144 matches found
The vulnerability of the Input Method Editor (IME) component of the Windows operating system, which allows a hacker to gain elevated privileges
The vulnerability of the Input Method Editor IME component in the Windows operating system is related to insecure management of privileges. Exploiting this vulnerability can allow attackers to enhance their privileges through a specially created application...
CVE-2020-0707
An elevation of privilege vulnerability exists when the Windows IME improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows IME Elevation of Privilege Vulnerability'...
Unspecified Vulnerability in Tecno Camon iClick (CNVD-2020-14790)
The Transn Tecno Camon iClick is a smartphone from the Chinese company Transn. An unspecified vulnerability exists in Tecno Camon iClick. The vulnerability can be exploited to execute code or commands with system privileges to record the screen, restore factory settings, obtain the user's Wi-Fi...
Input validation
The Tecno Camon iClick 2 Android device with a build fingerprint of TECNO/H622/TECNO-ID6:8.1.0/O11019/F-180824V116:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.0.11. This app contains an exported service...
CVE-2019-15348
The Tecno Camon Android device with a build fingerprint of TECNO/H612/TECNO-ID5a:8.1.0/O11019/F-180828V106:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.0.11. This app contains an exported service named...
Windows Text Service Framework Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists in Windows Text Service Framework TSF when the TSF server process does not validate the source of input or commands it receives. An attacker who successfully exploited this vulnerability could inject commands or read input sent through a malicious...
KB4516044: Windows 10 Version 1607 and Windows Server 2016 September 2019 Security Update
The remote Windows host is missing security update 4516044. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists in Windows Text Service Framework TSF when the TSF server process does not validate the source of input or commands it receives. An...
April 25, 2019—KB4493443 (Preview of Monthly Rollup)
April 25, 2019—KB4493443 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4493446 released April 9, 2019 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Addresses an iss...
April 25, 2019—KB4493462 (Preview of Monthly Rollup)
April 25, 2019—KB4493462 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4493451 released April 9, 2019 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Addresses an iss...
Update for Windows Server 2008 SP2: April 25, 2019
Update for Windows Server 2008 SP2: April 25, 2019 Summary This update includes the quality improvements from KB4493458, in addition to new Japanese Era related changes. Key changes include: Updates the NLS registry to support the new Japanese Era. Addresses an issue that causes the Date and Time...
April 25, 2019—KB4493460 (Preview of Monthly Rollup)
April 25, 2019—KB4493460 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4493471released April 9, 2019 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Addresses an issu...
May 14, 2019—KB4499151 (Monthly Rollup)
May 14, 2019—KB4499151 Monthly Rollup Improvements and fixes This security update includes improvements and fixes that were a part of update KB4493443 released April 25, 2019 and addresses the following issues: Provides protections against a new subclass of speculative execution side-channel...
April 25, 2019—KB4498375 (OS Build 10240.18187)
April 25, 2019—KB4498375 OS Build 10240.18187 Improvements and fixes This update includes quality improvements. Key changes include: Addresses an issue that prevents an input method editor IME from supporting the new Japanese Era character. Updates the NLS registry to support the new Japanese Era...
CVE-2018-15007
The Sky Elite 6.0L+ Android device with a build fingerprint of SKY/x6069trxl601sky/x6069trxl601sky:6.0/MRA58K/1482897127:user/release-keys contains a pre-installed platform app with a package name of com.fw.upgrade.sysoper versionCode=238, versionName=2.3.8 that contains an exported broadcast...
July 12, 2016 — KB3163912 (OS Build 10240.17024)
July 12, 2016 — KB3163912 OS Build 10240.17024 This update includes quality improvements and security fixes. No new operating system features are being introduced in this update. Key changes include: Improved reliability of Internet Explorer 11, Windows Explorer, and Windows Update. Fixed issue i...
November 8, 2016 — KB3198585 (OS Build 10240.17190)
November 8, 2016 — KB3198585 OS Build 10240.17190 This update includes quality improvements and security updates. No new operating system features are being introduced in this update. Key changes include: Addressed issue to update the Access Point Name APN database. Addressed issue with deadlocks...
DEBIAN-CVE-2017-7752
A use-after-free vulnerability during specific user interactions with the input method editor IME in some languages due to how events are handled. This results in a potentially exploitable crash but would require specific user interaction to trigger. This vulnerability affects Firefox 54, Firefox...
CVE-2017-7752
A use-after-free vulnerability during specific user interactions with the input method editor IME in some languages due to how events are handled. This results in a potentially exploitable crash but would require specific user interaction to trigger. This vulnerability affects Firefox 54, Firefox...
CVE-2017-7752
A use-after-free vulnerability during specific user interactions with the input method editor IME in some languages due to how events are handled. This results in a potentially exploitable crash but would require specific user interaction to trigger. This vulnerability affects Firefox 54, Firefox...
CVE-2017-7752
CVE-2017-7752 is a use-after-free vulnerability triggered by specific user interactions with the input method editor (IME) in certain languages. The flaw is reported to affect Mozilla Firefox versions before 54, Firefox ESR before 52.2, and Thunderbird before 52.2. The impacted component is tied ...