| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2014-4998 | — | Hig | 0.51 | 7.8 | 0.01 | Jan 10, 2018 | test/tc_database.rb in the lean-ruport gem 0.3.8 for Ruby places the mysql user password on the mysqldump command line, which allows local users to obtain sensitive information by listing the process. | |
| CVE-2014-4997 | — | Hig | 0.51 | 7.8 | 0.01 | Jan 10, 2018 | lib/commands/setup.rb in the point-cli gem 0.0.1 for Ruby places credentials on the curl command line, which allows local users to obtain sensitive information by listing the process. | |
| CVE-2014-4995 | — | Hig | 0.46 | 7.0 | 0.00 | Jan 10, 2018 | Race condition in lib/vlad/dba/mysql.rb in the VladTheEnterprising gem 0.2 for Ruby allows local users to obtain sensitive information by reading the MySQL root password from a temporary file before it is removed. | |
| CVE-2014-4993 | — | Hig | 0.51 | 7.8 | 0.01 | Jan 10, 2018 | (1) lib/backup/cli/utility.rb in the backup-agoddard gem 3.0.28 and (2) lib/backup/cli/utility.rb in the backup_checksum gem 3.0.23 for Ruby place credentials on the openssl command line, which allows local users to obtain sensitive information by listing the process. | |
| CVE-2014-4992 | — | Hig | 0.51 | 7.8 | 0.01 | Jan 10, 2018 | lib/cap-strap/helpers.rb in the cap-strap gem 0.1.5 for Ruby places credentials on the useradd command line, which allows local users to obtain sensitive information by listing the process. | |
| CVE-2014-4991 | — | Hig | 0.51 | 7.8 | 0.01 | Jan 10, 2018 | (1) lib/dataset/database/mysql.rb and (2) lib/dataset/database/postgresql.rb in the codders-dataset gem 1.3.2.1 for Ruby place credentials on the mysqldump command line, which allows local users to obtain sensitive information by listing the process. | |
| CVE-2017-7536 | — | Hig | 0.39 | 7.0 | 0.00 | Jan 10, 2018 | In Hibernate Validator 5.2.x before 5.2.5 final, 5.3.x, and 5.4.x, it was found that when the security manager's reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occur. By… | |
| CVE-2017-12169 | Hig | 0.49 | 7.5 | 0.02 | Jan 10, 2018 | It was found that FreeIPA 4.2.0 and later could disclose password hashes to users having the 'System: Read Stage Users' permission. A remote, authenticated attacker could potentially use this flaw to disclose the password hashes belonging to Stage Users. This security issue does… | ||
| CVE-2017-18026 | Hig | 0.00 | 8.8 | 0.03 | Jan 10, 2018 | Redmine before 3.2.9, 3.3.x before 3.3.6, and 3.4.x before 3.4.4 does not block the --config and --debugger flags to the Mercurial hg program, which allows remote attackers to execute arbitrary commands (through the Mercurial adapter) via vectors involving a branch whose name… | ||
| CVE-2017-9795 | — | Hig | 0.49 | 7.5 | 0.04 | Jan 10, 2018 | When an Apache Geode cluster before v1.3.0 is operating in secure mode, a user with read access to specific regions within a Geode cluster may execute OQL queries that allow read and write access to objects within unauthorized regions. In addition a user could invoke methods… | |
| CVE-2017-12622 | — | Hig | 0.46 | 7.1 | 0.02 | Jan 10, 2018 | When an Apache Geode cluster before v1.3.0 is operating in secure mode and an authenticated user connects to a Geode cluster using the gfsh tool with HTTP, the user is able to obtain status information and control cluster members even without CLUSTER:MANAGE privileges. | |
| CVE-2018-0818 | — | Hig | 0.00 | 7.5 | 0.04 | Jan 10, 2018 | Microsoft ChakraCore allows an attacker to bypass Control Flow Guard (CFG) in conjunction with another vulnerability to run arbitrary code on a target system, due to how the Chakra scripting engine handles accessing memory, aka "Scripting Engine Security Feature Bypass". | |
| CVE-2018-0812 | Hig | 0.53 | 7.8 | 0.24 | Jan 10, 2018 | Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Memory Corruption… | ||
| CVE-2018-0807 | Hig | 0.59 | 8.8 | 0.24 | Jan 10, 2018 | Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution… | ||
| CVE-2018-0806 | Hig | 0.59 | 8.8 | 0.25 | Jan 10, 2018 | Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution… | ||
| CVE-2018-0805 | Hig | 0.59 | 8.8 | 0.24 | Jan 10, 2018 | Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution… | ||
| CVE-2018-0804 | Hig | 0.59 | 8.8 | 0.24 | Jan 10, 2018 | Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution… | ||
| CVE-2018-0802 | Hig | 0.70 | 7.8 | 0.93 | KEV | Jan 10, 2018 | Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE is unique… | |
| CVE-2018-0801 | Hig | 0.59 | 8.8 | 0.24 | Jan 10, 2018 | Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Remote Code Execution Vulnerability". | ||
| CVE-2018-0798 | Hig | 0.77 | 8.8 | 0.95 | KEV | Jan 10, 2018 | Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". | |
| CVE-2018-0797 | Hig | 0.53 | 7.8 | 0.25 | Jan 10, 2018 | Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way RTF content is handled, aka "Microsoft Word Memory Corruption Vulnerability". | ||
| CVE-2018-0796 | Hig | 0.59 | 8.8 | 0.23 | Jan 10, 2018 | Microsoft Excel in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Excel Remote Code Execution Vulnerability". | ||
| CVE-2018-0795 | Hig | 0.59 | 8.8 | 0.19 | Jan 10, 2018 | Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Remote Code Execution Vulnerability". | ||
| CVE-2018-0794 | Hig | 0.59 | 8.8 | 0.20 | Jan 10, 2018 | Microsoft Word in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability". This CVE is… | ||
| CVE-2018-0793 | Hig | 0.52 | 7.8 | 0.21 | Jan 10, 2018 | Microsoft Outlook 2007, Microsoft Outlook 2010 and Microsoft Outlook 2013 allow a remote code execution vulnerability due to the way email messages are parsed, aka "Microsoft Outlook Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0791. | ||
| CVE-2018-0792 | Hig | 0.59 | 8.8 | 0.27 | Jan 10, 2018 | Microsoft Word 2016 in Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0794. | ||
| CVE-2018-0791 | Hig | 0.52 | 7.8 | 0.21 | Jan 10, 2018 | Microsoft Outlook 2007, Microsoft Outlook 2010, Microsoft Outlook 2013, and Microsoft Outlook 2016 allow a remote code execution vulnerability due to the way email messages are parsed, aka "Microsoft Outlook Remote Code Execution Vulnerability". This CVE is unique from… | ||
| CVE-2018-0790 | Hig | 0.58 | 8.8 | 0.05 | Jan 10, 2018 | Microsoft SharePoint Foundation 2010, Microsoft SharePoint Server 2013 and Microsoft SharePoint Server 2016 allow an elevation of privilege vulnerability due to the way web requests are handled, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique… | ||
| CVE-2018-0789 | Hig | 0.58 | 8.8 | 0.06 | Jan 10, 2018 | Microsoft SharePoint Foundation 2010, Microsoft SharePoint Server 2013 and Microsoft SharePoint Server 2016 allow an elevation of privilege vulnerability due to the way web requests are handled, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique… | ||
| CVE-2018-0786 | — | Hig | 0.49 | 7.5 | 0.04 | Jan 10, 2018 | Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, .NET Core 1.0 and 2.0, and PowerShell Core 6.0.0 allow a security feature bypass vulnerability due to the way certificates are validated, aka ".NET Security Feature Bypass Vulnerability." | |
| CVE-2018-0784 | Hig | 0.58 | 8.8 | 0.07 | Jan 10, 2018 | ASP.NET Core 1.0. 1.1, and 2.0 allow an elevation of privilege vulnerability due to the ASP.NET Core project templates, aka "ASP.NET Core Elevation Of Privilege Vulnerability". This CVE is unique from CVE-2018-0808. | ||
| CVE-2018-0764 | — | Hig | 0.49 | 7.5 | 0.09 | Jan 10, 2018 | Microsoft .NET Framework 1.1, 2.0, 3.0, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 5.7 and .NET Core 1.0. 1.1 and 2.0 allow a denial of service vulnerability due to the way XML documents are processed, aka ".NET and .NET Core Denial Of Service Vulnerability". This… | |
| CVE-2018-4871 | Hig | 0.49 | 7.5 | 0.06 | Jan 9, 2018 | An Out-of-bounds Read issue was discovered in Adobe Flash Player before 28.0.0.137. This vulnerability occurs because of computation that reads data that is past the end of the target buffer. The use of an invalid (out-of-range) pointer offset during access of internal data… | ||
| CVE-2017-9663 | Hig | 0.49 | 7.5 | 0.01 | Jan 9, 2018 | An Cleartext Storage of Sensitive Information issue was discovered in General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client 7.1. Successful exploitation of this vulnerability may allow a remote attacker to access an encryption key that is stored in cleartext in memory. | ||
| CVE-2017-15131 | Hig | 0.51 | 7.8 | 0.00 | Jan 9, 2018 | It was found that system umask policy is not being honored when creating XDG user directories, since Xsession sources xdg-user-dirs.sh before setting umask policy. This only affects xdg-user-dirs before 0.15.5 as shipped with Red Hat Enterprise Linux. | ||
| CVE-2017-15124 | Hig | 0.49 | 7.5 | 0.03 | Jan 9, 2018 | VNC server implementation in Quick Emulator (QEMU) 2.11.0 and older was found to be vulnerable to an unbounded memory allocation issue, as it did not throttle the framebuffer updates sent to its client. If the client did not consume these updates, VNC server allocates growing… | ||
| CVE-2017-12695 | Hig | 0.57 | 8.8 | 0.02 | Jan 9, 2018 | An Improper Authentication issue was discovered in General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client 7.1. Successful exploitation of this vulnerability may allow an attacker to subvert security mechanisms and reset a user account password. | ||
| CVE-2017-1671 | Hig | 0.49 | 7.5 | 0.03 | Jan 9, 2018 | IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 133638. | ||
| CVE-2017-1666 | Hig | 0.53 | 8.1 | 0.02 | Jan 9, 2018 | IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 133540. | ||
| CVE-2017-1612 | Hig | 0.51 | 7.8 | 0.00 | Jan 9, 2018 | IBM WebSphere MQ 7.0, 7.1, 7.5, 8.0, and 9.0 service trace module could be used to execute untrusted code under 'mqm' user. IBM X-Force ID: 132953. | ||
| CVE-2018-5221 | Hig | 0.58 | 8.8 | 0.04 | Jan 9, 2018 | Multiple buffer overflows in BarCodeWiz BarCode before 6.7 ActiveX control (BarcodeWiz.DLL) allow remote attackers to execute arbitrary code via a long argument to the (1) BottomText or (2) TopText property. | ||
| CVE-2015-1290 | Hig | 0.57 | 8.8 | 0.03 | Jan 9, 2018 | The Google V8 engine, as used in Google Chrome before 44.0.2403.89 and QtWebEngineCore in Qt before 5.5.1, allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a crafted web site. | ||
| CVE-2018-2363 | Hig | 0.57 | 8.8 | 0.02 | Jan 9, 2018 | SAP NetWeaver, SAP BASIS from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.52, contains code that allows you to execute arbitrary program code of the user's choice. A malicious user can therefore control the behaviour of the system or can potentially… | ||
| CVE-2018-2361 | Hig | 0.57 | 8.8 | 0.01 | Jan 9, 2018 | In SAP Solution Manager 7.20, the role SAP_BPO_CONFIG gives the Business Process Operations (BPO) configuration user more authorization than required for configuring the BPO tools. | ||
| CVE-2018-2360 | Hig | 0.49 | 7.5 | 0.03 | Jan 9, 2018 | SAP Startup Service, SAP KERNEL 7.45, 7.49, and 7.52, is missing an authentication check for functionalities that require user identity and cause consumption of file system storage. | ||
| CVE-2018-5308 | Hig | 0.51 | 7.8 | 0.01 | Jan 9, 2018 | PoDoFo 0.9.5 does not properly validate memcpy arguments in the PdfMemoryOutputStream::Write function (base/PdfOutputStream.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file. | ||
| CVE-2012-3353 | Hig | 0.49 | 7.5 | 0.03 | Jan 9, 2018 | The Apache Sling JCR ContentLoader 2.1.4 XmlReader used in the Sling JCR content loader module makes it possible to import arbitrary files in the content repository, including local files, causing potential information leaks. Users should upgrade to version 2.1.6 of the JCR… | ||
| CVE-2015-2319 | Hig | 0.42 | 7.5 | 0.03 | Jan 8, 2018 | The TLS stack in Mono before 3.12.1 makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CVE-2015-0204. | ||
| CVE-2015-2318 | Hig | 0.46 | 8.1 | 0.02 | Jan 8, 2018 | The TLS stack in Mono before 3.12.1 allows man-in-the-middle attackers to conduct message skipping attacks and consequently impersonate clients by leveraging missing handshake state validation, aka a "SMACK SKIP-TLS" issue. | ||
| CVE-2014-2071 | Hig | 0.46 | 7.1 | 0.01 | Jan 8, 2018 | Aruba Networks ClearPass Policy Manager 6.1.x, 6.2.x before 6.2.5.61640 and 6.3.x before 6.3.0.61712, when configured to use tunneled and non-tunneled EAP methods in a single policy construct, allows remote authenticated users to gain privileges by advertising independent inner… |
- risk 0.51cvss 7.8epss 0.01
test/tc_database.rb in the lean-ruport gem 0.3.8 for Ruby places the mysql user password on the mysqldump command line, which allows local users to obtain sensitive information by listing the process.
- risk 0.51cvss 7.8epss 0.01
lib/commands/setup.rb in the point-cli gem 0.0.1 for Ruby places credentials on the curl command line, which allows local users to obtain sensitive information by listing the process.
- risk 0.46cvss 7.0epss 0.00
Race condition in lib/vlad/dba/mysql.rb in the VladTheEnterprising gem 0.2 for Ruby allows local users to obtain sensitive information by reading the MySQL root password from a temporary file before it is removed.
- risk 0.51cvss 7.8epss 0.01
(1) lib/backup/cli/utility.rb in the backup-agoddard gem 3.0.28 and (2) lib/backup/cli/utility.rb in the backup_checksum gem 3.0.23 for Ruby place credentials on the openssl command line, which allows local users to obtain sensitive information by listing the process.
- risk 0.51cvss 7.8epss 0.01
lib/cap-strap/helpers.rb in the cap-strap gem 0.1.5 for Ruby places credentials on the useradd command line, which allows local users to obtain sensitive information by listing the process.
- risk 0.51cvss 7.8epss 0.01
(1) lib/dataset/database/mysql.rb and (2) lib/dataset/database/postgresql.rb in the codders-dataset gem 1.3.2.1 for Ruby place credentials on the mysqldump command line, which allows local users to obtain sensitive information by listing the process.
- risk 0.39cvss 7.0epss 0.00
In Hibernate Validator 5.2.x before 5.2.5 final, 5.3.x, and 5.4.x, it was found that when the security manager's reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occur. By…
- risk 0.49cvss 7.5epss 0.02
It was found that FreeIPA 4.2.0 and later could disclose password hashes to users having the 'System: Read Stage Users' permission. A remote, authenticated attacker could potentially use this flaw to disclose the password hashes belonging to Stage Users. This security issue does…
- risk 0.00cvss 8.8epss 0.03
Redmine before 3.2.9, 3.3.x before 3.3.6, and 3.4.x before 3.4.4 does not block the --config and --debugger flags to the Mercurial hg program, which allows remote attackers to execute arbitrary commands (through the Mercurial adapter) via vectors involving a branch whose name…
- risk 0.49cvss 7.5epss 0.04
When an Apache Geode cluster before v1.3.0 is operating in secure mode, a user with read access to specific regions within a Geode cluster may execute OQL queries that allow read and write access to objects within unauthorized regions. In addition a user could invoke methods…
- risk 0.46cvss 7.1epss 0.02
When an Apache Geode cluster before v1.3.0 is operating in secure mode and an authenticated user connects to a Geode cluster using the gfsh tool with HTTP, the user is able to obtain status information and control cluster members even without CLUSTER:MANAGE privileges.
- risk 0.00cvss 7.5epss 0.04
Microsoft ChakraCore allows an attacker to bypass Control Flow Guard (CFG) in conjunction with another vulnerability to run arbitrary code on a target system, due to how the Chakra scripting engine handles accessing memory, aka "Scripting Engine Security Feature Bypass".
- risk 0.53cvss 7.8epss 0.24
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Memory Corruption…
- risk 0.59cvss 8.8epss 0.24
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution…
- risk 0.59cvss 8.8epss 0.25
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution…
- risk 0.59cvss 8.8epss 0.24
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution…
- risk 0.59cvss 8.8epss 0.24
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution…
- risk 0.70cvss 7.8epss 0.93
Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE is unique…
- risk 0.59cvss 8.8epss 0.24
Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Remote Code Execution Vulnerability".
- risk 0.77cvss 8.8epss 0.95
Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability".
- risk 0.53cvss 7.8epss 0.25
Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way RTF content is handled, aka "Microsoft Word Memory Corruption Vulnerability".
- risk 0.59cvss 8.8epss 0.23
Microsoft Excel in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Excel Remote Code Execution Vulnerability".
- risk 0.59cvss 8.8epss 0.19
Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Remote Code Execution Vulnerability".
- risk 0.59cvss 8.8epss 0.20
Microsoft Word in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability". This CVE is…
- risk 0.52cvss 7.8epss 0.21
Microsoft Outlook 2007, Microsoft Outlook 2010 and Microsoft Outlook 2013 allow a remote code execution vulnerability due to the way email messages are parsed, aka "Microsoft Outlook Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0791.
- risk 0.59cvss 8.8epss 0.27
Microsoft Word 2016 in Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0794.
- risk 0.52cvss 7.8epss 0.21
Microsoft Outlook 2007, Microsoft Outlook 2010, Microsoft Outlook 2013, and Microsoft Outlook 2016 allow a remote code execution vulnerability due to the way email messages are parsed, aka "Microsoft Outlook Remote Code Execution Vulnerability". This CVE is unique from…
- risk 0.58cvss 8.8epss 0.05
Microsoft SharePoint Foundation 2010, Microsoft SharePoint Server 2013 and Microsoft SharePoint Server 2016 allow an elevation of privilege vulnerability due to the way web requests are handled, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique…
- risk 0.58cvss 8.8epss 0.06
Microsoft SharePoint Foundation 2010, Microsoft SharePoint Server 2013 and Microsoft SharePoint Server 2016 allow an elevation of privilege vulnerability due to the way web requests are handled, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique…
- risk 0.49cvss 7.5epss 0.04
Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, .NET Core 1.0 and 2.0, and PowerShell Core 6.0.0 allow a security feature bypass vulnerability due to the way certificates are validated, aka ".NET Security Feature Bypass Vulnerability."
- risk 0.58cvss 8.8epss 0.07
ASP.NET Core 1.0. 1.1, and 2.0 allow an elevation of privilege vulnerability due to the ASP.NET Core project templates, aka "ASP.NET Core Elevation Of Privilege Vulnerability". This CVE is unique from CVE-2018-0808.
- risk 0.49cvss 7.5epss 0.09
Microsoft .NET Framework 1.1, 2.0, 3.0, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 5.7 and .NET Core 1.0. 1.1 and 2.0 allow a denial of service vulnerability due to the way XML documents are processed, aka ".NET and .NET Core Denial Of Service Vulnerability". This…
- risk 0.49cvss 7.5epss 0.06
An Out-of-bounds Read issue was discovered in Adobe Flash Player before 28.0.0.137. This vulnerability occurs because of computation that reads data that is past the end of the target buffer. The use of an invalid (out-of-range) pointer offset during access of internal data…
- risk 0.49cvss 7.5epss 0.01
An Cleartext Storage of Sensitive Information issue was discovered in General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client 7.1. Successful exploitation of this vulnerability may allow a remote attacker to access an encryption key that is stored in cleartext in memory.
- risk 0.51cvss 7.8epss 0.00
It was found that system umask policy is not being honored when creating XDG user directories, since Xsession sources xdg-user-dirs.sh before setting umask policy. This only affects xdg-user-dirs before 0.15.5 as shipped with Red Hat Enterprise Linux.
- risk 0.49cvss 7.5epss 0.03
VNC server implementation in Quick Emulator (QEMU) 2.11.0 and older was found to be vulnerable to an unbounded memory allocation issue, as it did not throttle the framebuffer updates sent to its client. If the client did not consume these updates, VNC server allocates growing…
- risk 0.57cvss 8.8epss 0.02
An Improper Authentication issue was discovered in General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client 7.1. Successful exploitation of this vulnerability may allow an attacker to subvert security mechanisms and reset a user account password.
- risk 0.49cvss 7.5epss 0.03
IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 133638.
- risk 0.53cvss 8.1epss 0.02
IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 133540.
- risk 0.51cvss 7.8epss 0.00
IBM WebSphere MQ 7.0, 7.1, 7.5, 8.0, and 9.0 service trace module could be used to execute untrusted code under 'mqm' user. IBM X-Force ID: 132953.
- risk 0.58cvss 8.8epss 0.04
Multiple buffer overflows in BarCodeWiz BarCode before 6.7 ActiveX control (BarcodeWiz.DLL) allow remote attackers to execute arbitrary code via a long argument to the (1) BottomText or (2) TopText property.
- risk 0.57cvss 8.8epss 0.03
The Google V8 engine, as used in Google Chrome before 44.0.2403.89 and QtWebEngineCore in Qt before 5.5.1, allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a crafted web site.
- risk 0.57cvss 8.8epss 0.02
SAP NetWeaver, SAP BASIS from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.52, contains code that allows you to execute arbitrary program code of the user's choice. A malicious user can therefore control the behaviour of the system or can potentially…
- risk 0.57cvss 8.8epss 0.01
In SAP Solution Manager 7.20, the role SAP_BPO_CONFIG gives the Business Process Operations (BPO) configuration user more authorization than required for configuring the BPO tools.
- risk 0.49cvss 7.5epss 0.03
SAP Startup Service, SAP KERNEL 7.45, 7.49, and 7.52, is missing an authentication check for functionalities that require user identity and cause consumption of file system storage.
- risk 0.51cvss 7.8epss 0.01
PoDoFo 0.9.5 does not properly validate memcpy arguments in the PdfMemoryOutputStream::Write function (base/PdfOutputStream.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file.
- risk 0.49cvss 7.5epss 0.03
The Apache Sling JCR ContentLoader 2.1.4 XmlReader used in the Sling JCR content loader module makes it possible to import arbitrary files in the content repository, including local files, causing potential information leaks. Users should upgrade to version 2.1.6 of the JCR…
- risk 0.42cvss 7.5epss 0.03
The TLS stack in Mono before 3.12.1 makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CVE-2015-0204.
- risk 0.46cvss 8.1epss 0.02
The TLS stack in Mono before 3.12.1 allows man-in-the-middle attackers to conduct message skipping attacks and consequently impersonate clients by leveraging missing handshake state validation, aka a "SMACK SKIP-TLS" issue.
- risk 0.46cvss 7.1epss 0.01
Aruba Networks ClearPass Policy Manager 6.1.x, 6.2.x before 6.2.5.61640 and 6.3.x before 6.3.0.61712, when configured to use tunneled and non-tunneled EAP methods in a single policy construct, allows remote authenticated users to gain privileges by advertising independent inner…