16763 matches found
Microsoft Office Visio DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Visio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...
Microsoft Excel SKP File Parsing Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SKP...
Microsoft Office Visio DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Visio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...
Microsoft Office Visio DWG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Visio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...
Microsoft Office Visio DWG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Visio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...
Microsoft Office Visio DWG File Parsing Use-After-Free Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Office Visio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Microsoft Office Visio DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Visio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...
Foxit PDF Reader U3D File Parsing Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3...
SolarWinds Network Performance Monitor GetPdf Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute code on affected installations of SolarWinds Network Performance Monitor. Authentication is required to exploit this vulnerability. The specific flaw exists within the GetPdf function. The issue results from the lack of proper validation of a...
Foxit PDF Reader PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi...
Foxit PDF Reader U3D File Parsing Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3...
Foxit PDF Reader U3D File Parsing Use-After-Free Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi...
SolarWinds Network Performance Monitor WebUserSettingsCrudHandler Improper Input Validation Privilege Escalation Vulnerability
This vulnerability allows remote attackers to escalate privileges on affected installations of SolarWinds Network Performance Monitor. Authentication is required to exploit this vulnerability. The specific flaw exists within the CheckWhetherNonAdminAttemptsToModifyBlacklistedRecords function. The...
SolarWinds Network Performance Monitor DeserializeFromStrippedXml Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Network Performance Monitor. Authentication is required to exploit this vulnerability. The specific flaw exists within the DeserializeFromStrippedXml function. The issue results from the...
Foxit PDF Reader U3D File Parsing Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3...
(Pwn2Own) Microsoft Teams chat Client-Side Template Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Teams. No user interaction is required if the attacker and target are in the same Teams organization. The specific flaw exists within the rendering of chat messages. Crafted data in a chat...
Microsoft Exchange MatlabWriter Exposed Dangerous Function Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the MatlabWriter class. The issue results from the exposure of a dangerous...
Microsoft Exchange FormattedTextWriterTraceListener Exposed Dangerous Function Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the FormattedTextWriterTraceListener class. The issue results from the...
Microsoft Exchange OrganizationInitializationDefinition External Entity Processing Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the OrganizationInitializationDefinition class. Due to the improper restriction o...
Microsoft Exchange FlatFileTraceListener Exposed Dangerous Function Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the FlatFileTraceListener class. The issue results from the exposure of a...
Microsoft Exchange RecipientProvisioningDefinition External Entity Processing Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the RecipientProvisioningDefinition class. Due to the improper restriction of XML...
Microsoft Exchange FileDependency Exposed Dangerous Function Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the FileDependency class. The issue results from the exposure of a dangerous...
Microsoft Exchange EtwFile Exposed Dangerous Function Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the EtwFile class. The issue results from the exposure of a dangerous function. A...
Microsoft Exchange WmaReader Exposed Dangerous Function Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the WmaReader class. The issue results from the exposure of a dangerous function...
Microsoft Exchange StreamWriterWrapper Exposed Dangerous Function Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the StreamWriterWrapper class. The issue results from the exposure of a...
Microsoft Exchange FileHandler Exposed Dangerous Function Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the FileHandler class. The issue results from the exposure of a dangerous functio...
Microsoft Exchange GsmReader Exposed Dangerous Function Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the GsmReader class. The issue results from the exposure of a dangerous function...
Microsoft Exchange PEFile Exposed Dangerous Function Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the PEFile class. The issue results from the exposure of a dangerous function. An...
Microsoft Exchange DumpDataReader Exposed Dangerous Function Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the DumpDataReader class. The issue results from the exposure of a dangerous...
Microsoft Exchange FileLog Exposed Dangerous Function Denial-of-Service Vulnerability
This vulnerability allows remote attackers to delete arbitrary files and create a denial-of-service condition on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the FileLog class. The issue results from the...
Microsoft Exchange G711Reader Exposed Dangerous Function Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the G711Reader class. The issue results from the exposure of a dangerous function...
Microsoft Exchange PdbReader Exposed Dangerous Function Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the PdbReader class. The issue results from the exposure of a dangerous function...
Microsoft Exchange AppConfigAssemblyResolver Exposed Dangerous Function Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the AppConfigAssemblyResolver class. The issue results from the exposure of a...
Microsoft Exchange FileConfigurationSource Exposed Dangerous Function Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the FileConfigurationSource class. The issue results from the exposure of a...
Microsoft Exchange GsmWriter Exposed Dangerous Function Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the GsmWriter class. The issue results from the exposure of a dangerous...
Microsoft Exchange PromptPreviewRpcResponse Exposed Dangerous Function Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the PromptPreviewRpcResponse class. The issue results from the exposure of a...
Microsoft Exchange TraceFile Exposed Dangerous Function Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the TraceFile class. The issue results from the exposure of a dangerous function...
Microsoft Exchange DbgEngDataReader Exposed Dangerous Function Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the DbgEngDataReader class. The issue results from the exposure of a dangerous...
Microsoft Exchange MsgStorageWriter Exposed Dangerous Function Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the MsgStorageWriter class. The issue results from the exposure of a...
Microsoft Exchange ScriptingAgentConfiguration Exposed Dangerous Function Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the ScriptingAgentConfiguration class. The issue results from the exposure of a...
Microsoft Exchange DumpReader Exposed Dangerous Function Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the DumpReader class. The issue results from the exposure of a dangerous function...
Microsoft Exchange MsiDatabase Exposed Dangerous Function Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the MsiDatabase class. The issue results from the exposure of a dangerous functio...
Microsoft Exchange DagNetMultiValuedProperty Exposed Dangerous Function Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the DagNetMultiValuedProperty class. The issue results from the exposure of a dangerous...
Microsoft Exchange PcmReader Exposed Dangerous Function Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the PcmReader class. The issue results from the exposure of a dangerous function...
Microsoft Exchange PstStatusLog Exposed Dangerous Function Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the PstStatusLog class. The issue results from the exposure of a dangerous...
Microsoft Exchange Command Exposed Dangerous Function Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the Command class. The issue results from the exposure of a dangerous function. An attack...
(Pwn2Own) Microsoft Teams electronSafeIpc Arbitrary File Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Teams. No user interaction is required if the attacker and target are in the same Teams organization. The specific flaw exists within the communication API. The issue lies in the handling o...
(Pwn2Own) Microsoft Teams Unnecessary Privileges Privilege Escalation Vulnerability
This vulnerability allows remote attackers to escalate privileges on affected installations of Microsoft Teams. An attacker must first obtain the ability to execute script within the application window in order to exploit this vulnerability. The specific flaw exists within the parameters passed t...
(Pwn2Own) Microsoft Teams chat Client-Side Template Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Teams. No user interaction is required if the attacker and target are in the same Teams organization. The specific flaw exists within the rendering of chat messages. Crafted data in a chat...
(Pwn2Own) Microsoft Teams WebView Incorrect Privilege Assignment Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Teams. No user interaction is required if the attacker and target are in the same Teams organization and are both participants in a meeting. The specific flaw exists within handling of...