Lucene search
K

93 matches found

CVE
CVE
added 2023/04/19 12:0 a.m.116 views

CVE-2021-0872

CVE-2021-0872 affects Imagination Technologies PowerVR kernel driver (PowerVR-GPU) via PVRSRVBridgeRGXKickVRDM. The issue is a missing size check that enables an integer overflow, leading to out-of-bounds heap access and local escalation of privilege with no extra privileges or user interaction r...

7.8CVSS7.8AI score0.00093EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2022/05/13 1:18 a.m.35 views

GHSA-WC52-2XWV-H7XR ChakraCore RCE Vulnerability

ChakraCore and Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from...

7.5CVSS7.4AI score0.15556EPSS
Exploits0References6
OSV
OSV
added 2022/05/13 1:18 a.m.30 views

GHSA-67F9-QMG7-FMCQ ChakraCore RCE Vulnerability

ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from...

7.5CVSS7.4AI score0.15875EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2022/05/13 1:18 a.m.28 views

ChakraCore RCE Vulnerability

ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from...

7.6CVSS6.5AI score0.15875EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2020/03/12 4:15 p.m.42 views

CVE-2020-0872

A remote code execution vulnerability exists in Application Inspector version v1.0.23 or earlier when the tool reflects example code snippets from third-party source files into its HTML output, aka 'Remote Code Execution Vulnerability in Application Inspector'...

9.6CVSS9.6AI score0.09851EPSS
Exploits0References1
CVE
CVE
added 2020/03/12 3:48 p.m.87 views

CVE-2020-0872

CVE-2020-0872 affects Microsoft Application Inspector. The vulnerability occurs when Application Inspector v1.0.23 or earlier processes code reports that include third-party snippets, allowing remote code execution via crafted code shown in HTML output. An attacker must entice a user to run Appli...

9.6CVSS8.8AI score0.09851EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/03/12 3:48 p.m.39 views

CVE-2020-0872

A remote code execution vulnerability exists in Application Inspector version v1.0.23 or earlier when the tool reflects example code snippets from third-party source files into its HTML output, aka 'Remote Code Execution Vulnerability in Application Inspector'...

9.6AI score0.09851EPSS
Exploits0References1
Krebs on Security
Krebs on Security
added 2020/03/10 11:44 p.m.467 views

Microsoft Patch Tuesday, March 2020 Edition

Microsoft Corp. today released updates to plug more than 100 security holes in its various Windows operating systems and associated software. If you abuse Windows, please take a moment to read this post, backup your systems, and patch your PCs. All told, this patch batch addresses at least 115...

9.3CVSS0.2AI score0.99965EPSS
Exploits30
Kaspersky
Kaspersky
added 2020/03/10 12:0 a.m.37 views

KLA11690 Multiple vulnerabilities in Microsoft Open Source Software

Vulnerability in Application Inspector can be exploited remotely via script injection to execute arbitrary code. Original advisories CVE-2020-0872 Related products Microsoft-Windows-10 CVE list CVE-2020-0872 high KB list Solution Install necessary updates from the KB section, that are listed in...

9.6CVSS8.8AI score0.09851EPSS
Exploits0References3
NVD
NVD
added 2019/05/16 7:29 p.m.22 views

CVE-2019-0872

A Cross-site Scripting XSS vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0979...

5.4CVSS5.2AI score0.01697EPSS
Exploits0References1
Prion
Prion
added 2019/05/16 7:29 p.m.20 views

Cross site scripting

A Cross-site Scripting XSS vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0872...

3.5CVSS5.3AI score0.01697EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2019/05/16 6:17 p.m.79 views

CVE-2019-0872

CVE-2019-0872 is an XSS vulnerability in Microsoft’s Azure DevOps Server and Team Foundation Server caused by improper sanitization/validation of client-side input in the WEB application. The linked Red Hat entry confirms the root cause as a lack of proper input validation leading to cross-site s...

5.4CVSS5.3AI score0.01697EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2018/04/25 8:0 p.m.47 views

CVE-2014-0872

CVE-2014-0872 affects IBM Security Key Lifecycle Manager 2.5. The installation process stores unencrypted credentials, which could allow local users with root access to obtain sensitive information. CVSSv3 indicates MEDIUM severity (4.1) with HIGH confidentiality impact; no exploit details are pr...

4.1CVSS3.8AI score0.00281EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2018/03/14 5:29 p.m.25 views

Memory corruption

ChakraCore and Microsoft Edge in Microsoft Windows 10 1709 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0873, CVE-2018-0874,...

7.6CVSS7.2AI score0.66554EPSS
Exploits6References2
Prion
Prion
added 2018/03/14 5:29 p.m.23 views

Memory corruption

ChakraCore and Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872,...

7.6CVSS7.3AI score0.66554EPSS
Exploits6References2
Prion
Prion
added 2018/03/14 5:29 p.m.21 views

Memory corruption

ChakraCore and Microsoft Windows 10 1703 and 1709 allow remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0873, CVE-2018-0874, CVE-2018-0930,...

7.6CVSS7.2AI score0.66554EPSS
Exploits6References3
CVE
CVE
added 2018/03/14 5:0 p.m.119 views

CVE-2018-0872

ChakraCore RCE vulnerability affecting ChakraCore and Windows components. The connected advisories describe a memory-correlation flaw in the Chakra scripting engine that enables remote code execution when handling objects in memory, impacting ChakraCore with Windows 10 versions (including 1703/17...

7.6CVSS7.2AI score0.15875EPSS
Exploits0References3Affected Software1
Check Point Advisories
Check Point Advisories
added 2018/03/13 12:0 a.m.20 views

Microsoft Edge Chakra Scripting Engine Memory Corruption (CVE-2018-0872)

A memory corruption vulnerability exists in Microsoft Edge. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.6CVSS5.1AI score0.15875EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/03/12 12:0 a.m.36 views

Solaris 10 (x86) : 139463-02

SunOS 5.10x86: nfssrv patch. Date this patch was last updated by Sun : Mar/05/09 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

6.8CVSS6.7AI score0.01961EPSS
Exploits4References4
CVE
CVE
added 2017/12/06 2:0 p.m.58 views

CVE-2017-0872

CVE-2017-0872 is a remote code execution in Android's media framework (libskia). Affected products/versions per the Android bulletin and NVD: Android 7.0, 7.1.1, 7.1.2, 8.0. The root cause is a vulnerability in the media framework codecs (libskia, libmpeg2, libhevc, libavc) that could allow a cra...

9.3CVSS8.4AI score0.01437EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder