Vulnerability of JavaScript handlers in Microsoft Edge and Internet Explorer browsers of the Windows operating system, allowing a perpetrator to execute arbitrary code

The vulnerability of Microsoft Edge and Internet Explorer JavaScript handlers arises from an operation going beyond the buffer boundaries due to a memory object processing error. Exploiting this vulnerability allows a remote attacker to execute arbitrary code in the context of the current user...

The vulnerability of JavaScript handlers in the Microsoft Edge browser for the Windows operating system, allowing a perpetrator to execute arbitrary code

The vulnerability of Microsoft Edge’s JavaScript handlers arises from an operation going beyond the buffer boundaries due to a memory object processing error. Exploiting this vulnerability allows a remote attacker to execute arbitrary code in the context of the current user...

Microsoft Windows Elevation of Privilege Vulnerability (CNVD-2017-15098)

Microsoft Windows is a series of operating systems released by Microsoft Corporation in the United States. win32k is the kernel part of the Windows subsystem, a kernel-mode device driver, which contains a window manager, a background control window, and screen output management. A privilege alert...

Microsoft Windows Win32k Elevation of Privilege Vulnerability (CNVD-2017-16984)

Microsoft Windows is a family of operating systems released by Microsoft Corporation in the U.S. Win32k is the 32-bit environment of its operating system. An elevation of privilege vulnerability exists in Win32k in Microsoft Windows, which stems from a failure of the Graphics component to properl...

Vulnerability of the Windows operating system, allowing a perpetrator to execute arbitrary code

The vulnerability of the Windows operating system is related to improper access to files in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Microsoft Windows - 'win32k!NtGdiExtGetObjectW' Kernel Stack Memory Disclosure

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1178 We have discovered that it is possible to disclose portions of uninitialized kernel stack memory in Windows 7-10 through the win32k!NtGdiExtGetObjectW system call accessible via a documented GetObject API function to user-mo...

CVE-2017-8476

The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application. aka...

CVE-2017-8488

The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application. aka...

Microsoft Windows LNK File Remote Code Execution Vulnerability

Microsoft Windows is a family of operating systems released by Microsoft Corporation in the United States. lnk files are a type of file used to point to other files. A remote code execution vulnerability exists in Microsoft Windows LNK files. A malicious binary file containing a malicious LNK fil...

Vulnerability of the Windows operating system, allowing a perpetrator to execute arbitrary code

The vulnerability of the Windows operating system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted image...

The vulnerability of the Microsoft Server Message Block 1.0 (SMBv1) network protocol on the Windows operating system, which allows a hacker to cause a service failure.

The vulnerability of the Microsoft Server Message Block 1.0 SMBv1 protocol in the Windows operating system exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions by sending specially crafted requests remotely...

Microsoft Malware Protection Engine Denial of Service Vulnerability (CNVD-2017-09502)

Microsoft Windows is a series of operating systems released by Microsoft, Microsoft Forefront is a set of enterprise-oriented server security features applied to it.Microsoft Defender is an antivirus software applied to it. A denial of service vulnerability exists in Microsoft Forefront and...

The vulnerability of the Hyper-V Network Switch component of the Windows operating system allows a hacker to bypass the certification verification.

The vulnerability of the Hyper-V Network Switch component of the Windows operating system exists due to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to bypass certificate verification...

CVE-2017-0272

The Microsoft Server Message Block 1.0 SMBv1 server on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to execute remote code by the way it...

CVE-2017-0077

The kernel-mode drivers in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow a local authenticated attacker to execute a specially crafted application to obtain...

Memory corruption

All versions of VAMPSET software produced by Schneider Electric, prior to V2.2.189, are susceptible to a memory corruption vulnerability when a corrupted vf2 file is used. This vulnerability causes the software to halt or not start when trying to open the corrupted file. This vulnerability occurs...

The vulnerability of the SMBv1 protocol in the Microsoft Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the SMBv1 protocol in Microsoft Windows exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using specially crafted packets...

The vulnerability of the Windows operating system and the Microsoft Office software package allows a perpetrator to execute arbitrary code.

The vulnerability of the Windows operating system and the Microsoft Office suite is related to access control deficiencies. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted document...

Microsoft Windows LDAP Remote Elevation of Privilege Vulnerability

Microsoft Windows is the popular computer operating system. Microsoft Windows fails to correctly calculate the LDAP request buffer length is implemented with an elevation of privilege vulnerability that can be exploited by an attacker to send malicious traffic to a domain controller to elevate...

CVE-2017-0191

A denial of service vulnerability exists in the way that Windows 7, Windows 8.1, Windows 10, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016 handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system...