516 matches found
CVE-2021-41339
Microsoft DWM Core Library Elevation of Privilege Vulnerability...
VulnCheck KEV: CVE-2021-33739
Microsoft Desktop Window Manager DWM Core Library contains an unspecified vulnerability that allows for privilege escalation...
[SECURITY] [DSA 4917-1] chromium security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4917-1 [email protected] https://www.debian.org/security/ Michael Gilbert May 17, 2021 https://www.debian.org/security/faq -...
Debian DSA-4917-1 : chromium - security update
Several vulnerabilities have been discovered in the chromium web browser. - CVE-2021-30506 @retsew0x01 discovered an error in the Web App installation interface. - CVE-2021-30507 Alison Huffman discovered an error in the Offline mode. - CVE-2021-30508 Leecraso and Guang Gong discovered a buffer...
The vulnerability of Desktop Window Managers in Windows operating systems allows attackers to increase their privileges.
The vulnerability of desktop window managers in Windows operating systems relates to the issue of operations going beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to enhance their privileges through a specially crafted application...
CVE-2021-0438
In several functions of InputDispatcher.cpp, WindowManagerService.java, and related files, there is a possible tapjacking attack due to an incorrect FLAGOBSCURED value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...
Zero-day vulnerability in Desktop Window Manager (CVE-2021-28310) used in the wild
While analyzing the CVE-2021-1732 exploit originally discovered by the DBAPPSecurity Threat Intelligence Center and used by the BITTER APT group, we discovered another zero-day exploit we believe is linked to the same actor. We reported this new exploit to Microsoft in February and after...
[SECURITY] Fedora 34 Update: mutter-40.0~rc-1.fc34
Mutter is a window and compositing manager that displays and manages your desktop via OpenGL. Mutter combines a sophisticated display engine using the Clutter toolkit with solid window-management logic inherited from the Metacity window manager. While Mutter can be used stand-alone, it is primari...
[SECURITY] Fedora 34 Update: kwin-5.21.3-1.fc34
KDE Window manager...
Fedora: Security Advisory for mutter (FEDORA-2021-303f6623fa)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
The vulnerability of the fly-wm window manager, related to the bypassing of authentication due to a fundamental error, allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of the fly-wm window manager is related to the password prompt displayed during session blocking. Exploiting this vulnerability can allow attackers to access confidential data, compromise its integrity, and cause service failures...
The vulnerability of the fly-wm window manager, related to improper release of memory before deleting last references, allows attackers to gain access to confidential data.
The vulnerability of the fly-wm window manager is related to the improper release of memory after moving the icon to a new location. Exploiting this vulnerability can allow an attacker to gain access to confidential data...
The vulnerability of the fly-wm window manager, related to security configuration errors, allows attackers to gain access to confidential data.
The vulnerability of the fly-wm window manager is related to security configuration errors. Exploiting this vulnerability can allow a remote attacker to gain access to confidential data...
CVE-2020-0475
In createInputConsumer of WindowManagerService.java, there is a possible way to block and intercept input events due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product:...
CVE-2020-0475
In createInputConsumer of WindowManagerService.java, there is a possible way to block and intercept input events due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product:...
CVE-2020-0099
In addWindow of WindowManagerService.java, there is a possible window overlay attack due to an insecure default value. This could lead to local escalation of privilege via tapjacking with no additional execution privileges needed. User interaction is needed for exploitation.Product:...
Google Android Information Disclosure Vulnerability (CNVD-2020-54305)
Android is a Linux-based open source operating system from Google and the Open Handheld Alliance OHA. A security vulnerability exists in the Android-11 version of Window Manager, which stems from a privilege bypass that allows an attacker to leak local information...
CVE-2020-0308
In Window Manager, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-153654357...
CVE-2020-0308
In Window Manager, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-153654357...
CVE-2020-0267
In WindowManager, there is a possible launch of an unexpected app due to a confused deputy. This could lead to local escalation of privilege due to launching a malicious app instead of the one the user intended, with no additional execution privileges needed. User interaction is needed for...