All Vulnerabilities

A denial of service vulnerability exists in the way the Local Security Authority Subsystem Service (LSASS) handles authentication requests. An attacker who successfully exploited the vulnerability could cause a denial of service on the target system's LSASS service, which triggers an automatic reboot of the system.

A memory corruption vulnerability exists in Microsoft Office. An attacker who successfully exploited this vulnerability could use a specially crafted file to perform remote code execution in the security context of the current user.

Microsoft Internet Explorer is prone to a memory corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application.

Microsoft Internet Explorer and Edge are prone to a memory corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application.

A SQL injection vulnerability has been reported in WordPress WP-EMail Plugin. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected website.

A denial-of-service vulnerability has been reported in ISC BIND9. The vulnerability is due to improper handling of packets sent to rndc control channel interface. A remote, unauthenticated attacker could exploit this vulnerabilities by sending a maliciously crafted packet to the rndc control channel interface of a target BIND server. Successful exploitation could lead to denial-of-service conditions.

A denial-of-service vulnerability has been reported in ISC BIND's lwresd daemon. The vulnerability is due to failure to check the query length when using lightweight resolver protocol. A remote, unauthenticated attacker could exploit this vulnerability by providing large query name to the lightweight resolver. Successful exploitation could lead to denial-of-service conditions.

A denial-of-service vulnerability has been reported in ISC BIND. The vulnerability is due to a defect that can cause the named service to exit with an assertion failure while processing DNS packet with a malformed options section. A remote, unauthenticated attacker could exploit this vulnerability by providing a specially crafted query to the vulnerable server. Successful exploitation could lead to a denial-of-service condition.

An out-of-bounds read vulnerability exists in ImageMagick's SGI coder when software fails to parse the crafted image file properly.

An out-of-bound array indexing vulnerability has been reported in ImageMagick. The vulnerability is due to improper handling of certain objects in memory. A remote attacker can exploit this vulnerability by uploading a maliciously crafted file to a vulnerable web service. Successful exploitation could result in arbitrary code execution under the security context of the service using ImageMagick.