477 matches found
Microsoft Issues Updates for 96 Vulnerabilities You Need to Patch this Month
As part of June's Patch Tuesday, Microsoft has released security patches for a total of 96 security vulnerabilities across its products, including fixes for two vulnerabilities being actively exploited in the wild. This month's patch release also includes emergency patches for unsupported version...
Windows Search Information Disclosure Vulnerability
An information disclosure vulnerability exists when Windows Search handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit the vulnerability, an attacker could send specially crafted SMB...
Windows Search Remote Code Execution Vulnerability
A remote code execution vulnerability exists when Windows Search handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full...
VulnCheck KEV: CVE-2017-8543
Microsoft Windows allows an attacker to take control of the affected system when Windows Search fails to handle objects in memory...
KLA11842 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in...
CVE-2017-5873
Unquoted Windows search path vulnerability in the guest service in Unisys s-Par before 4.4.20 allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory, as demonstrated by program.exe...
CVE-2016-6935
Adobe Creative Cloud Desktop on Windows is affected by CVE-2016-6935 due to an unquoted Windows search path in versions prior to 3.8.0.310, enabling local privilege escalation via a Trojan horse executable placed in the SYSTEMDRIVE root. The advisory APSB16-34 recommends updating to 3.8.0.310 to ...
The vulnerability of the Windows operating system, which allows a perpetrator to trigger a service failure
The vulnerability of the Search component in the Windows operating system exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating locally, to cause a service failure a decrease in performance through a specially created application...
Windows Search Denial of Service Vulnerability
This vulnerability occurs when the Windows Search component fails to properly handle certain objects in memory. An attacker who successfully exploited this vulnerability could cause server performance to degrade sufficiently to cause a denial of service condition. To exploit this vulnerability, a...
CVE-2016-3230
The Search component in Microsoft Windows 7, Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to cause a denial of service performance degradation via a crafted application, aka "Windows Search Component Deni...
CVE-2015-8156
Unquoted Windows search path vulnerability in EEDService in Symantec Endpoint Encryption SEE 11.x before 11.1.1 allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory, as demonstrated by program.exe...
Design/Logic Flaw
Unquoted Windows search path vulnerability in the Smart Maximize Helper nvSmartMaxApp.exe in the Control Panel in the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows allows local users to gain privileges via a Trojan horse application, as...
Dell SonicWall NetExtender Privilege Escalation Vulnerability - Windows
Dell SonicWall NetExtender is prone to a privilege escalation vulnerability. This VT has been deprecated and replaced by the VT SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
CVE-2015-4173
Dell SonicWall NetExtender is affected by CVE-2015-4173, a local privilege-escalation due to an unquoted Windows search path in the autorun value. Affected as: NetExtender before 7.5.227 and 8.0.x before 8.0.238, used with SRA firmware before 7.5.1.2-40sv and 8.x before 8.0.0.3-23sv. Root cause: ...
McAfee ePO Deep Command Local Elevation of Privilege Vulnerability
McAfee ePO Deep Command is an extension of McAfee's primary endpoint security management product. A security vulnerability in Client Management and Gateway handling of windows search paths in McAfee ePO Deep Command allows local users to exploit the vulnerability to elevate privileges...
Design/Logic Flaw
Multiple unquoted Windows search path vulnerabilities in the 1 Client Management and 2 Gateway in McAfee ePO Deep Command 2.1 and 2.2 before HF 1058831 allow local users to gain privileges via unspecified vectors...
CVE-2015-3987
Multiple unquoted Windows search path vulnerabilities in the 1 Client Management and 2 Gateway in McAfee ePO Deep Command 2.1 and 2.2 before HF 1058831 allow local users to gain privileges via unspecified vectors...
Foxit Reader < 7.1 Cloud Plugin Windows Search Path Vulnerability
Foxit Reader Cloud Plugin is prone to a windows search path vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Foxit Reader Cloud Plugin Non-Referenced Windows Search Path Vulnerability
Foxit Reader is China's Foxit Foxit Software Corporation of a PDF document reader. Cloud is one of the Foxit Cloud plug-ins. A non-referenced Windows search path vulnerability exists in the Foxit Cloud Safe Update Service in the Cloud plug-in for Foxit Reader versions 6.1 through 7.0.6.1126. A...
Design/Logic Flaw
Unquoted Windows search path vulnerability in the Foxit Cloud Safe Update Service in the Cloud plugin in Foxit Reader 6.1 through 7.0.6.1126 allows local users to gain privileges via a Trojan horse program in the %SYSTEMDRIVE% folder...