70 matches found
CVE-2020-0895
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'Windows VBScript Engine Remote Code Execution Vulnerability'...
CVE-2020-0895
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'Windows VBScript Engine Remote Code Execution Vulnerability'...
CVE-2020-0895
CVE-2020-0895 is the Windows VBScript Engine RCE vulnerability. Connected CNVD-2020-31543 describes a VBScript Engine buffer overflow in IE (affecting IE9/11) related to memory handling. The provided documents confirm a remote code execution risk via VBScript objects in memory but do not specify ...
KLA11749 Multiple vulnerabilities in Microsoft Browsers
Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. A memory corruption vulnerability in Scripting Engine can be exploited remotely via specially crafted website to...
CVE-2019-0895
The connected CNVD entries describe a Windows Jet Database Engine vulnerability as a buffer overflow/heap overflow issue arising when memory boundaries are not properly validated. They state an attacker could exploit this condition to cause memory corruption, affecting Windows/Windows Server envi...
Microsoft Windows Multiple Vulnerabilities (KB4494440)
This host is missing a critical security update according to Microsoft KB4494440 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...
Microsoft Windows Multiple Vulnerabilities (KB4499167)
This host is missing a critical security update according to Microsoft KB4499167 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...
Microsoft Windows JET Database Engine CVE-2019-0895 Remote Code Execution Vulnerability
Description Microsoft Windows JET Database Engine is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...
KB4499180: Windows Server 2008 and Windows Vista SP2 May 2019 Security Update (BlueKeep)
The remote Windows host is missing security update 4499180 or cumulative update 4499149. It is, therefore, affected by multiple vulnerabilities : - A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings. An attacker who successfully exploited...
Security Bulletin: IBM SPSS SamplePower vsflex8l ActiveX Control ComboList Property Remote Code Execution Vulnerability (CVE-2014-0895)
Summary There is security vulnerability with an ActiveX control shipped by IBM SPSS SamplePower Version 3.0.1. This is corrected in the IBM SPSS SamplePower product Interim Fix. Vulnerability Details VULNERABILITY DETAILS: CVE IDs: CVE-2014-0895 DESCRIPTION: The latest available Interim Fix...
Windows Kernel 64-bit stack memory disclosure in NtQueryInformationThread(ThreadBasicInformation)(CVE-2018-0895)
We have discovered that the nt!NtQueryInformationThread system call invoked with the 0 information class ThreadBasicInformation discloses portions of uninitialized kernel stack memory to user-mode clients. The vulnerability affects 64-bit versions of Windows 7 to 10. The specific layout of the...
CVE-2018-0895
creationtimestamp| type| source ---|---|--- 2018-03-20 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/44309 2018-03-23 08:30:56+00:00| seen| https://t.me/antichat/1124...
Information disclosure
The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way...
Information disclosure
The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way...
Information disclosure
The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way...
Information disclosure
The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way...
Information disclosure
The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way...
CVE-2018-0895
Technical details for CVE-2018-0895 are not provided in the connected documents. Public information in this dataset does not specify affected products/versions/impact. Monitor for updates.
Nextcloud 'Calender and Addressbook' Information Disclosure Vulnerability - Linux
Nextcloud is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2017-0895
The CVE-2017-0895 vulnerability affects Nextcloud Server before 10.0.4 and 11.0.2, where a logical error allows disclosure of calendar and addressbook names to other logged‑in users. No calendar/addressbook content is exposed. Affected versions are fixed in the NC-SA-2017-012 advisory, with Nextc...