Lucene search
K

57 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:3 a.m.2 views

SUSE CVE-2020-6378

Use after free in speech in Google Chrome prior to 79.0.3945.130 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS8.2AI score0.01218EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:2 a.m.3 views

SUSE CVE-2020-6505

Use after free in speech in Google Chrome prior to 83.0.4103.106 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page...

9.6CVSS9.1AI score0.01EPSS
Exploits0References6
0day.today
0day.today
added 2021/11/09 12:0 a.m.403 views

Google Assistant Authentication Bypass Vulnerability

Google Assistant suffered from an authentication bypass vulnerability allowing a webpage to execute commands without permission. Auth Bypass in Google Assistant Summary: Webpage can execute Google Assistant commands without any permissions Steps to reproduce: Generate the TTS audio files using th...

7.7AI score
Exploits0
ThreatPost
ThreatPost
added 2020/06/15 3:36 p.m.100 views

'Lamphone' Hack Uses Lightbulb Vibrations to Eavesdrop on Homes

Researchers have discovered a novel way to spy on conversations that are happening in houses from almost a hundred feet away. The hack stems simply from a lightbulb hanging in the home. The hack, dubbed “lamphone,” is performed by analyzing the tiny vibrations of a hanging lightbulb, which are...

7.2AI score
Exploits0References9
OSV
OSV
added 2020/02/27 11:15 p.m.2 views

UBUNTU-CVE-2020-6386

Use after free in speech in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS6.8AI score0.01656EPSS
Exploits1References2
OSV
OSV
added 2019/06/12 2:29 p.m.5 views

CVE-2019-0985

A remote code execution vulnerability exists when the Microsoft Speech API SAPI improperly handles text-to-speech TTS input. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. To exploit the vulnerability, an...

7.8CVSS7.8AI score0.03524EPSS
Exploits0References2
NVD
NVD
added 2019/06/12 2:29 p.m.19 views

CVE-2019-0985

A remote code execution vulnerability exists when the Microsoft Speech API SAPI improperly handles text-to-speech TTS input. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. To exploit the vulnerability, an...

7.8CVSS7.9AI score0.03524EPSS
Exploits0References2
Prion
Prion
added 2019/06/12 2:29 p.m.26 views

Remote code execution

A remote code execution vulnerability exists when the Microsoft Speech API SAPI improperly handles text-to-speech TTS input, aka 'Microsoft Speech API Remote Code Execution Vulnerability'...

6.8CVSS8.1AI score0.03524EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2019/06/12 1:49 p.m.100 views

CVE-2019-0985

CVE-2019-0985 is a remote code execution vulnerability in Microsoft Speech API (SAPI) triggered by text-to-speech input. The issue arises when TTS content invoked via scripting is processed in memory, potentially allowing arbitrary code execution in the context of the current user. How it is expl...

7.8CVSS7.7AI score0.03524EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2019/06/12 1:49 p.m.18 views

CVE-2019-0985 Microsoft Speech API Remote Code Execution Vulnerability

...

7.8CVSS8AI score0.03524EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2019/06/12 12:0 a.m.231 views

Microsoft Windows Multiple Vulnerabilities (KB4503292)

This host is missing a critical security update according to Microsoft KB4503292 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...

9.3CVSS7.1AI score0.48488EPSS
Exploits12References1
Microsoft CVE
Microsoft CVE
added 2019/06/11 7:0 a.m.37 views

Microsoft Speech API Remote Code Execution Vulnerability

A remote code execution vulnerability exists when the Microsoft Speech API SAPI improperly handles text-to-speech TTS input. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. To exploit the vulnerability, an...

7.8CVSS2.7AI score0.03524EPSS
Exploits0
Symantec
Symantec
added 2019/06/11 12:0 a.m.125 views

Microsoft Windows Speech API CVE-2019-0985 Remote Code Execution Vulnerability

Description Microsoft Windows Speech API is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems...

0.1AI score0.03524EPSS
Exploits0Affected Software2
Kaspersky
Kaspersky
added 2019/06/11 12:0 a.m.51 views

KLA11874 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products ESU. Malicious users can exploit these vulnerabilities to gain privileges, spoof user interface, execute arbitrary code, obtain sensitive information, bypass security restrictions, cause denial of service. Below is a complete list of...

9.3CVSS9.7AI score0.48488EPSS
Exploits15References69
Check Point Advisories
Check Point Advisories
added 2019/06/11 12:0 a.m.9 views

Microsoft Speech API Remote Code Execution (CVE-2019-0985)

A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS8.3AI score0.03524EPSS
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.10 views

w32-speaking-shellcode

No description provided by source. A null-free shellcode for 32-bit versions of Windows 5.0-7.0 all service packs that uses Microsoft Speech API to say You got pwned! over the speakers. Includes optional code that fixes stack alignment adds 5 bytes and bypasses EAF adds 29 bytes. Features: NULL...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2014/01/23 10:3 a.m.9 views

Google Chrome Eavesdropping Exploit Published

The developer of the annyang speech recognition JavaScript library has published exploit code for a bug in Google’s Chrome browser that could allow a malicious website to eavesdrop using a computer’s microphone long after a visitor has left a website. The code disclosure is in response, said...

7AI score
Exploits0References4
Google Chrome Security Advisories
Google Chrome Security Advisories
added 2013/02/21 12:0 a.m.38 views

Stable Channel Update

The Chrome team is excited to announce the promotion of Chrome 25 to the Stable Channel. Chrome 25.0.1364.97 for Windows and Linux, and 25.0.1364.99 for Mac contain a number of new items including: Improvements in managing and securing your extensions Better support for HTML5 time/date inputs...

7.5CVSS10AI score0.0225EPSS
Exploits0Affected Software1
The Hacker News
The Hacker News
added 2011/02/22 10:21 a.m.12 views

OllyDbg 2.01 Alpha 2 Tool New Version Download !

"OllyDbg is a 32-bit assembler level analysing debugger for Microsoft® Windows®. Emphasis on binary code analysis makes it particularly useful in cases where source is unavailable." Version 2.01 alpha 2 is an intermediate functional release with many new useful features. The most important novelt...

6.9AI score
Exploits0
Metasploit
Metasploit
added 2011/01/06 5:34 p.m.35 views

Windows Speech API - Say "You Got Pwned!"

Causes the target to say "You Got Pwned" via the Windows Speech API This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework =begin https://www.exploit-db.com/sploits/w32-speaking-shellcode.zip Copyright c 2009-2010 Berend-Jan...

7.3AI score
Exploits0
Rows per page
Query Builder