UBUNTU-CVE-2018-4271

Multiple memory corruption issues were addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6...

The vulnerability of the Microsoft XML Core Services MSXML on the Windows operating system allows a hacker to execute malicious code and gain control over the system.

The vulnerability of the Microsoft XML Core Services MSXML in the Windows operating system is related to insecure management of privileges. Exploiting this vulnerability allows a malicious actor to execute malicious code remotely and gain control over the system...

The vulnerability of the comctl32.dll file in the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the comctl32.dll file in the Windows operating system arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the VBScript mechanism in the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the VBScript mechanism in the Windows operating system arises from the execution of an operation beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created web page...

The vulnerability of the Microsoft XML Core Services on the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the Microsoft XML Core Services on the Windows operating system is related to incorrect restrictions on XML references to external objects. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created web page from a remote...

The vulnerability of the Active Directory Forest catalog service for Windows operating systems allows attackers to increase their privileges.

The vulnerability of the Active Directory catalog service for Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...

CVE-2018-12218

Unhandled exception in User Mode Driver in IntelR Graphics Driver for Windows before versions 10.18.x.5059 aka 15.33.x.5059, 10.18.x.5057 aka 15.36.x.5057, 20.19.x.5063 aka 15.40.x.5063 21.20.x.5064 aka 15.45.x.5064 and 24.20.100.6373 potentially enables an unprivileged user to cause a memory lea...

Microsoft Internet Explorer VBScript Engine Remote Code Execution Vulnerability

Microsoft Internet Explorer IE is a Web browser that comes with the Windows operating system from Microsoft Corporation.VBScript Engine is one of the VBScript scripting language engines. A remote code execution vulnerability exists in the way memory objects are handled in the VBScript Engine of...

Microsoft Internet Explorer VBScript Engine Remote Memory Corruption Vulnerability (CNVD-2019-10618)

Microsoft Internet Explorer IE is a Web browser that comes with the Windows operating system from Microsoft Corporation.VBScript Engine is one of the VBScript scripting language engines. A remote memory corruption vulnerability exists in the way memory objects are handled in the VBScript Engine o...

Microsoft Windows GDI Information Disclosure Vulnerability (CNVD-2019-16754)

Microsoft Windows Server and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is a set of operating systems for personal devices.Microsoft Windows Server is a set of server operating systems.Windows Graphics Device Interface GDI is one of the graphics device...

Microsoft Windows GDI Information Disclosure Vulnerability (CNVD-2019-16753)

Microsoft Windows Server and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is a set of operating systems for personal devices.Microsoft Windows Server is a set of server operating systems.Windows Graphics Device Interface GDI is one of the graphics device...

The vulnerability of the Windows GDI component of the Windows operating system, which allows a hacker to compromise sensitive information

The vulnerability of the Windows GDI component of the Windows operating system is related to errors in the memory object handling mechanisms. Exploiting this vulnerability can allow an attacker to disclose sensitive information through a specially crafted document file...

The vulnerability of Human Interface Devices’ components in the Windows operating system, which allows a intruder to disclose protected information

The vulnerability of Human Interface Devices in the Windows operating system is related to errors in the memory object handling mechanisms. Exploiting this vulnerability can allow an attacker to disclose sensitive information through a specially crafted application...

The vulnerability of the Windows GDI component of the Windows operating system, which allows a hacker to compromise sensitive information

The vulnerability of the Windows GDI component of the Windows operating system is related to errors in the memory object handling mechanisms. Exploiting this vulnerability can allow an attacker to disclose sensitive information through a specially crafted application...

Code injection

When the RSS Feed preview about:feeds page is framed within another page, it can be used in concert with scripted content for a clickjacking attack that confuses users into downloading and executing an executable file from a temporary directory. Note: This issue only affects Windows operating...

The vulnerability of Microsoft Hyper-V hardware virtualization technology in the Windows operating system allows a perpetrator to compromise the confidentiality of protected information.

The vulnerability of Microsoft Hyper-V hardware virtualization technology in the Windows operating system is related to the lack of protection for mission-critical data. Exploiting this vulnerability can allow attackers to compromise the confidentiality of protected information through a speciall...

The vulnerability of the SMBv2 component of the Windows operating system, allowing a hacker to execute arbitrary code

The vulnerability of the SMBv2 component in the Windows operating system is related to insecure management of privileges. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary code by sending a specially crafted package to the SMBv2 server...

The vulnerability of the Windows operating system, related to insecure management of privileges, allows a perpetrator to circumvent the User Mode Code Integrity Policy (UMCI).

The vulnerability of the Windows operating system is related to the insecure management of privileges. Exploiting this vulnerability can allow an attacker to bypass the User Mode Code Integrity Policy UMCI...

The vulnerability of the Cisco Webex Network Recording Player and Cisco Webex Player for Windows operating systems arises from an operation that goes beyond buffer boundaries in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the Cisco Webex Network Recording Player and Cisco Webex Player for Windows operating systems arises from operations that go beyond the buffer limits in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending a specially crafted ARF or WR...

The vulnerability of the Microsoft JET Database Engine database driver on the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the Microsoft JET Database Engine database driver for the Windows operating system exists due to errors in object handling in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created file...