Microsoft Excel 97, 2000, and 2002 allows remote attackers to execute arbitrary code via a spreadsheet with a malicious XLM (Excel 4) macro that bypasses the macro security model.
The ByteCode Verifier component of Microsoft Virtual Machine (VM) build 5.0.3809 and earlier, as used in Windows and Internet Explorer, allows remote attackers to bypass security checks and execute arbitrary code via a malicious Java applet, aka "Flaw in Microsoft VM Could Enable System Compromise."
Two vulnerabilities in Microsoft Virtual Machine (VM) up to and including build 5.0.3805, as used in Internet Explorer and other applications, allow remote attackers to read files via a Java applet with a spoofed location in the CODEBASE parameter in the APPLET tag, possibly due to a parsing error.
The host is installed with Microsoft Service Bus for Windows Server and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle incoming AMQP messages. Successful exploitation could allow attackers to crash the service.
Host is installed with Kaspersky Anti-Virus 2019 before Patch I and Patch J or Kaspersky Anti-Virus 2020 before Patch E and Patch F and is prone to an open redirect vulnerability. A flaw is present in the application, which fails to properly handle the web protection component due to a bug in its implementation. Successful exploitation allows an attacker to redirect to an untrusted site since the ...
The host is installed with VMware Workstation 15.x before 15.5.7 or VMware Player 15.x before 15.5.7 and is prone to a denial-of-service vulnerability. A flaw is present in the application, which fails to handle improper input validation in GuestInfo. Successful exploitation may allow an attacker with normal user privilege access to a virtual machine to crash the virtual machine's vmx process lead ...
The host is installed with the VMware Workstation 14.x before 14.1.2 or VMware Player 14.x before 14.1.2 and may suffer from multiple denial-of-service vulnerabilities. The application fails to properly handle remote procedure calls through the RPC handler. Successful exploitation of these issues may allow an attacker with limited privileges on the guest machine trigger a denial-of-service of thei ...
The host is installed with Wireshark 2.0.x or 2.2.x with USPBcap component 1.1.0.0 and is prone to a local privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle the USPBcap component issue. Successful exploitation allows attackers to gain elevated privileges.
The host is installed with Nvidia graphics driver with 470.x prior to 472.39 or 495.x prior to 496.49 and is prone to a NULL pointer dereference validation vulnerability. A flaw is present in the application which fails to properly handle the kernel mode layer. Successful exploitation may lead to denial of service in the form of a system crash.
The host is installed with Nvidia graphics driver with 470.x prior to 472.39 or 495.x prior to 496.49 and is prone to a NULL pointer dereference vulnerability. A flaw is present in the application which fails to properly handle the kernel mode layer. Successful exploitation may lead to denial of service in a component beyond the vulnerable component.