Microsoft Windows NTLM Tampering Security Bypass Vulnerability

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. A security vulnerability exists in Microsoft Windows. An attacker could exploit this...

Microsoft Windows GDI Component Information Disclosure Vulnerability (CNVD-2019-24758)

The Microsoft Windows operating system is a set of operating systems developed by Microsoft Corporation in the United States. An information disclosure vulnerability exists in Microsoft Windows GDI Component, which can be exploited by an attacker to cause an information disclosure that could lead...

CVE-2019-1011

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could explo...

The vulnerability of the Unified Write Filter (UWF) in the Windows operating system allows a hacker to increase their privileges.

The vulnerability of the Unified Write Filter UWF in the Windows operating system is related to the lack of restrictions on access to the registry. Exploiting this vulnerability can allow an attacker to enhance their privileges...

The vulnerability of the Cisco Webex Network Recording Player and Cisco Webex Player for Windows operating systems arises from an operation that goes beyond buffer boundaries in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the Cisco Webex Network Recording Player and Cisco Webex Player for Windows operating systems arises from operations that go beyond the buffer limits in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created ARF or WRF fil...

The vulnerability of the Hyper-V hardware virtualization system for Windows operating systems allows attackers to disclose sensitive information that should be protected.

The vulnerability of the Hyper-V hardware virtualization technology for Windows operating systems is related to errors in the authentication process in the guest operating system. Exploiting this vulnerability can allow an attacker to disclose sensitive information...

The vulnerability of the OLE component of the Windows operating system, related to insufficient validation of input data, allows a perpetrator to execute arbitrary code.

The vulnerability of the OLE component in the Windows operating system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

Microsoft Internet Explorer Input Validation Error Vulnerability

Microsoft Internet Explorer IE is a Web browser that comes with the Windows operating system from the American company Microsoft. An input validation error vulnerability exists in Microsoft IE 9, 10, and 11. The vulnerability originates from a network system or product that does not properly...

Exploit for Use After Free in Microsoft

CVE-2019-0708 Introduction Microsoft has released its mont...

The vulnerability of the Win32k component of the Windows operating system, which allows a hacker to execute arbitrary code in kernel mode

The vulnerability of the Win32k component of the Windows operating system is related to deficiencies in access control. Exploiting this vulnerability allows an attacker to execute arbitrary code in kernel mode using a specially created application...

The vulnerability of the OLE Automatization component of the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the OLE Automatization component of the Windows operating system is related to a memory object handling error. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

The vulnerability of the Windows operating system’s LUAFV driver allows a hacker to execute arbitrary code.

The vulnerability of the LUAFV driver luafv.sys in the Windows operating system is related to deficiencies in access control. Exploiting this vulnerability allows an attacker to execute arbitrary code through a specially created application...

The vulnerability of the Windows Graphics Device Interface component of the Windows operating system allows attackers to compromise the confidentiality of protected information.

The vulnerability of the Windows Graphics Device Interface GDI component of the Windows operating system is related to the lack of protection for service data. Exploiting this vulnerability allows an attacker to compromise the confidentiality of protected information through a specially created...

The vulnerability of the DirectX component in Windows operating systems allows attackers to gain unauthorized access to protected information.

The vulnerability of the DirectX component in Windows operating systems is related to errors in object handling in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially created application...

Windows Zero-Day Emerges in Active Exploits

A just-patched vulnerability in the Windows operating system that was previously unknown up until last week is being actively exploited in the wild; it opens the door for full system takeover. Discovered by Vasily Berdnikov and Boris Larin of Kaspersky Lab on St. Patrick’s Day this year, the flaw...

Microsoft Windows and Microsoft Windows Server Elevation of Privilege Vulnerability

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. A privilege-lifting vulnerability exists in Microsoft Windows that stems from Windows'...

Microsoft Internet Explorer VBScript Engine Remote Code Execution Vulnerability

Microsoft Internet Explorer IE is a Web browser that comes with the Windows operating system from the American company Microsoft. A remote code execution vulnerability exists in Microsoft Internet Explorer VBScript Engine. An attacker could exploit this vulnerability to execute arbitrary code in...

Microsoft Windows GDI Information Disclosure Vulnerability (CNVD-2019-16752)

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. Windows Graphics Device Interface GDI is one of the graphic device interfaces. An...

PT-2019-1846 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows affected versions not specified Description: The issue is related to errors in object handling in memory within the Win32k component of the Windows operating system. This can allow a remote attacker to elevate their...

DEBIAN-CVE-2018-4345

A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7...