4985 matches found
VulnCheck KEV: CVE-2018-0147
A vulnerability in Java deserialization used by Cisco Secure Access Control System ACS could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insecure deserialization of user-supplied content by the affected software...
VulnCheck KEV: CVE-2019-1064
A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context...
VulnCheck KEV: CVE-2017-0101
A privilege escalation vulnerability exists when the Windows Transaction Manager improperly handles objects in memory...
VulnCheck KEV: CVE-2019-0543
A privilege escalation vulnerability exists when Windows improperly handles authentication requests. An attacker who successfully exploited this vulnerability could run processes in an elevated context...
VulnCheck KEV: CVE-2019-0841
A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context...
VulnCheck KEV: CVE-2016-3309
A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode...
VulnCheck KEV: CVE-2019-1253
A privilege escalation vulnerability exists when the Windows AppX Deployment Server improperly handles junctions...
VulnCheck KEV: CVE-2019-1129
A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context...
VulnCheck KEV: CVE-2019-1315
A privilege escalation vulnerability exists when Windows Error Reporting manager improperly handles hard links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status...
VulnCheck KEV: CVE-2020-5135
A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service DoS and potentially execute arbitrary code by sending a malicious request to the firewall...
VulnCheck KEV: CVE-2022-26143
A vulnerability has been identified in MiCollab and MiVoice Business Express that may allow a malicious actor to gain unauthorized access to sensitive information and services, cause performance degradations or a denial of service condition on the affected system...
VulnCheck KEV: CVE-2021-44207
Acclaim Systems USAHERDS contains a hard-coded credentials vulnerability that could allow an attacker to achieve remote code execution on the system that runs the application. The MachineKey must be obtained via a separate vulnerability or other channel...
VulnCheck KEV: CVE-2021-22600
Linux Kernel contains a flaw in the packet socket AFPACKET implementation which could lead to incorrectly freeing memory. A local user could exploit this for denial-of-service DoS or possibly for privilege escalation...
VulnCheck KEV: CVE-2021-39793
Google Pixel contains a possible out-of-bounds write due to a logic error in the code that could lead to local escalation of privilege...
VulnCheck KEV: CVE-2021-22941
Improper Access Control in Citrix ShareFile storage zones controller may allow an unauthenticated attacker to remotely compromise the storage zones controller...
VulnCheck KEV: CVE-2022-26134
Atlassian Confluence Server and Data Center contain a remote code execution vulnerability that allows for an unauthenticated attacker to perform remote code execution...
VulnCheck KEV: CVE-2022-24706
Apache CouchDB contains an insecure default initialization of resource vulnerability which can allow an attacker to escalate to administrative privileges...
VulnCheck KEV: CVE-2022-26486
Mozilla Firefox contains a use-after-free vulnerability in WebGPU IPC Framework which can be exploited to perform arbitrary code execution...
VulnCheck KEV: CVE-2022-26485
Mozilla Firefox contains a use-after-free vulnerability in XSLT parameter processing which can be exploited to perform arbitrary code execution...
VulnCheck KEV: CVE-2018-0167
There is a buffer overflow vulnerability in the Link Layer Discovery Protocol LLDP subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software which could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition or execute arbitrary code...
VulnCheck KEV: CVE-2018-0173
A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsulated option 82 information in DHCP Version 4 DHCPv4 packets can allow for denial-of-service DoS...
VulnCheck KEV: CVE-2017-12232
A vulnerability in the implementation of a protocol in Cisco Integrated Services Routers Generation 2 ISR G2 Routers running Cisco IOS could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service...
VulnCheck KEV: CVE-2018-0155
A vulnerability in the Bidirectional Forwarding Detection BFD offload implementation of Cisco Catalyst 4500 Series Switches and Cisco Catalyst 4500-X Series Switches could allow an unauthenticated, remote attacker to cause a crash of the iosd process, causing a denial-of-service DoS condition...
VulnCheck KEV: CVE-2011-1889
A remote code execution vulnerability exists in the Forefront Threat Management Gateway TMG Firewall Client Winsock provider that could allow code execution in the security context of the client application...
VulnCheck KEV: CVE-2020-11899
The Treck TCP/IP stack contains an IPv6 out-of-bounds read vulnerability...
VulnCheck KEV: CVE-2022-20701
A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or...
VulnCheck KEV: CVE-2018-0174
A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow for denial-of-service DoS...
VulnCheck KEV: CVE-2022-20699
A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or...
VulnCheck KEV: CVE-2018-0151
A vulnerability in the quality of service QoS subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition or execute arbitrary code with elevated privileges...
VulnCheck KEV: CVE-2017-6627
A vulnerability in the UDP processing code of Cisco IOS and IOS XE could allow an unauthenticated, remote attacker to cause the input queue of an affected system to hold UDP packets, causing an interface queue wedge and denial of service...
VulnCheck KEV: CVE-2019-1297
A remote code execution vulnerability exists in Microsoft Excel when the software fails to properly handle objects in memory...
VulnCheck KEV: CVE-2018-0175
Format string vulnerability in the Link Layer Discovery Protocol LLDP subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition or execute arbitrary code with elevated...
VulnCheck KEV: CVE-2014-0496
Adobe Reader and Acrobat contain a use-after-free vulnerability which can allow for code execution...
VulnCheck KEV: CVE-2017-12238
A vulnerability in the Virtual Private LAN Service VPLS code of Cisco IOS for Cisco Catalyst 6800 Series Switches could allow an unauthenticated, adjacent attacker to cause a denial of service...
VulnCheck KEV: CVE-2017-12240
The Dynamic Host Configuration Protocol DHCP relay subsystem of Cisco IOS and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system...
VulnCheck KEV: CVE-2017-8540
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft...
VulnCheck KEV: CVE-2017-6737
The Simple Network Management Protocol SNMP subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code...
VulnCheck KEV: CVE-2018-0158
A vulnerability in the implementation of Internet Key Exchange Version 1 IKEv1 functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial-of-service DoS condition...
VulnCheck KEV: CVE-2017-6744
The Simple Network Management Protocol SNMP subsystem of Cisco IOS 1 contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a...
VulnCheck KEV: CVE-2018-0156
A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial-of-service DoS condition...
VulnCheck KEV: CVE-2017-12231
A vulnerability in the implementation of Network Address Translation NAT functionality in Cisco IOS could allow an unauthenticated, remote attacker to cause a denial of service...
VulnCheck KEV: CVE-2019-16928
Exim contains an out-of-bounds write vulnerability which can allow for remote code execution...
VulnCheck KEV: CVE-2018-0159
A vulnerability in the implementation of Internet Key Exchange Version 1 IKEv1 functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial-of-service DoS condition...
VulnCheck KEV: CVE-2017-12233
There is a vulnerability in the implementation of the Common Industrial Protocol CIP feature in Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service...
VulnCheck KEV: CVE-2017-6663
A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause autonomic nodes of an affected system to reload, resulting in denial-of-service DoS...
VulnCheck KEV: CVE-2017-12237
A vulnerability in the Internet Key Exchange Version 2 IKEv2 module of Cisco IOS and Cisco IOS XE could allow an unauthenticated, remote attacker to cause high CPU utilization, traceback messages, or a reload of an affected device that leads to a denial of service...
VulnCheck KEV: CVE-2018-0154
A vulnerability in the crypto engine of the Cisco Integrated Services Module for VPN ISM-VPN running Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial-of-service DoS condition...
VulnCheck KEV: CVE-2017-12234
There is a vulnerability in the implementation of the Common Industrial Protocol CIP feature in Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service...
VulnCheck KEV: CVE-2017-12235
A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol PN-DCP for Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service...
VulnCheck KEV: CVE-2022-20708
A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or...