113 matches found
Memory corruption
Microsoft Edge and ChakraCore in Microsoft Windows 10 1703 and 1709 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0837, CVE-2018-083...
Memory corruption
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka...
Memory corruption
Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0835,...
Microsoft Edge Chakra JIT Array.prototype.reverse Array Type Confusion
Microsoft Edge: Chakra: JIT: Array type confusion via Array.prototype.reverse CVE-2018-0835 This is simillar to the previous issue 1457. But this time, we use Array.prototype.reverse. Array.prototype.reverse can be inlineed and may invoke EnsureNonNativeArray to convert the prototype of "this" to...
CVE-2018-0835
creationtimestamp| type| source ---|---|--- 2018-02-15 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/44079...
Microsoft Windows Multiple Vulnerabilities (KB4074591)
This host is missing a critical security update according to Microsoft KB4074591 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Microsoft Windows Multiple Vulnerabilities (KB4074590)
This host is missing a critical security update according to Microsoft KB4074590 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
KLA11199 Multiple vulnerabilities in Microsoft Browsers
Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A memory corruption vulnerability in Microsoft Edge c...
KB4074592: Windows 10 Version 1703 February 2018 Security Update (Meltdown)(Spectre)
The remote Windows host is missing security update 4074592. It is, therefore, affected by multiple vulnerabilities : - An vulnerability exists within microprocessors utilizing speculative execution and indirect branch prediction, which may allow an attacker with local user access to disclose...
KB4074591: Windows 10 Version 1511 February 2018 Security Update (Meltdown)(Spectre)
The remote Windows host is missing security update 4074591. It is, therefore, affected by multiple vulnerabilities : - An vulnerability exists within microprocessors utilizing speculative execution and indirect branch prediction, which may allow an attacker with local user access to disclose...
Microsoft Edge Scripting Engine Memory Corruption (CVE-2018-0835)
A memory corruption vulnerability exists in Microsoft Edge. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
CVE-2017-0835
CVE-2017-0835 is a remote code execution vulnerability in the Android media framework (libmpeg2) affecting Android 6.0–8.0. The issue is documented in the 2017-11 Android bulletin as exploitable by a specially crafted media file, with high impact (remote code execution) in a privileged context. A...
CVE-2016-0835
decoder/impeg2ddechdr.c in mediaserver in Android 6.x before 2016-04-01 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file that triggers a certain negative value, aka internal bug 26070014...
CVE-2016-0835
Summary (CVE-2016-0835): Affects mediaserver on Android 6.x (decoder/impeg2d_dec_hdr.c). A crafted media file can trigger a negative-value path in the MPEG-2 decoding header, causing memory corruption and enabling remote code execution or a denial of service. The issue is exploitable remotely via...
CVE-2016-0835
decoder/impeg2ddechdr.c in mediaserver in Android 6.x before 2016-04-01 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file that triggers a certain negative value, aka internal bug 26070014...
CVE-2016-0835
decoder/impeg2ddechdr.c in mediaserver in Android 6.x before 2016-04-01 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file that triggers a certain negative value, aka internal bug 26070014...
SUSE: Security Advisory for Mozilla (SUSE-SU-2015:0447-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory for Mozilla (SUSE-SU-2015:0446-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED12 / SLES12 Security Update : MozillaFirefox (SUSE-SU-2015:0412-1)
Mozilla Firefox was updated to version 31.5.0 ESR to fix five security issues. These security issues were fixed : - CVE-2015-0836: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.5 allowed remote attackers to cause a denial of service memory corruption and...
SUSE SLES10 / SLES11 Security Update : Mozilla Firefox (SUSE-SU-2015:0447-1)
Mozilla Firefox has been updated to version 31.5.0 ESR to fix five security issues. These security issues have been fixed : - CVE-2015-0836: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.5 allowed remote attackers to cause a denial of service memory...