6867 matches found
Microsoft Edge CVE-2017-11803 Information Disclosure Vulnerability
Description Microsoft Edge is prone to an information disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Edge Recommendations Run all software as a nonprivileged user with minimal acce...
Microsoft Edge Scripting Engine CVE-2017-11862 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft Internet Explorer and Edge CVE-2017-11846 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer and Edge are prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currentl...
Microsoft Office CVE-2017-11882 Memory Corruption Vulnerability
Description Microsoft Office is prone to a memory-corruption vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...
Microsoft ASP.NET Core CVE-2017-11879 Open Redirection Vulnerability
Description Microsoft ASP.NET Core is prone to an open-redirection vulnerability because it fails to properly sanitize user-supplied input. An attacker can leverage this issue by constructing a crafted URI and enticing a user to follow it. When an unsuspecting victim follows the link, they may be...
Microsoft Office CVE-2017-11876 Cross Site Request Forgery Vulnerability
Description Microsoft Office is prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain unauthorized actions in the context of the affected application. Other attacks are also possible. Technologies Affected Microsoft Project Serve...
Adobe Acrobat and Reader Multiple Remote Code Execution Vulnerabilities
Description Adobe Acrobat and Reader are prone to multiple remote code-execution vulnerability. Attackers can exploit these issues to execute arbitrary code in the context of the application. Failed attacks may cause a denial-of-service condition. Technologies Affected Adobe Acrobat 11.0 Adobe...
Microsoft Internet Explorer and Edge CVE-2017-11858 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer and Edge are prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currentl...
Microsoft Internet Explorer CVE-2017-11856 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Internet Explorer 11 is vulnerable...
Microsoft Windows Kernel CVE-2017-11851 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...
Microsoft ASP.NET Core CVE-2017-8700 Information Disclosure Vulnerability
Description Microsoft ASP.NET Core is prone to an information disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. ASP.NET Core 1.0, and 1.1 are vulnerable. Technologies Affected Microsoft ASP.NET Core 1.0 Microsoft...
Microsoft Internet Explorer CVE-2017-11834 Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to an information-disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Internet Explorer 10 Microsoft Internet Explorer 11 Microsoft...
Microsoft Windows Kernel CVE-2017-11831 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...
Microsoft Edge Content Security Policy CVE-2017-11863 Security Bypass Vulnerability
Description Microsoft Edge is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. Technologies Affected Microsoft Edge Recommendations Block external acces...
Adobe Acrobat and Reader APSB17-36 Multiple Remote Code Execution Vulnerabilities
Description Adobe Acrobat and Reader are prone to multiple remote code-execution vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition...
Microsoft Windows Kernel CVE-2017-11880 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...
Microsoft Office CVE-2017-11884 Memory Corruption Vulnerability
Description Microsoft Office is prone to a memory-corruption vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft Exc...
Microsoft Edge CVE-2017-11844 Information Disclosure Vulnerability
Description Microsoft Edge is prone to an information disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Edge Recommendations Run all software as a nonprivileged user with minimal acce...
Adobe Flash Player APSB17-33 Multiple Remote Code Execution Vulnerabilities
Description Adobe Flash Player is prone to multiple remote code-execution vulnerabilities. An attacker can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions...
Microsoft Windows Kernel CVE-2017-11853 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...
Microsoft Internet Explorer CVE-2017-11869 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-i...
Microsoft Edge Scripting Engine CVE-2017-11870 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft Windows Media Player CVE-2017-11768 Local Information Disclosure Vulnerability
Description Microsoft Windows Media Player is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Window...
Microsoft Edge CVE-2017-11872 Security Bypass Vulnerability
Description Microsoft Edge is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. Technologies Affected Microsoft Edge Recommendations Block external acces...
Microsoft Edge Scripting Engine CVE-2017-11840 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft Edge CVE-2017-11845 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Faile...
Microsoft Edge Scripting Engine CVE-2017-11871 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft Edge CVE-2017-11833 Information Disclosure Vulnerability
Description Microsoft Edge is prone to an information disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Edge Recommendations Run all software as a nonprivileged user with minimal acce...
Microsoft Edge Scripting Engine CVE-2017-11836 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft Excel CVE-2017-11877 Security Bypass Vulnerability
Description Microsoft Excel is prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. Technologies Affected Microsoft Excel 2007 SP3 Microsoft Excel 20...
Microsoft Windows CVE-2017-11835 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems...
Microsoft ASP.NET Core CVE-2017-11770 Denial of Service Vulnerability
Description Microsoft ASP.NET Core is prone to a remote denial of service vulnerability. An attacker can exploit this issue to cause a denial of service condition. ASP.NET Core 1.0, 1.1 and 2.0 are vulnerable. Technologies Affected Microsoft ASP.NET Core 1.0 Microsoft ASP.NET Core 1.1 Microsoft...
Symantec Endpoint Encryption Various Issues
SUMMARY Symantec has released an update to address two issues in the Symantec Endpoint Encryption product. AFFECTED PRODUCTS Symantec Endpoint Encryption SEE --- CVE | Affected Versions | Remediation CVE-2017-15525 CVE-2017-15526 | Prior to 11.1.3MP1 | Upgrade to 11.1.3MP1 ISSUES CVE-2017-15525 -...
SA156: Apache Tomcat Vulnerabilities Apr-Oct 2017
SUMMARY Symantec Network Protection products using affected versions of Apache Tomcat are susceptible to multiple security vulnerabilities. A remote attacker, with access to the management interface, can obtain sensitive information from the server, modify information associated with a different...
Symantec Endpoint Protection Multiple Issues
SUMMARY Symantec has released a set of updates to address three issues in the Symantec Endpoint Protection SEP product. AFFECTED PRODUCTS Symantec Endpoint Protection SEP --- CVE | Affected Versions | Remediation CVE-2017-13681 | Prior to 12.1 RU6 MP9 | Upgrade to 12.1 RU6 MP9 Symantec Endpoint...
SA146: Improper User Authorization in ProxySG and ASG
SUMMARY The ProxySG and ASG management consoles do not, under certain circumstances, correctly authorize administrator users. A malicious administrator with read-only access can exploit this vulnerability to access management console functionality that requires read-write access privileges...
Xen CVE-2017-15595 Denial of Service Vulnerability
Description Xen is prone to a denial-of-service vulnerability. Attackers can exploit this issue to crash the affected application, denying service to legitimate users. Xen Xen version through 4.9.x are vulnerable. Technologies Affected Citrix XenServer 6.0.2 Citrix XenServer 6.2 Citrix XenServer...
Oracle WebLogic Server CVE-2017-10271 Remote Security Vulnerability
Description Oracle WebLogic Server is prone to a remote security vulnerability in WLS Security. The vulnerability can be exploited over the 'HTTP' protocol. This vulnerability affects the following supported versions: 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0, 12.2.1.2.0 Technologies Affected Oracle...
Adobe Flash Player CVE-2017-11292 Type Confusion Remote Code Execution Vulnerability
Description Adobe Flash Player is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause a denial-of-service condition. Technologies Affected...
Microsoft Windows DLL Loading CVE-2017-11769 Multiple Local Privilege Escalation Vulnerabilities
Description Microsoft Windows is prone to multiple local privilege-escalation vulnerabilities. An attacker can exploit these issues to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected...
Microsoft Edge Scripting Engine CVE-2017-11805 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft Windows Kernel CVE-2017-11817 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. An attacker can leverage this issue to disclose sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 16...
Microsoft Windows SMB Server CVE-2017-11781 Denial of Service Vulnerability
Description Microsoft Windows is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microso...
Microsoft Internet Explorer CVE-2017-11810 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Internet Explorer 9, 10 and 11 are...
Microsoft Windows Search CVE-2017-11772 Information Disclosure Vulnerability
Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 16...
Microsoft Windows Shell CVE-2017-8727 Remote Code Execution Vulnerability
Description Microsoft Windows Shell is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the current user. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Windows 10 Version 1607 for...
Microsoft Windows Kernel CVE-2017-11765 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. A local attacker can leverage this issue to disclose sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Versi...
Microsoft Edge Scripting Engine CVE-2017-11821 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft Edge Scripting Engine CVE-2017-11806 Remote Memory Corruption Vulnerability
Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...
Microsoft Windows Graphics Component CVE-2017-8693 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...