Lucene search
K

133 matches found

BDU FSTEC
BDU FSTEC
added 2023/03/28 12:0 a.m.6 views

The vulnerability of the McAfee Total Protection antivirus protection, related to deficiencies in access control to the registry, allows a hacker to modify the Component Object Model (COM) in the Windows registry.

The vulnerability of the McAfee Total Protection antivirus protection lies in its lack of access control for accessing the registry. Exploiting this vulnerability could allow an attacker to modify the Component Object Model COM in the Windows registry...

6.3CVSS6.6AI score0.00261EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2023/03/21 12:0 a.m.5 views

McAfee Total Protection 安全漏洞

McAfee Total Protection MTP is a suite of antivirus software from McAfee, Inc. in the United States. A security vulnerability exists in McAfee Total Protection prior to version 16.0.50, which stems from a vulnerability that allows an attacker to modify the McAfee-specific component object model i...

6.7CVSS6.6AI score0.00261EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:35 a.m.3 views

SUSE CVE-2013-4926

epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 does not properly determine whether there is remaining packet data to process, which allows remote attackers to cause a denial of service application crash via a crafted packet...

5CVSS7.3AI score0.02848EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2021/11/18 12:0 a.m.7 views

Vulnerability of the Microsoft COM component in the Windows operating system, allowing a hacker to execute arbitrary code

The vulnerability of the Microsoft COM component in the Windows operating system is related to improper code generation management. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9CVSS8AI score0.0191EPSS
Exploits0References4
OSV
OSV
added 2021/11/10 1:19 a.m.2 views

CVE-2021-42275

Microsoft COM for Windows Remote Code Execution Vulnerability...

8.8CVSS5.9AI score0.0191EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2021/11/10 1:19 a.m.3 views

CVE-2021-42275

Microsoft COM for Windows Remote Code Execution Vulnerability...

8.8CVSS5.9AI score0.0191EPSS
Exploits0References2Affected Software26
BDU FSTEC
BDU FSTEC
added 2021/05/26 12:0 a.m.10 views

The vulnerability of Microsoft Office packages and Microsoft Office Web Apps arises from improper code generation management, allowing an attacker to execute arbitrary code.

The vulnerability of Microsoft Office packages and Microsoft Office Web Apps is related to improper code generation during the processing of COM objects. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created malware file or a specially crafted...

7.8CVSS7.6AI score0.03156EPSS
Exploits0References7
OSV
OSV
added 2021/04/09 6:15 p.m.4 views

CVE-2020-13534

A privilege escalation vulnerability exists in Dream Report 5 R20-2. COM Class Identifiers CLSID, installed by Dream Report 5 20-2, reference LocalServer32 and InprocServer32 with weak privileges which can lead to privilege escalation when used. An attacker can provide a malicious file to trigger...

7.8CVSS7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2021/02/07 8:30 p.m.69 views

COM-Code-Helper - Two IDAPython Scripts Help You To Reconstruct Microsoft COM (Component Object Model) Code

Two IDAPython Scripts help you to reconstruct Microsoft COM Component Object Model Code Especially malware reversers will find this useful, as COM Code is still regularly found in malware. ClassAndInterfaceToNames.py This IDAPython script scans an idb file for class and interfaces UUIDs and creat...

7.6AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/10/20 12:0 a.m.4 views

The vulnerability of the Windows COM Server component of the Windows operating system, which allows attackers to escalate their privileges

The vulnerability of the Windows COM Server component of the operating system is related to errors in the processing of COM objects. Exploiting this vulnerability can allow attackers to enhance their privileges through a specially created application...

7.8CVSS7.2AI score0.00986EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2020/10/20 12:0 a.m.9 views

The vulnerability of the Windows COM Server component of the Windows operating system, which allows attackers to escalate their privileges

The vulnerability of the Windows COM Server component of the operating system is related to errors in the processing of COM objects. Exploiting this vulnerability can allow attackers to enhance their privileges through a specially created application...

7.8CVSS7.2AI score0.0096EPSS
Exploits0References3
OSV
OSV
added 2020/10/16 11:15 p.m.2 views

CVE-2020-16935

An elevation of privilege vulnerability exists when Windows improperly handles COM object creation. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit this vulnerability, an attacker would first have to log on to the system. An...

7.8CVSS7.3AI score0.00986EPSS
Exploits0References1
OSV
OSV
added 2020/10/16 11:15 p.m.2 views

CVE-2020-16916

An elevation of privilege vulnerability exists when Windows improperly handles COM object creation. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit this vulnerability, an attacker would first have to log on to the system. An...

7.8CVSS7.3AI score0.0096EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/10/13 12:0 a.m.2 views

PT-2020-4266 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to an elevation of privilege vulnerability that exists when Windows improperly handles COM object creation. This could allow an attacker to run arbitrary code with...

7.8CVSS7.5AI score0.00986EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2020/10/13 12:0 a.m.3 views

PT-2020-4273 · Microsoft · Windows Com Server +1

Name of the Vulnerable Software and Affected Versions: Windows COM Server affected versions not specified Description: The issue is related to errors in processing COM object creation, which can allow an attacker to elevate their privileges using a specially crafted application. To exploit this, ...

7.8CVSS7.4AI score0.0096EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2020/09/22 12:0 a.m.6 views

The vulnerability of the Microsoft Component Object Model (COM) in Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the Microsoft Component Object Model COM in Windows operating systems is related to errors in processing input data. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...

10CVSS8AI score0.0453EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2020/09/22 12:0 a.m.5 views

The vulnerability of the Microsoft COM component in Windows operating systems, which allows a hacker to escalate their privileges

The vulnerability of the Microsoft Component Object Model COM in Windows operating systems is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to enhance their privileges through a specially created file...

7.9CVSS7.7AI score0.02747EPSS
Exploits0References2
OSV
OSV
added 2020/09/11 5:15 p.m.4 views

CVE-2020-1507

An elevation of privilege vulnerability exists in the way that Microsoft COM for Windows handles objects in memory. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system. To exploit the vulnerability, a user would have to open a specially...

7.9CVSS7.3AI score0.02747EPSS
Exploits0References1
OSV
OSV
added 2020/09/11 5:15 p.m.3 views

CVE-2020-0922

A remote code execution vulnerability exists in the way that Microsoft COM for Windows handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system. To exploit the vulnerability, a user would have to open a specially crafted...

8.8CVSS8AI score0.0453EPSS
Exploits0References1
CNVD
CNVD
added 2020/09/09 12:0 a.m.3 views

Microsoft COM for Windows Remote Code Execution Vulnerability (CNVD-2021-01045)

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. Windows COM is a binary interface standard for a set of software components from Microsoft...

9.3CVSS8.4AI score0.0453EPSS
Exploits0References1
Rows per page
Query Builder