Lucene search
K

104 matches found

BDU FSTEC
BDU FSTEC
added 2020/10/07 12:0 a.m.6 views

The vulnerability of the Internet Explorer and Sailfish Browser script handlers, which allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the Internet Explorer script handler arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure through a specially created web page...

9.3CVSS7.9AI score0.44265EPSS
Exploits4References5Affected Software2
OSV
OSV
added 2020/09/21 8:15 p.m.2 views

DEBIAN-CVE-2020-6573

Use after free in video in Google Chrome on Android prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

9.6CVSS8.4AI score0.01769EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/08/06 12:0 a.m.5 views

The vulnerability of Google Chrome browser-based task scheduler allows a hacker to gain access to confidential data, compromise its integrity, and cause service interruptions.

The vulnerability of Google Chrome’s task scheduler relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and even cause service failures through a specially created HTML page...

9.6CVSS7.4AI score0.01365EPSS
Exploits0References8Affected Software4
BDU FSTEC
BDU FSTEC
added 2019/12/17 12:0 a.m.5 views

The vulnerability of the Windows GDI component in Windows operating systems allows attackers to disclose protected information.

The vulnerability of the Windows GDI component in Windows operating systems is related to deficiencies in security mechanisms. Exploiting this vulnerability can allow an attacker to disclose sensitive information through a specially crafted web page or file...

5.5CVSS6.2AI score0.05619EPSS
Exploits0References5
NVD
NVD
added 2019/10/30 9:15 p.m.22 views

CVE-2019-17323

ClipSoft REXPERT 1.0.0.527 and earlier version allows arbitrary file creation and execution via report print function of rexpert viewer with modified XML document. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page...

8.8CVSS8.6AI score0.01594EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/08/22 12:0 a.m.6 views

The vulnerability of the Internet Explorer browser’s script handler allows a hacker to execute arbitrary code.

The vulnerability of the Internet Explorer browser’s script handler exists due to errors in memory object handling. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created web page...

7.6CVSS6AI score0.03381EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/03/27 12:0 a.m.6 views

The vulnerability of the VBScript script handler in Internet Explorer allows attackers to disclose protected information.

The vulnerability of VBScript script handlers in Internet Explorer browsers is related to insecure management of privileges. Exploiting this vulnerability allows a malicious actor to disclose sensitive information through a specially created web page...

5CVSS5.7AI score0.48501EPSS
Exploits6References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/01/15 12:0 a.m.5 views

The vulnerability of Microsoft Edge browser, related to errors in request handling mechanisms, allows attackers to disclose protected information.

The vulnerability of Microsoft Edge relates to errors in the request processing mechanism. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose sensitive information through a specially crafted web page...

4.3CVSS6.5AI score0.05498EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2018/12/07 12:0 a.m.9 views

The vulnerability of the JavaScript script handler ChakraCore in Microsoft Edge browsers allows a hacker to execute arbitrary code.

The vulnerability of the JavaScript script handler ChakraCore in Microsoft Edge browsers is caused by an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created web page...

4.2CVSS8.4AI score0.14159EPSS
Exploits0References6Affected Software1
The Hacker News
The Hacker News
added 2018/09/17 9:29 a.m.204 views

Watch Out! This New Web Exploit Can Crash and Restart Your iPhone

It's 2018, and just a few lines of code can crash and restart any iPhone or iPad and can cause a Mac computer to freeze. Sabri Haddouche, a security researcher at encrypted instant messaging app Wire, revealed a proof-of-concept PoC web page containing an exploit that uses only a few lines of...

0.9AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2018/09/14 12:0 a.m.5 views

The vulnerability of the Win32k component in Windows operating systems, which allows a hacker to execute arbitrary code

The vulnerability of the Win32k component in Windows operating systems is related to errors in processing embedded fonts. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted web page or document...

10CVSS8.2AI score0.1907EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2018/06/29 12:0 a.m.7 views

The vulnerability of the JavaScript script handler ChakraCore in the Microsoft Edge browser allows a hacker to execute arbitrary code.

The vulnerability of the JavaScript script handler ChakraCore in the Microsoft Edge browser is caused by an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially crafted web page...

7.6CVSS8.3AI score0.66913EPSS
Exploits2References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/04/04 12:0 a.m.6 views

The vulnerability of the “go get” command implementation in the Go programming language allows a perpetrator to execute arbitrary commands.

The vulnerability of the “go get” command in the Go programming language exists due to insufficient validation of input data insufficient checking of the import path when using the “-insecure” option. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands using a...

9.3CVSS7.6AI score0.63229EPSS
Exploits1References3Affected Software1
Check Point Advisories
Check Point Advisories
added 2017/12/19 12:0 a.m.7 views

Apple WebKit Use After Free Code Execution (CVE-2017-13796)

A remote code execution vulnerability exists in Apple's WebKit. The vulnerability is due to the way the scripting engine handles objects in memory. A remote unauthenticated attacker could exploit this vulnerability by enticing the target user to open a specially crafted web page...

6.8CVSS2.7AI score0.0582EPSS
Exploits4
CNVD
CNVD
added 2017/10/27 12:0 a.m.14 views

Memory Leak Vulnerability in Multiple Huawei Products

The Huawei USG9560, 9520, and 9580 are all USG9500 series firewall appliances from Huawei China. A memory disclosure vulnerability exists in multiple Huawei products. An attacker can exploit the vulnerability by accessing a specific web page on the web device to cause the motherboard to reboot an...

7.8CVSS7.4AI score0.00807EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2017/04/20 12:0 a.m.5 views

The vulnerability of Safari browser and iOS operating system allows attackers to bypass HTTP authentication procedures or trigger a denial-of-service attack.

The vulnerability of the Safari browser and the iOS operating system is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to bypass HTTP authentication procedures or trigger a service denial using a specially crafted web page...

5.8CVSS7.6AI score0.01763EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2017/03/31 12:0 a.m.12 views

The vulnerability of the Windows operating system allows a perpetrator to obtain confidential information from the process memory.

The vulnerability of the Uniscribe component of the Windows operating system is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor, acting remotely, to obtain confidential information from the process’s memory through a specially crafted web...

4.3CVSS5.8AI score0.42124EPSS
Exploits1References3
Check Point Advisories
Check Point Advisories
added 2016/12/13 12:0 a.m.31 views

Microsoft Browser Scripting Engine Memory Corruption (MS16-145: CVE-2016-7287)

A memory corruption vulnerability exists in Microsoft Edge. The vulnerability is due to the way JavaScript engine renders when handling objects in memory. A remote unauthenticated attacker could exploit this vulnerability by enticing the target user to open a specially crafted web page...

7.6CVSS4AI score0.68884EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2016/09/22 12:0 a.m.6 views

Vulnerabilities of Microsoft Edge and Internet Explorer browsers, which allow attackers to trigger service failures or execute arbitrary code.

The vulnerabilities of Microsoft Edge and Internet Explorer are related to code errors. Exploiting these vulnerabilities allows a malicious actor to execute arbitrary code or trigger a service failure memory corruption through a specially crafted web page...

6.8CVSS8.1AI score0.22573EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/04/14 12:0 a.m.6 views

The vulnerability of the Safari browser, which allows a hacker to replace the user interface

The vulnerability of Safari browser is related to incorrect data processing. Exploiting this vulnerability allows a malicious actor to replace the user interface through a web page that replaces the actual text...

4.3CVSS5.8AI score0.01415EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder