126 matches found
Privilege escalation
An elevation of privilege vulnerability exists when the Windows Event Logging Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Event Logging Service Elevation of Privilege Vulnerability'. This CVE ID...
Privilege escalation
An elevation of privilege vulnerability exists when the Windows Event Logging Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Event Logging Service Elevation of Privilege Vulnerability'. This CVE ID...
CVE-2020-1371
Technical details about CVE-2020-1371 are not publicly provided in the connected documents. Please monitor for updates from official sources for affected products, impact, and remediation.
CVE-2020-1371
An elevation of privilege vulnerability exists when the Windows Event Logging Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Event Logging Service Elevation of Privilege Vulnerability'. This CVE ID...
CVE-2020-1365
An elevation of privilege vulnerability exists when the Windows Event Logging Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Event Logging Service Elevation of Privilege Vulnerability'. This CVE ID...
CVE-2020-1365
Technical details about CVE-2020-1365 are not publicly provided in the connected documents. The Windows Event Logging Service elevation-of-privilege vulnerability lacks product/version/impact/fix specifics here. Monitor sources for updates and confirmed technical details.
Windows Event Logging Service Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when the Windows Event Logging Service improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges. Th...
Windows Event Logging Service Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when the Windows Event Logging Service improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges. Th...
KB4565539: Windows 7 and Windows Server 2008 R2 July 2020 Security Update
The remote Windows host is missing security update 4565539 or cumulative update 4565524. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory. An attacker who successfully exploited this...
Santa - A Binary Whitelisting/Blacklisting System For macOS
Santa is a binary whitelisting/blacklisting system for macOS. It consists of a kernel extension or a system extension on macOS 10.15+ that monitors for executions, a userland daemon that makes execution decisions based on the contents of a SQLite database, a GUI agent that notifies the user in ca...
Improvements for the System Update Readiness Tool in Windows 7 and Windows Server 2008 R2
Improvements for the System Update Readiness Tool in Windows 7 and Windows Server 2008 R2 About the System Update Readiness Tool The System Update Readiness Tool can help fix problems that might prevent Windows updates and service packs from installing. For more information and how to download th...
ImageMagick: NULL pointer dereference in CheckEventLogging function in MagickCore/log.c
In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c...
CVE-2019-19852
An XSS Injection vulnerability exists in Sangoma FreePBX and PBXact 13, 14, and 15 within the Call Event Logging report screen in the cel module at the admin/config.php?display=cel URI via date fields. This affects cel through 13.0.26.9, 14.x through 14.0.2.14, and 15.x through 15.0.15.4...
Cross site scripting
An XSS Injection vulnerability exists in Sangoma FreePBX and PBXact 13, 14, and 15 within the Call Event Logging report screen in the cel module at the admin/config.php?display=cel URI via date fields. This affects cel through 13.0.26.9, 14.x through 14.0.2.14, and 15.x through 15.0.15.4...
CVE-2019-19852
An XSS Injection vulnerability exists in Sangoma FreePBX and PBXact 13, 14, and 15 within the Call Event Logging report screen in the cel module at the admin/config.php?display=cel URI via date fields. This affects cel through 13.0.26.9, 14.x through 14.0.2.14, and 15.x through 15.0.15.4...
CVE-2019-19852
An XSS injection vulnerability exists in Sangoma FreePBX and PBXact (13–15) within the Call Event Logging (cel) module, exploitable via the admin/config.php?display=cel page using date fields. Affected versions include cel up to 13.0.26.9, 14.x up to 14.0.2.14, and 15.x up to 15.0.15.4. The root ...
2019: Looking Back at Malware
In 2019, attacker behavior evolved, becoming more evasive. The most common behaviors seen across all attack data—mapped to the MITRE ATT&CK™ Framework—were: Software Packing for Defense Evasion, Hidden Windows for Defense Evasion, Standard Application Layer Protocol for Command and Control C2,...
Unbreakable Enterprise kernel security update
4.14.35-1902.6.6 - RDMA/restrack: Protect from reentry to resource return path Leon Romanovsky Orabug: 30388717 4.14.35-1902.6.5 - hvnetvsc: fix vf serial matching with pci slot info Haiyang Zhang Orabug: 30373111 - rds: Use correct conn when dropping connections due to cancel Hakon Bugge Orabug:...
CVE-2019-7613
Winlogbeat versions before 5.6.16 and 6.6.2 had an insufficient logging flaw. An attacker able to inject certain characters into a log entry could prevent Winlogbeat from recording the event...
August 2, 2016 — KB3176929 (OS Build 14393.10)
August 2, 2016 — KB3176929 OS Build 14393.10 This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Improved reliability of background tasks and extensions for Microsoft Edge. Addressed licensing issue that prevents ap...