to a security bypass vulnerability. An attacker can exploit this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. GitLab versions prior to 11.3.11, 11.4.x prior to 11.4.8 and 11.5.x prior to 11.5.1 are vulnerable...
Ruby OpenSSL CVE-2018-16395 Certificate Validation Security Bypass Vulnerability
Description Ruby OpenSSL is prone to a security-bypass vulnerability. An attacker may exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Technologies Affected Oracle Communications Interactive Session Recorder 6.0 Oracle...
Reflected XSS Vulnerability in Web Isolation
SUMMARY Symantec Web Isolation WI is susceptible to a reflected cross-site scripting XSS vulnerability. A remote attacker can target end users protected by WI with social engineering attacks using crafted URLs for legitimate web sites. A successful attack allows injecting malicious JavaScript cod...
Spring Framework CVE-2018-15756 Denial-Of-Service Vulnerability
...
Oracle Enterprise Manager Ops Center CVE-2016-4000 Remote Security Vulnerability
Description Oracle Enterprise Manager Ops Center is prone to a remote security vulnerability. The vulnerability can be exploited over the 'HTTP' protocol. The 'Networking Jython' component is affected. This vulnerability affects the following supported versions: 12.2.2, 12.3.3 Technologies Affect...
Apache Tomcat Vulnerabilities Jan-Aug 2018
SUMMARY Symantec Network Protection products using affected versions of Apache Tomcat are susceptible to multiple security vulnerabilities. A remote attacker, with access to the management interface, can gain unauthorized access to a web application resource or cause denial of service in the Tomc...
OpenSSL Vulnerabilities 16-Apr-2018 and 12-Jun-2018
SUMMARY Symantec Network Protection products using affected versions of OpenSSL are susceptible to several vulnerabilities. A malicious SSL/TLS server can send large DH parameters during connections using DH/DHE cipher suites and cause denial-of-service in the SSL/TLS client. A local attacker can...
Microsoft Windows Graphics Component CVE-2018-8432 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits may allow an attacker to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Excel Viewer...
Microsoft Azure IoT Device Client SDK CVE-2018-8531 Remote Memory Corruption Vulnerability
Description Microsoft Azure IoT Device Client SDK is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsof...
Microsoft Windows CVE-2018-8333 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for...
Microsoft SharePoint Server CVE-2018-8518 Remote Privilege Escalation Vulnerability
Description Microsoft SharePoint Server is prone to a remote privilege-escalation vulnerability because it fails to properly sanitize user-supplied input. An attacker may exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Technologies Affected Microsof...
Microsoft Windows TCP/IP CVE-2018-8493 Information Disclosure Vulnerability
Description Microsoft Windows is prone to a information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 160...
Microsoft PowerPoint CVE-2018-8501 Security Bypass Vulnerability
Description Microsoft PowerPoint is prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary code in the context of the affected application; this may aid in launching further attacks. Technologies Affected Microso...
Microsoft Windows DirectX CVE-2018-8486 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 16...
Microsoft .NET Core CVE-2018-8292 Information Disclosure Vulnerability
Description The Microsoft .NET Core is prone to an information-disclosure vulnerability. An attacker can exploit this issue to obtain sensitive information. Successful exploits will lead to other attacks. Technologies Affected Microsoft .NET Core 1.0 Microsoft .NET Core 1.1 Microsoft .NET Core 2....
Microsoft Exchange Server CVE-2018-8448 Remote Privilege Escalation Vulnerability
Description Microsoft Exchange Server is prone to a remote privilege-escalation vulnerability. Attackers can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Exchange Server 2013 Cumulative Update 21 Microsoft Exchange Server 2016 Cumulative Update 10 Recommendation...
Microsoft SQL Server Management Studio CVE-2018-8533 Information Disclosure Vulnerability
Description Microsoft SQL Server Management Studio is prone to an information-disclosure vulnerability. An attacker can leverage this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft SQL Server Management Studio 17.9 Microsoft SQL Server...
Microsoft Windows DirectX Graphics Kernel CVE-2018-8484 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to run processes with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Syste...
Microsoft Windows Subsystem for Linux CVE-2018-8329 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based...
Microsoft Edge Chakra Scripting Engine CVE-2018-8503 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft Windows Media Player CVE-2018-8481 Information Disclosure Vulnerability
Description Microsoft Windows Media Player is prone to a information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 1...
Microsoft Edge Chakra Scripting Engine CVE-2018-8511 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...