Lucene search
K

218 matches found

Cvelist
Cvelist
added 2020/06/04 4:22 p.m.26 views

CVE-2018-21243

An issue was discovered in Foxit PhantomPDF before 8.3.6. It has COM object mishandling when Microsoft Word is used...

6.5AI score0.009EPSS
Exploits0References1
CVE
CVE
added 2020/06/04 4:22 p.m.53 views

CVE-2018-21243

Foxit PhantomPDF vulnerable prior to 8.3.6 due to COM object mishandling when Microsoft Word is used. The issue affects PhantomPDF

6.5CVSS6.4AI score0.009EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2020/02/11 10:15 p.m.34 views

CVE-2020-0685

An elevation of privilege vulnerability exists when Windows improperly handles COM object creation, aka 'Windows COM Server Elevation of Privilege Vulnerability'...

7.8CVSS8.2AI score0.00914EPSS
Exploits0References1
Prion
Prion
added 2020/02/11 10:15 p.m.16 views

Privilege escalation

An elevation of privilege vulnerability exists when Windows improperly handles COM object creation, aka 'Windows COM Server Elevation of Privilege Vulnerability'...

7.2CVSS7.8AI score0.00914EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2020/02/11 9:22 p.m.29 views

CVE-2020-0685

An elevation of privilege vulnerability exists when Windows improperly handles COM object creation, aka 'Windows COM Server Elevation of Privilege Vulnerability'...

8.2AI score0.00914EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2020/01/15 12:0 a.m.36 views

Microsoft Office Graph Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Graph COM...

7.8CVSS3.9AI score0.16962EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2019/12/11 12:0 a.m.55 views

Microsoft Windows Multiple Vulnerabilities (KB4530734)

This host is missing a critical security update according to Microsoft KB4530734 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...

9.3CVSS6.8AI score0.74438EPSS
Exploits10References3
NVD
NVD
added 2019/12/10 10:15 p.m.18 views

CVE-2019-1478

An elevation of privilege vulnerability exists when Windows improperly handles COM object creation, aka 'Windows COM Server Elevation of Privilege Vulnerability'...

7.8CVSS7.7AI score0.00827EPSS
Exploits0References1
Prion
Prion
added 2019/12/10 10:15 p.m.19 views

Privilege escalation

An elevation of privilege vulnerability exists when Windows improperly handles COM object creation, aka 'Windows COM Server Elevation of Privilege Vulnerability'...

7.2CVSS7.8AI score0.00827EPSS
Exploits0References1Affected Software2
Tenable Nessus
Tenable Nessus
added 2019/12/10 12:0 a.m.221 views

KB4530692: Windows 7 and Windows Server 2008 R2 December 2019 Security Update

The remote Windows host is missing security update 4530692 or cumulative update 4530734. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input. An attacker could exploit the...

9.3CVSS8.1AI score0.74438EPSS
Exploits10References15
Exploit DB
Exploit DB
added 2019/11/20 12:0 a.m.358 views

Microsoft Windows - Escalate UAC Protection Bypass (Via dot net profiler) (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows Escalate UAC Protection Bypass Via dot net profiler', 'Description' = %q Microsoft Windows allows for the automatic loading of a profilin...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2019/11/19 12:0 a.m.269 views

Windows Escalate UAC Protection Bypass Via Dot Net Profiler

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows Escalate UAC Protection Bypass Via dot net profiler', 'Description' = %q Microsoft Windows allows for the automatic loading of a profilin...

0.5AI score
Exploits0
OpenVAS
OpenVAS
added 2019/11/13 12:0 a.m.53 views

Microsoft Windows Multiple Vulnerabilities (KB4523205)

This host is missing a critical security update according to Microsoft KB4523205 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...

9.9CVSS7.1AI score0.75859EPSS
Exploits36References3
OpenVAS
OpenVAS
added 2019/11/13 12:0 a.m.54 views

Microsoft Windows Multiple Vulnerabilities (KB4525237)

This host is missing a critical security update according to Microsoft KB4525237 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...

9.9CVSS7.1AI score0.75859EPSS
Exploits36References3
Vulnrichment
Vulnrichment
added 2019/11/12 6:53 p.m.13 views

CVE-2019-1405

An elevation of privilege vulnerability exists when the Windows Universal Plug and Play UPnP service improperly allows COM object creation, aka 'Windows UPnP Service Elevation of Privilege Vulnerability'...

6.9AI score0.2995EPSS
Exploits24References2
Positive Technologies
Positive Technologies
added 2019/11/12 12:0 a.m.6 views

PT-2019-3921 · Microsoft · Windows Universal Plug/Play (Upnp) Service +1

Name of the Vulnerable Software and Affected Versions: Microsoft Windows Universal Plug and Play UPnP Service affected versions not specified Description: An elevation of privilege issue exists due to the improper allowance of COM object creation by the Windows Universal Plug and Play UPnP servic...

7.8CVSS8AI score0.2995EPSS
Exploits24References30
Microsoft Secure
Microsoft Secure
added 2019/07/01 4:25 p.m.52 views

Delivering major enhancements in Windows Defender Application Control with the Windows 10 May 2019 Update

With the Windows 10 May 2019 Update we delivered several important features for Windows Defender Application Control WDAC, which was originally introduced to Windows as part of a scenario called Device Guard. WDAC works in conjunction with features like Windows Defender Application Guard, which...

7.5AI score
Exploits0
FireEye
FireEye
added 2019/06/11 3:15 p.m.86 views

Hunting COM Objects (Part Two)

Background As a follow up to Part One in this blog series on COM object hunting, this post will talk about taking the COM object hunting methodology deeper by looking at interesting COM object methods exposed in properties and sub-properties of COM objects. What is a COM Object? According to...

0.7AI score
Exploits0References7
exploitpack
exploitpack
added 2019/01/16 12:0 a.m.27 views

Microsoft Windows 10 - RestrictedErrorInfo Unmarshal Section Handle Use-After-Free

Microsoft Windows 10 - RestrictedErrorInfo Unmarshal Section Handle Use-After-Free Windows: RestrictedErrorInfo Unmarshal Section Handle UAF EoP Platform: Windows 10 1709/1809 Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria: User boundary Summary: The WinRT...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/01/15 12:0 a.m.56 views

Microsoft Windows 10 - Browser Broker Cross Session Privilege Escalation Exploit

Exploit for windows platform in category local exploits Windows: Browser Broker Cross Session EoP Platform: Windows 10 1803 not tested anything else. Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria: Session Boundary Summary: The Browser Broker COM object...

6.8CVSS8.5AI score0.18617EPSS
Exploits2
Rows per page
Query Builder