server message block vulnerabilities and exploits

NA
CVE-2019-7304

Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root. This issue affects: Canonical snapd versions prior to 2.37.1....

4.6
CVSSv2
CVE-2017-5669

The do_shmat function in ipc/shm.c in the Linux kernel through 4.9.12 does not restrict the address calculated by a certain rounding operation, which allows local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by...

LinuxLinux Kernel
7.5
CVSSv2
CVE-2019-9733

An issue was discovered in JFrog Artifactory 6.7.3. By default, the access-admin account is used to reset the password of the admin account in case an administrator gets locked out from the Artifactory console. This is only allowable from a connection directly from localhost,...

NA
CVE-2019-7097

Adobe Dreamweaver could allow a remote attacker to obtain sensitive information, caused by the use of the Server Message Block (SMB) protocol when handling UNC paths. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to...

9.3
CVSSv2
CVE-2019-0822

A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Remote Code Execution Vulnerability'....

9
CVSSv2
CVE-2019-0856

A remote code execution vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Remote Code Execution Vulnerability'....

4.3
CVSSv2
CVE-2019-0802

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0849....

9.3
CVSSv2
CVE-2019-0853

A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'....

9.3
CVSSv2
CVE-2019-0795

A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka 'MS XML Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0790, CVE-2019-0791, CVE-2019-0792, CVE-2019-0793....

9.3
CVSSv2
CVE-2019-0790

A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka 'MS XML Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0791, CVE-2019-0792, CVE-2019-0793, CVE-2019-0795....