<p>A remote code execution vulnerability exists in Microsoft Exchange server due to improper validation of cmdlet arguments.</p> <p>An attacker who successfully exploited the vulnerability could run. Rated high severity (CVSS 8.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
ArGo Soft Mail Server 1.8.8.9 is affected by Cross Site Request Forgery (CSRF) for perform remote arbitrary code execution. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
An integer overflow vulnerability leading to a double-free was found in libX11. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
When using the StreamGenerator, the code parse a user-provided XML. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
<p>A tampering vulnerability exists when Microsoft SharePoint Server fails to properly handle profile data. Rated high severity (CVSS 8.9), this vulnerability is remotely exploitable, low attack complexity.
<p>A remote code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
<p>An elevation of privilege vulnerability exists in the way that the Wininit.dll handles objects in memory. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
<p>A remote code execution vulnerability exists in the way that Microsoft COM for Windows handles objects in memory. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
<p>A remote code execution vulnerability exists when Active Directory integrated DNS (ADIDNS) mishandles objects in memory. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.
<p>A remote code execution vulnerability exists when Active Directory integrated DNS (ADIDNS) mishandles objects in memory. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.
In Patient Information Center iX (PICiX) Version B.02, C.02, C.03, and PerformanceBridge Focal Point Version A.01, when an actor claims to have a given identity, the software does not prove or. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
An issue was discovered in Hyland OnBase through 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
<p>A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable.
<p>A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity.
<p>An elevation of privilege vulnerability exists in the way that Microsoft COM for Windows handles objects in memory. Rated high severity (CVSS 7.9), this vulnerability is no authentication required, low attack complexity.
<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
<p>An elevation of privilege vulnerability exists when the Windows Storage Services improperly handle file operations. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
<p>An elevation of privilege vulnerability exists when the Windows InstallService improperly handles memory.</p> <p>To exploit this vulnerability, an attacker would first have to gain execution on. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
<p>An elevation of privilege vulnerability exists in the way that the Windows Function Discovery Service handles objects in memory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
<p>An elevation of privilege vulnerability exists in the way that fdSSDP.dll handles objects in memory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
<p>A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
<p>A remote code execution vulnerability exists when Windows improperly handles objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
<p>A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
<p>An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
<p>An elevation of privilege vulnerability exists when the <a href="https://technet.microsoft.com/library/security/dn848375.aspx#CLFS">Windows Common Log File System (CLFS)</a> driver improperly. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
<p>An elevation of privilege vulnerability exists when the Shell infrastructure component improperly handles objects in memory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
<p>A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
<p>An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
<p>An elevation of privilege vulnerability exists in the way that the ssdpsrv.dll handles objects in memory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
<p>A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
<p>An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
<p>A remote code execution vulnerability exists in Visual Studio Code when a user is tricked into opening a malicious 'package.json' file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
<p>A remote code execution vulnerability exists in Visual Studio when it improperly handles objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
<p>A remote code execution vulnerability exists in Visual Studio when it improperly handles objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
<p>An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
<p>A remote code execution vulnerability exists when the Windows Camera Codec Pack improperly handles objects in memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.
<p>An elevation of privilege vulnerability exists when Windows Modules Installer improperly handles objects in memory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
<p>An elevation of privilege vulnerability exists when the Windows Storage Services improperly handle file operations. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
<p>An elevation of privilege vulnerability exists when the Shell infrastructure component improperly handles objects in memory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
<p>An elevation of privilege vulnerability exists in the way that the dnsrslvr.dll handles objects in memory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
<p>An elevation of privilege vulnerability exists when NTFS improperly checks access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
<p>A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
<p>An elevation of privilege vulnerability exists when the Windows Cryptographic Catalog Services improperly handle objects in memory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.