Lucene search
K

113 matches found

Prion
Prion
added 2018/02/15 2:29 a.m.24 views

Memory corruption

Microsoft Edge and ChakraCore in Microsoft Windows 10 1703 and 1709 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0837, CVE-2018-083...

7.6CVSS7.3AI score0.65858EPSS
Exploits21References3
Prion
Prion
added 2018/02/15 2:29 a.m.17 views

Memory corruption

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka...

9.3CVSS7.3AI score0.65858EPSS
Exploits21References5Affected Software1
Prion
Prion
added 2018/02/15 2:29 a.m.32 views

Memory corruption

Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0835,...

9.3CVSS7.3AI score0.65858EPSS
Exploits21References4
Packet Storm
Packet Storm
added 2018/02/15 12:0 a.m.48 views

Microsoft Edge Chakra JIT Array.prototype.reverse Array Type Confusion

Microsoft Edge: Chakra: JIT: Array type confusion via Array.prototype.reverse CVE-2018-0835 This is simillar to the previous issue 1457. But this time, we use Array.prototype.reverse. Array.prototype.reverse can be inlineed and may invoke EnsureNonNativeArray to convert the prototype of "this" to...

7.5AI score0.65858EPSS
Exploits3
Circl
Circl
added 2018/02/15 12:0 a.m.12 views

CVE-2018-0835

creationtimestamp| type| source ---|---|--- 2018-02-15 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/44079...

7.6CVSS7.6AI score0.65858EPSS
Exploits3References1
OpenVAS
OpenVAS
added 2018/02/14 12:0 a.m.80 views

Microsoft Windows Multiple Vulnerabilities (KB4074591)

This host is missing a critical security update according to Microsoft KB4074591 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS6.8AI score0.65858EPSS
Exploits33References1
OpenVAS
OpenVAS
added 2018/02/14 12:0 a.m.269 views

Microsoft Windows Multiple Vulnerabilities (KB4074590)

This host is missing a critical security update according to Microsoft KB4074590 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS6.8AI score0.65858EPSS
Exploits33References1
Kaspersky
Kaspersky
added 2018/02/13 12:0 a.m.693 views

KLA11199 Multiple vulnerabilities in Microsoft Browsers

Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A memory corruption vulnerability in Microsoft Edge c...

9.3CVSS8.2AI score0.65858EPSS
Exploits21References32
Tenable Nessus
Tenable Nessus
added 2018/02/13 12:0 a.m.66 views

KB4074592: Windows 10 Version 1703 February 2018 Security Update (Meltdown)(Spectre)

The remote Windows host is missing security update 4074592. It is, therefore, affected by multiple vulnerabilities : - An vulnerability exists within microprocessors utilizing speculative execution and indirect branch prediction, which may allow an attacker with local user access to disclose...

9.3CVSS8.2AI score0.93838EPSS
Exploits47References38
Tenable Nessus
Tenable Nessus
added 2018/02/13 12:0 a.m.64 views

KB4074591: Windows 10 Version 1511 February 2018 Security Update (Meltdown)(Spectre)

The remote Windows host is missing security update 4074591. It is, therefore, affected by multiple vulnerabilities : - An vulnerability exists within microprocessors utilizing speculative execution and indirect branch prediction, which may allow an attacker with local user access to disclose...

9.3CVSS8.2AI score0.93838EPSS
Exploits46References29
Check Point Advisories
Check Point Advisories
added 2018/02/13 12:0 a.m.28 views

Microsoft Edge Scripting Engine Memory Corruption (CVE-2018-0835)

A memory corruption vulnerability exists in Microsoft Edge. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.6CVSS7.7AI score0.65858EPSS
Exploits3
CVE
CVE
added 2017/11/16 11:0 p.m.51 views

CVE-2017-0835

CVE-2017-0835 is a remote code execution vulnerability in the Android media framework (libmpeg2) affecting Android 6.0–8.0. The issue is documented in the 2017-11 Android bulletin as exploitable by a specially crafted media file, with high impact (remote code execution) in a privileged context. A...

9.3CVSS7.7AI score0.01311EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2016/04/18 12:59 a.m.21 views

CVE-2016-0835

decoder/impeg2ddechdr.c in mediaserver in Android 6.x before 2016-04-01 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file that triggers a certain negative value, aka internal bug 26070014...

10CVSS9.5AI score0.02822EPSS
Exploits0References3
CVE
CVE
added 2016/04/18 12:0 a.m.60 views

CVE-2016-0835

Summary (CVE-2016-0835): Affects mediaserver on Android 6.x (decoder/impeg2d_dec_hdr.c). A crafted media file can trigger a negative-value path in the MPEG-2 decoding header, causing memory corruption and enabling remote code execution or a denial of service. The issue is exploitable remotely via...

10CVSS8.8AI score0.02822EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2016/04/18 12:0 a.m.21 views

CVE-2016-0835

decoder/impeg2ddechdr.c in mediaserver in Android 6.x before 2016-04-01 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file that triggers a certain negative value, aka internal bug 26070014...

8.9AI score0.02822EPSS
Exploits0References3
android
android
added 2016/04/02 12:0 a.m.26 views

CVE-2016-0835

decoder/impeg2ddechdr.c in mediaserver in Android 6.x before 2016-04-01 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file that triggers a certain negative value, aka internal bug 26070014...

10CVSS9.1AI score0.02822EPSS
Exploits0References4Affected Software1
OpenVAS
OpenVAS
added 2015/10/16 12:0 a.m.30 views

SUSE: Security Advisory for Mozilla (SUSE-SU-2015:0447-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.4AI score0.04359EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2015/10/13 12:0 a.m.31 views

SUSE: Security Advisory for Mozilla (SUSE-SU-2015:0446-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.4AI score0.04359EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/05/20 12:0 a.m.34 views

SUSE SLED12 / SLES12 Security Update : MozillaFirefox (SUSE-SU-2015:0412-1)

Mozilla Firefox was updated to version 31.5.0 ESR to fix five security issues. These security issues were fixed : - CVE-2015-0836: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.5 allowed remote attackers to cause a denial of service memory corruption and...

7.5CVSS8.4AI score0.04359EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2015/05/20 12:0 a.m.38 views

SUSE SLES10 / SLES11 Security Update : Mozilla Firefox (SUSE-SU-2015:0447-1)

Mozilla Firefox has been updated to version 31.5.0 ESR to fix five security issues. These security issues have been fixed : - CVE-2015-0836: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.5 allowed remote attackers to cause a denial of service memory...

7.5CVSS8.5AI score0.04359EPSS
Exploits0References14
Rows per page
Query Builder