16763 matches found
Microsoft Office Visio DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Visio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...
Microsoft Office Visio DWG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Visio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...
Canon imageCLASS MF644Cdw BJNP Integer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF644Cdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the BJNP service. The issue results from the lack of proper...
Trend Micro Apex One Damage Cleanup Engine Link Following Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...
Microsoft Office Visio DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Visio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...
Microsoft Office Visio DWG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Visio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...
Microsoft Excel SKP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SKP...
Foxit PDF Reader U3D File Parsing Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3...
Foxit PDF Reader U3D File Parsing Use-After-Free Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi...
SolarWinds Network Performance Monitor WebUserSettingsCrudHandler Improper Input Validation Privilege Escalation Vulnerability
This vulnerability allows remote attackers to escalate privileges on affected installations of SolarWinds Network Performance Monitor. Authentication is required to exploit this vulnerability. The specific flaw exists within the CheckWhetherNonAdminAttemptsToModifyBlacklistedRecords function. The...
SolarWinds Network Performance Monitor GetPdf Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute code on affected installations of SolarWinds Network Performance Monitor. Authentication is required to exploit this vulnerability. The specific flaw exists within the GetPdf function. The issue results from the lack of proper validation of a...
Foxit PDF Reader PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi...
Foxit PDF Reader U3D File Parsing Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3...
SolarWinds Network Performance Monitor DeserializeFromStrippedXml Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Network Performance Monitor. Authentication is required to exploit this vulnerability. The specific flaw exists within the DeserializeFromStrippedXml function. The issue results from the...
Foxit PDF Reader U3D File Parsing Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3...
(Pwn2Own) Microsoft Teams chat Client-Side Template Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Teams. No user interaction is required if the attacker and target are in the same Teams organization. The specific flaw exists within the rendering of chat messages. Crafted data in a chat...
Microsoft Exchange RecipientProvisioningDefinition External Entity Processing Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the RecipientProvisioningDefinition class. Due to the improper restriction of XML...
Microsoft Exchange PstStatusLog Exposed Dangerous Function Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the PstStatusLog class. The issue results from the exposure of a dangerous...
Microsoft Exchange GsmWriter Exposed Dangerous Function Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the GsmWriter class. The issue results from the exposure of a dangerous...
Microsoft Exchange DumpDataReader Exposed Dangerous Function Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the DumpDataReader class. The issue results from the exposure of a dangerous...
Microsoft Exchange PcmReader Exposed Dangerous Function Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the PcmReader class. The issue results from the exposure of a dangerous function...
Microsoft Exchange EtwFile Exposed Dangerous Function Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the EtwFile class. The issue results from the exposure of a dangerous function. A...
Microsoft Exchange AppConfigAssemblyResolver Exposed Dangerous Function Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the AppConfigAssemblyResolver class. The issue results from the exposure of a...
Microsoft Exchange G711Reader Exposed Dangerous Function Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the G711Reader class. The issue results from the exposure of a dangerous function...
Microsoft Exchange GsmReader Exposed Dangerous Function Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the GsmReader class. The issue results from the exposure of a dangerous function...
Microsoft Exchange PdbReader Exposed Dangerous Function Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the PdbReader class. The issue results from the exposure of a dangerous function...
Microsoft Exchange DagNetMultiValuedProperty Exposed Dangerous Function Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the DagNetMultiValuedProperty class. The issue results from the exposure of a dangerous...
Microsoft Exchange ScriptingAgentConfiguration Exposed Dangerous Function Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the ScriptingAgentConfiguration class. The issue results from the exposure of a...
Microsoft Exchange TraceFile Exposed Dangerous Function Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the TraceFile class. The issue results from the exposure of a dangerous function...
Microsoft Exchange Command Exposed Dangerous Function Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the Command class. The issue results from the exposure of a dangerous function. An attack...
Microsoft Exchange FlatFileTraceListener Exposed Dangerous Function Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the FlatFileTraceListener class. The issue results from the exposure of a...
Microsoft Exchange FileLog Exposed Dangerous Function Denial-of-Service Vulnerability
This vulnerability allows remote attackers to delete arbitrary files and create a denial-of-service condition on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the FileLog class. The issue results from the...
Microsoft Exchange WmaReader Exposed Dangerous Function Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the WmaReader class. The issue results from the exposure of a dangerous function...
Microsoft Exchange OrganizationInitializationDefinition External Entity Processing Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the OrganizationInitializationDefinition class. Due to the improper restriction o...
Microsoft Exchange MsgStorageWriter Exposed Dangerous Function Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the MsgStorageWriter class. The issue results from the exposure of a...
Microsoft Exchange PEFile Exposed Dangerous Function Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the PEFile class. The issue results from the exposure of a dangerous function. An...
Microsoft Exchange MatlabWriter Exposed Dangerous Function Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the MatlabWriter class. The issue results from the exposure of a dangerous...
Microsoft Exchange FileHandler Exposed Dangerous Function Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the FileHandler class. The issue results from the exposure of a dangerous functio...
Microsoft Exchange FileDependency Exposed Dangerous Function Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the FileDependency class. The issue results from the exposure of a dangerous...
Microsoft Exchange DumpReader Exposed Dangerous Function Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the DumpReader class. The issue results from the exposure of a dangerous function...
Microsoft Exchange DbgEngDataReader Exposed Dangerous Function Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the DbgEngDataReader class. The issue results from the exposure of a dangerous...
Microsoft Exchange FormattedTextWriterTraceListener Exposed Dangerous Function Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the FormattedTextWriterTraceListener class. The issue results from the...
Microsoft Exchange FileConfigurationSource Exposed Dangerous Function Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the FileConfigurationSource class. The issue results from the exposure of a...
Microsoft Exchange MsiDatabase Exposed Dangerous Function Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the MsiDatabase class. The issue results from the exposure of a dangerous functio...
Microsoft Exchange PromptPreviewRpcResponse Exposed Dangerous Function Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the PromptPreviewRpcResponse class. The issue results from the exposure of a...
Microsoft Exchange StreamWriterWrapper Exposed Dangerous Function Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the StreamWriterWrapper class. The issue results from the exposure of a...
Trend Micro Apex One Unauthorized Change Prevention Service Out-Of-Bounds Access Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...
Microsoft Word FBX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FBX...
TP-Link TL-WR940N httpd Use of Insufficiently Random Values Authentication Bypass Vulnerability
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of TP-Link TL-WR940N routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue...
Microsoft Exchange TorusTryAccessCheck Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Exchange. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...