Lucene search
K

144 matches found

BDU FSTEC
BDU FSTEC
added 2020/03/10 12:0 a.m.5 views

The vulnerability of the Input Method Editor (IME) component of the Windows operating system, which allows a hacker to gain elevated privileges

The vulnerability of the Input Method Editor IME component in the Windows operating system is related to insecure management of privileges. Exploiting this vulnerability can allow attackers to enhance their privileges through a specially created application...

7.8CVSS7.2AI score0.00951EPSS
Exploits0References3
OSV
OSV
added 2020/02/11 10:15 p.m.5 views

CVE-2020-0707

An elevation of privilege vulnerability exists when the Windows IME improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows IME Elevation of Privilege Vulnerability'...

7.8CVSS7.2AI score0.00951EPSS
Exploits0References1
CNVD
CNVD
added 2019/12/17 12:0 a.m.5 views

Unspecified Vulnerability in Tecno Camon iClick (CNVD-2020-14790)

The Transn Tecno Camon iClick is a smartphone from the Chinese company Transn. An unspecified vulnerability exists in Tecno Camon iClick. The vulnerability can be exploited to execute code or commands with system privileges to record the screen, restore factory settings, obtain the user's Wi-Fi...

7.8CVSS7.4AI score0.00332EPSS
Exploits0References1
Prion
Prion
added 2019/11/14 5:15 p.m.13 views

Input validation

The Tecno Camon iClick 2 Android device with a build fingerprint of TECNO/H622/TECNO-ID6:8.1.0/O11019/F-180824V116:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.0.11. This app contains an exported service...

7.2CVSS7.5AI score0.00387EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/11/14 4:24 p.m.27 views

CVE-2019-15348

The Tecno Camon Android device with a build fingerprint of TECNO/H612/TECNO-ID5a:8.1.0/O11019/F-180828V106:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.0.11. This app contains an exported service named...

7.6AI score0.00387EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2019/09/10 7:0 a.m.35 views

Windows Text Service Framework Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in Windows Text Service Framework TSF when the TSF server process does not validate the source of input or commands it receives. An attacker who successfully exploited this vulnerability could inject commands or read input sent through a malicious...

7.8CVSS4AI score0.00619EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/09/10 12:0 a.m.234 views

KB4516044: Windows 10 Version 1607 and Windows Server 2016 September 2019 Security Update

The remote Windows host is missing security update 4516044. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists in Windows Text Service Framework TSF when the TSF server process does not validate the source of input or commands it receives. An...

9.3CVSS8.1AI score0.61314EPSS
Exploits5References49
Microsoft KB
Microsoft KB
added 2019/08/13 12:0 a.m.6 views

April 25, 2019—KB4493443 (Preview of Monthly Rollup)

April 25, 2019—KB4493443 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4493446 released April 9, 2019 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Addresses an iss...

5.9AI score
Exploits0
Microsoft KB
Microsoft KB
added 2019/06/11 12:0 a.m.14 views

April 25, 2019—KB4493462 (Preview of Monthly Rollup)

April 25, 2019—KB4493462 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4493451 released April 9, 2019 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Addresses an iss...

5.5AI score
Exploits0
Microsoft KB
Microsoft KB
added 2019/05/15 12:0 a.m.7 views

Update for Windows Server 2008 SP2: April 25, 2019

Update for Windows Server 2008 SP2: April 25, 2019 Summary This update includes the quality improvements from KB4493458, in addition to new Japanese Era related changes. Key changes include: Updates the NLS registry to support the new Japanese Era. Addresses an issue that causes the Date and Time...

7.4AI score
Exploits0
Microsoft KB
Microsoft KB
added 2019/05/15 12:0 a.m.7 views

April 25, 2019—KB4493460 (Preview of Monthly Rollup)

April 25, 2019—KB4493460 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4493471released April 9, 2019 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Addresses an issu...

7.6AI score
Exploits0
Microsoft KB
Microsoft KB
added 2019/05/14 7:0 a.m.99 views

May 14, 2019—KB4499151 (Monthly Rollup)

May 14, 2019—KB4499151 Monthly Rollup Improvements and fixes This security update includes improvements and fixes that were a part of update KB4493443 released April 25, 2019 and addresses the following issues: Provides protections against a new subclass of speculative execution side-channel...

9.8CVSS7.5AI score0.26264EPSS
Exploits2
Microsoft KB
Microsoft KB
added 2019/04/24 12:0 a.m.6 views

April 25, 2019—KB4498375 (OS Build 10240.18187)

April 25, 2019—KB4498375 OS Build 10240.18187 Improvements and fixes This update includes quality improvements. Key changes include: Addresses an issue that prevents an input method editor IME from supporting the new Japanese Era character. Updates the NLS registry to support the new Japanese Era...

6.9AI score
Exploits0
Cvelist
Cvelist
added 2018/12/28 9:0 p.m.19 views

CVE-2018-15007

The Sky Elite 6.0L+ Android device with a build fingerprint of SKY/x6069trxl601sky/x6069trxl601sky:6.0/MRA58K/1482897127:user/release-keys contains a pre-installed platform app with a package name of com.fw.upgrade.sysoper versionCode=238, versionName=2.3.8 that contains an exported broadcast...

7.5AI score0.00447EPSS
Exploits1References2
Microsoft KB
Microsoft KB
added 2018/10/09 12:0 a.m.4 views

July 12, 2016 — KB3163912 (OS Build 10240.17024)

July 12, 2016 — KB3163912 OS Build 10240.17024 This update includes quality improvements and security fixes. No new operating system features are being introduced in this update. Key changes include: Improved reliability of Internet Explorer 11, Windows Explorer, and Windows Update. Fixed issue i...

7AI score
Exploits0
Microsoft KB
Microsoft KB
added 2018/10/09 12:0 a.m.4 views

November 8, 2016 — KB3198585 (OS Build 10240.17190)

November 8, 2016 — KB3198585 OS Build 10240.17190 This update includes quality improvements and security updates. No new operating system features are being introduced in this update. Key changes include: Addressed issue to update the Access Point Name APN database. Addressed issue with deadlocks...

7.3AI score
Exploits0
OSV
OSV
added 2018/06/11 9:29 p.m.1 views

DEBIAN-CVE-2017-7752

A use-after-free vulnerability during specific user interactions with the input method editor IME in some languages due to how events are handled. This results in a potentially exploitable crash but would require specific user interaction to trigger. This vulnerability affects Firefox 54, Firefox...

8.8CVSS9.1AI score0.02026EPSS
Exploits0References1
OSV
OSV
added 2018/06/11 9:29 p.m.8 views

CVE-2017-7752

A use-after-free vulnerability during specific user interactions with the input method editor IME in some languages due to how events are handled. This results in a potentially exploitable crash but would require specific user interaction to trigger. This vulnerability affects Firefox 54, Firefox...

8.8CVSS8AI score
Exploits0References10
Cvelist
Cvelist
added 2018/06/11 9:0 p.m.21 views

CVE-2017-7752

A use-after-free vulnerability during specific user interactions with the input method editor IME in some languages due to how events are handled. This results in a potentially exploitable crash but would require specific user interaction to trigger. This vulnerability affects Firefox 54, Firefox...

8.1AI score0.02026EPSS
Exploits0References10
CVE
CVE
added 2018/06/11 9:0 p.m.124 views

CVE-2017-7752

CVE-2017-7752 is a use-after-free vulnerability triggered by specific user interactions with the input method editor (IME) in certain languages. The flaw is reported to affect Mozilla Firefox versions before 54, Firefox ESR before 52.2, and Thunderbird before 52.2. The impacted component is tied ...

8.8CVSS8AI score0.02026EPSS
Exploits0References10Affected Software1
Rows per page
Query Builder