93 matches found
CVE-2021-0872
CVE-2021-0872 affects Imagination Technologies PowerVR kernel driver (PowerVR-GPU) via PVRSRVBridgeRGXKickVRDM. The issue is a missing size check that enables an integer overflow, leading to out-of-bounds heap access and local escalation of privilege with no extra privileges or user interaction r...
GHSA-WC52-2XWV-H7XR ChakraCore RCE Vulnerability
ChakraCore and Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from...
GHSA-67F9-QMG7-FMCQ ChakraCore RCE Vulnerability
ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from...
ChakraCore RCE Vulnerability
ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from...
CVE-2020-0872
A remote code execution vulnerability exists in Application Inspector version v1.0.23 or earlier when the tool reflects example code snippets from third-party source files into its HTML output, aka 'Remote Code Execution Vulnerability in Application Inspector'...
CVE-2020-0872
CVE-2020-0872 affects Microsoft Application Inspector. The vulnerability occurs when Application Inspector v1.0.23 or earlier processes code reports that include third-party snippets, allowing remote code execution via crafted code shown in HTML output. An attacker must entice a user to run Appli...
CVE-2020-0872
A remote code execution vulnerability exists in Application Inspector version v1.0.23 or earlier when the tool reflects example code snippets from third-party source files into its HTML output, aka 'Remote Code Execution Vulnerability in Application Inspector'...
Microsoft Patch Tuesday, March 2020 Edition
Microsoft Corp. today released updates to plug more than 100 security holes in its various Windows operating systems and associated software. If you abuse Windows, please take a moment to read this post, backup your systems, and patch your PCs. All told, this patch batch addresses at least 115...
KLA11690 Multiple vulnerabilities in Microsoft Open Source Software
Vulnerability in Application Inspector can be exploited remotely via script injection to execute arbitrary code. Original advisories CVE-2020-0872 Related products Microsoft-Windows-10 CVE list CVE-2020-0872 high KB list Solution Install necessary updates from the KB section, that are listed in...
CVE-2019-0872
A Cross-site Scripting XSS vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0979...
Cross site scripting
A Cross-site Scripting XSS vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0872...
CVE-2019-0872
CVE-2019-0872 is an XSS vulnerability in Microsoft’s Azure DevOps Server and Team Foundation Server caused by improper sanitization/validation of client-side input in the WEB application. The linked Red Hat entry confirms the root cause as a lack of proper input validation leading to cross-site s...
CVE-2014-0872
CVE-2014-0872 affects IBM Security Key Lifecycle Manager 2.5. The installation process stores unencrypted credentials, which could allow local users with root access to obtain sensitive information. CVSSv3 indicates MEDIUM severity (4.1) with HIGH confidentiality impact; no exploit details are pr...
Memory corruption
ChakraCore and Microsoft Edge in Microsoft Windows 10 1709 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0873, CVE-2018-0874,...
Memory corruption
ChakraCore and Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872,...
Memory corruption
ChakraCore and Microsoft Windows 10 1703 and 1709 allow remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0873, CVE-2018-0874, CVE-2018-0930,...
CVE-2018-0872
ChakraCore RCE vulnerability affecting ChakraCore and Windows components. The connected advisories describe a memory-correlation flaw in the Chakra scripting engine that enables remote code execution when handling objects in memory, impacting ChakraCore with Windows 10 versions (including 1703/17...
Microsoft Edge Chakra Scripting Engine Memory Corruption (CVE-2018-0872)
A memory corruption vulnerability exists in Microsoft Edge. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Solaris 10 (x86) : 139463-02
SunOS 5.10x86: nfssrv patch. Date this patch was last updated by Sun : Mar/05/09 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
CVE-2017-0872
CVE-2017-0872 is a remote code execution in Android's media framework (libskia). Affected products/versions per the Android bulletin and NVD: Android 7.0, 7.1.1, 7.1.2, 8.0. The root cause is a vulnerability in the media framework codecs (libskia, libmpeg2, libhevc, libavc) that could allow a cra...