104 matches found
The vulnerability of the Internet Explorer and Sailfish Browser script handlers, which allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the Internet Explorer script handler arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure through a specially created web page...
DEBIAN-CVE-2020-6573
Use after free in video in Google Chrome on Android prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...
The vulnerability of Google Chrome browser-based task scheduler allows a hacker to gain access to confidential data, compromise its integrity, and cause service interruptions.
The vulnerability of Google Chrome’s task scheduler relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and even cause service failures through a specially created HTML page...
The vulnerability of the Windows GDI component in Windows operating systems allows attackers to disclose protected information.
The vulnerability of the Windows GDI component in Windows operating systems is related to deficiencies in security mechanisms. Exploiting this vulnerability can allow an attacker to disclose sensitive information through a specially crafted web page or file...
CVE-2019-17323
ClipSoft REXPERT 1.0.0.527 and earlier version allows arbitrary file creation and execution via report print function of rexpert viewer with modified XML document. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page...
The vulnerability of the Internet Explorer browser’s script handler allows a hacker to execute arbitrary code.
The vulnerability of the Internet Explorer browser’s script handler exists due to errors in memory object handling. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created web page...
The vulnerability of the VBScript script handler in Internet Explorer allows attackers to disclose protected information.
The vulnerability of VBScript script handlers in Internet Explorer browsers is related to insecure management of privileges. Exploiting this vulnerability allows a malicious actor to disclose sensitive information through a specially created web page...
The vulnerability of Microsoft Edge browser, related to errors in request handling mechanisms, allows attackers to disclose protected information.
The vulnerability of Microsoft Edge relates to errors in the request processing mechanism. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose sensitive information through a specially crafted web page...
The vulnerability of the JavaScript script handler ChakraCore in Microsoft Edge browsers allows a hacker to execute arbitrary code.
The vulnerability of the JavaScript script handler ChakraCore in Microsoft Edge browsers is caused by an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created web page...
Watch Out! This New Web Exploit Can Crash and Restart Your iPhone
It's 2018, and just a few lines of code can crash and restart any iPhone or iPad and can cause a Mac computer to freeze. Sabri Haddouche, a security researcher at encrypted instant messaging app Wire, revealed a proof-of-concept PoC web page containing an exploit that uses only a few lines of...
The vulnerability of the Win32k component in Windows operating systems, which allows a hacker to execute arbitrary code
The vulnerability of the Win32k component in Windows operating systems is related to errors in processing embedded fonts. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted web page or document...
The vulnerability of the JavaScript script handler ChakraCore in the Microsoft Edge browser allows a hacker to execute arbitrary code.
The vulnerability of the JavaScript script handler ChakraCore in the Microsoft Edge browser is caused by an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially crafted web page...
The vulnerability of the “go get” command implementation in the Go programming language allows a perpetrator to execute arbitrary commands.
The vulnerability of the “go get” command in the Go programming language exists due to insufficient validation of input data insufficient checking of the import path when using the “-insecure” option. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands using a...
Apple WebKit Use After Free Code Execution (CVE-2017-13796)
A remote code execution vulnerability exists in Apple's WebKit. The vulnerability is due to the way the scripting engine handles objects in memory. A remote unauthenticated attacker could exploit this vulnerability by enticing the target user to open a specially crafted web page...
Memory Leak Vulnerability in Multiple Huawei Products
The Huawei USG9560, 9520, and 9580 are all USG9500 series firewall appliances from Huawei China. A memory disclosure vulnerability exists in multiple Huawei products. An attacker can exploit the vulnerability by accessing a specific web page on the web device to cause the motherboard to reboot an...
The vulnerability of Safari browser and iOS operating system allows attackers to bypass HTTP authentication procedures or trigger a denial-of-service attack.
The vulnerability of the Safari browser and the iOS operating system is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to bypass HTTP authentication procedures or trigger a service denial using a specially crafted web page...
The vulnerability of the Windows operating system allows a perpetrator to obtain confidential information from the process memory.
The vulnerability of the Uniscribe component of the Windows operating system is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor, acting remotely, to obtain confidential information from the process’s memory through a specially crafted web...
Microsoft Browser Scripting Engine Memory Corruption (MS16-145: CVE-2016-7287)
A memory corruption vulnerability exists in Microsoft Edge. The vulnerability is due to the way JavaScript engine renders when handling objects in memory. A remote unauthenticated attacker could exploit this vulnerability by enticing the target user to open a specially crafted web page...
Vulnerabilities of Microsoft Edge and Internet Explorer browsers, which allow attackers to trigger service failures or execute arbitrary code.
The vulnerabilities of Microsoft Edge and Internet Explorer are related to code errors. Exploiting these vulnerabilities allows a malicious actor to execute arbitrary code or trigger a service failure memory corruption through a specially crafted web page...
The vulnerability of the Safari browser, which allows a hacker to replace the user interface
The vulnerability of Safari browser is related to incorrect data processing. Exploiting this vulnerability allows a malicious actor to replace the user interface through a web page that replaces the actual text...