Lucene search
+L

477 matches found

The Hacker News
The Hacker News
added 2017/06/13 11:18 p.m.132 views

Microsoft Issues Updates for 96 Vulnerabilities You Need to Patch this Month

As part of June's Patch Tuesday, Microsoft has released security patches for a total of 96 security vulnerabilities across its products, including fixes for two vulnerabilities being actively exploited in the wild. This month's patch release also includes emergency patches for unsupported version...

10CVSS8.6AI score0.90026EPSS
Exploits25
Microsoft CVE
Microsoft CVE
added 2017/06/13 7:0 a.m.32 views

Windows Search Information Disclosure Vulnerability

An information disclosure vulnerability exists when Windows Search handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit the vulnerability, an attacker could send specially crafted SMB...

6.5CVSS1.8AI score0.14265EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2017/06/13 7:0 a.m.54 views

Windows Search Remote Code Execution Vulnerability

A remote code execution vulnerability exists when Windows Search handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full...

10CVSS2.3AI score0.7376EPSS
Exploits0
VulnCheck KEV
VulnCheck KEV
added 2017/06/13 12:0 a.m.3 views

VulnCheck KEV: CVE-2017-8543

Microsoft Windows allows an attacker to take control of the affected system when Windows Search fails to handle objects in memory...

10CVSS6.9AI score0.7376EPSS
Exploits0References1
Kaspersky
Kaspersky
added 2017/06/13 12:0 a.m.90 views

KLA11842 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in...

10CVSS9AI score0.90026EPSS
Exploits93References88
Cvelist
Cvelist
added 2017/04/11 3:0 p.m.22 views

CVE-2017-5873

Unquoted Windows search path vulnerability in the guest service in Unisys s-Par before 4.4.20 allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory, as demonstrated by program.exe...

7.2AI score0.00412EPSS
Exploits1References1
CVE
CVE
added 2016/10/13 7:0 p.m.1100 views

CVE-2016-6935

Adobe Creative Cloud Desktop on Windows is affected by CVE-2016-6935 due to an unquoted Windows search path in versions prior to 3.8.0.310, enabling local privilege escalation via a Trojan horse executable placed in the SYSTEMDRIVE root. The advisory APSB16-34 recommends updating to 3.8.0.310 to ...

7.8CVSS7.6AI score0.00768EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/04 12:0 a.m.9 views

The vulnerability of the Windows operating system, which allows a perpetrator to trigger a service failure

The vulnerability of the Search component in the Windows operating system exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating locally, to cause a service failure a decrease in performance through a specially created application...

1.9CVSS6.1AI score0.02718EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2016/06/16 7:0 a.m.26 views

Windows Search Denial of Service Vulnerability

This vulnerability occurs when the Windows Search component fails to properly handle certain objects in memory. An attacker who successfully exploited this vulnerability could cause server performance to degrade sufficiently to cause a denial of service condition. To exploit this vulnerability, a...

5CVSS5.1AI score0.02718EPSS
Exploits0
OSV
OSV
added 2016/06/16 1:59 a.m.1 views

CVE-2016-3230

The Search component in Microsoft Windows 7, Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to cause a denial of service performance degradation via a crafted application, aka "Windows Search Component Deni...

5CVSS5.8AI score0.02718EPSS
Exploits0References2
Cvelist
Cvelist
added 2016/05/14 1:0 a.m.33 views

CVE-2015-8156

Unquoted Windows search path vulnerability in EEDService in Symantec Endpoint Encryption SEE 11.x before 11.1.1 allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory, as demonstrated by program.exe...

7.7AI score0.00292EPSS
Exploits0References2
Prion
Prion
added 2015/11/24 8:59 p.m.25 views

Design/Logic Flaw

Unquoted Windows search path vulnerability in the Smart Maximize Helper nvSmartMaxApp.exe in the Control Panel in the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows allows local users to gain privileges via a Trojan horse application, as...

7.2CVSS6.9AI score0.00465EPSS
Exploits0References3Affected Software1
OpenVAS
OpenVAS
added 2015/09/08 12:0 a.m.23 views

Dell SonicWall NetExtender Privilege Escalation Vulnerability - Windows

Dell SonicWall NetExtender is prone to a privilege escalation vulnerability. This VT has been deprecated and replaced by the VT SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

6.9CVSS9.7AI score0.02066EPSS
Exploits0References1
CVE
CVE
added 2015/08/26 7:0 p.m.55 views

CVE-2015-4173

Dell SonicWall NetExtender is affected by CVE-2015-4173, a local privilege-escalation due to an unquoted Windows search path in the autorun value. Affected as: NetExtender before 7.5.227 and 8.0.x before 8.0.238, used with SRA firmware before 7.5.1.2-40sv and 8.x before 8.0.0.3-23sv. Root cause: ...

6.9CVSS8.7AI score0.02066EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2015/05/19 12:0 a.m.7 views

McAfee ePO Deep Command Local Elevation of Privilege Vulnerability

McAfee ePO Deep Command is an extension of McAfee's primary endpoint security management product. A security vulnerability in Client Management and Gateway handling of windows search paths in McAfee ePO Deep Command allows local users to exploit the vulnerability to elevate privileges...

7.2CVSS6.7AI score0.00472EPSS
Exploits0References1
Prion
Prion
added 2015/05/14 2:59 p.m.20 views

Design/Logic Flaw

Multiple unquoted Windows search path vulnerabilities in the 1 Client Management and 2 Gateway in McAfee ePO Deep Command 2.1 and 2.2 before HF 1058831 allow local users to gain privileges via unspecified vectors...

7.2CVSS7.4AI score0.00472EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2015/05/14 2:0 p.m.22 views

CVE-2015-3987

Multiple unquoted Windows search path vulnerabilities in the 1 Client Management and 2 Gateway in McAfee ePO Deep Command 2.1 and 2.2 before HF 1058831 allow local users to gain privileges via unspecified vectors...

9.3AI score0.00472EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2015/04/07 12:0 a.m.34 views

Foxit Reader < 7.1 Cloud Plugin Windows Search Path Vulnerability

Foxit Reader Cloud Plugin is prone to a windows search path vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

4.4CVSS8.5AI score0.03192EPSS
Exploits2References2
CNVD
CNVD
added 2015/03/31 12:0 a.m.3 views

Foxit Reader Cloud Plugin Non-Referenced Windows Search Path Vulnerability

Foxit Reader is China's Foxit Foxit Software Corporation of a PDF document reader. Cloud is one of the Foxit Cloud plug-ins. A non-referenced Windows search path vulnerability exists in the Foxit Cloud Safe Update Service in the Cloud plug-in for Foxit Reader versions 6.1 through 7.0.6.1126. A...

4.4CVSS7AI score0.03192EPSS
Exploits2References1
Prion
Prion
added 2015/03/30 2:59 p.m.24 views

Design/Logic Flaw

Unquoted Windows search path vulnerability in the Foxit Cloud Safe Update Service in the Cloud plugin in Foxit Reader 6.1 through 7.0.6.1126 allows local users to gain privileges via a Trojan horse program in the %SYSTEMDRIVE% folder...

4.4CVSS7AI score0.03192EPSS
Exploits2References6Affected Software1
Rows per page
Query Builder