Lucene search
K

216 matches found

Symantec
Symantec
added 2018/11/13 12:0 a.m.391 views

Microsoft Internet Explorer CVE-2018-8570 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Internet Explorer 11 is are vulnerable...

0.2AI score0.14159EPSS
Exploits0References1Affected Software1
Symantec
Symantec
added 2018/10/09 12:0 a.m.176 views

Microsoft PowerPoint CVE-2018-8501 Security Bypass Vulnerability

Description Microsoft PowerPoint is prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary code in the context of the affected application; this may aid in launching further attacks. Technologies Affected Microso...

0.4AI score0.18674EPSS
Exploits0References1Affected Software3
OSV
OSV
added 2018/10/05 1:22 p.m.6 views

SUSE-SU-2018:3045-1 Security update for java-1_8_0-openjdk

This update for java-180-openjdk to the jdk8u181 icedtea 3.9.0 release fixes the following issues: These security issues were fixed: - CVE-2018-2938: Difficult to exploit vulnerability allowed unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful...

9CVSS5.6AI score0.04676EPSS
Exploits0References10
The Hacker News
The Hacker News
added 2018/08/22 2:4 p.m.1187 views

New Apache Struts RCE Flaw Lets Hackers Take Over Web Servers

Semmle security researcher Man Yue Mo has disclosed a critical remote code execution vulnerability in the popular Apache Struts web application framework that could allow remote attackers to run malicious code on the affected servers. Apache Struts is an open source framework for developing web...

10CVSS0.3AI score0.99999EPSS
Exploits104
OSV
OSV
added 2018/08/14 4:29 p.m.5 views

CVE-2018-5392

mingw-w64 version 5.0.4 by default produces executables that opt in to ASLR, but are not compatible with ASLR. ASLR is an exploit mitigation technique used by modern Windows platforms. For ASLR to function, Windows executables must contain a relocations table. Despite containing the "Dynamic base...

7.5CVSS6.6AI score
Exploits0References1
UbuntuCve
UbuntuCve
added 2018/08/14 4:29 p.m.16 views

CVE-2018-5392

mingw-w64 version 5.0.4 by default produces executables that opt in to ASLR, but are not compatible with ASLR. ASLR is an exploit mitigation technique used by modern Windows platforms. For ASLR to function, Windows executables must contain a relocations table. Despite containing the "Dynamic base...

7.5CVSS7.1AI score0.01426EPSS
Exploits0References5
Cvelist
Cvelist
added 2018/08/14 4:0 p.m.17 views

CVE-2018-5392 mingw-w64 version 5.0.4 by default produces executables that opt in to ASLR, but are not compatible with ASLR

mingw-w64 version 5.0.4 by default produces executables that opt in to ASLR, but are not compatible with ASLR. ASLR is an exploit mitigation technique used by modern Windows platforms. For ASLR to function, Windows executables must contain a relocations table. Despite containing the "Dynamic base...

7.6AI score0.01426EPSS
Exploits0References1
CVE
CVE
added 2018/08/14 4:0 p.m.64 views

CVE-2018-5392

CVE-2018-5392 affects mingw-w64 5.0.4 where executables claim ASLR compatibility but lack a relocations table, despite Dynamic Base headers. This mismatch means Windows binaries produced by mingw-w64 are not ASLR-compatible; the missing relocations table enables return-oriented programming (ROP) ...

7.5CVSS7.4AI score0.01426EPSS
Exploits0References1Affected Software1
Symantec
Symantec
added 2018/06/12 12:0 a.m.47 views

Microsoft Office CVE-2018-8245 Privilege Escalation Vulnerability

Description Microsoft Office is prone to a privilege-escalation vulnerability. An attackers may exploit this issue to gain elevated privileges. Technologies Affected Microsoft Publisher 2010 Service Pack 2 32-bit editions Microsoft Publisher 2010 Service Pack 2 64-bit editions Recommendations Run...

0.8AI score0.15416EPSS
Exploits0References1Affected Software1
The Hacker News
The Hacker News
added 2018/05/29 9:34 a.m.97 views

Critical RCE Flaw Discovered in Blockchain-Based EOS Smart Contract System

Security researchers have discovered a series of new vulnerabilities in EOS blockchain platform, one of which could allow remote hackers to take complete control over the node servers running the critical blockchain-based applications. EOS is an open source smart contract platform, known as...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2018/04/16 12:0 a.m.13 views

Microsoft Windows - nt!NtQueryInformationTransactionManager (TransactionManagerRecoveryInformation) Kernel Pool Memory Disclosure

Microsoft Windows - nt!NtQueryInformationTransactionManager TransactionManagerRecoveryInformation Kernel Pool Memory Disclosure / We have discovered that the nt!NtQueryInformationTransactionManager system call invoked with the TransactionManagerRecoveryInformation 4 information class may disclose...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2018/03/23 12:0 a.m.37 views

Windows Kernel 64-bit stack memory disclosure in nt!KiDispatchException(CVE-2018-0897)

We have discovered a new Windows kernel memory disclosure vulnerability in the creation and copying of a EXCEPTIONRECORD structure to user-mode memory while passing execution to a user-mode exception handler. The vulnerability affects 64-bit versions of Windows 7 to 10. The leak was originally...

5.5AI score0.02435EPSS
Exploits5
exploitpack
exploitpack
added 2018/03/20 12:0 a.m.12 views

Microsoft Windows Kernel - NtQueryInformationThread(ThreadBasicInformation) 64-bit Stack Memory Disclosure

Microsoft Windows Kernel - NtQueryInformationThreadThreadBasicInformation 64-bit Stack Memory Disclosure / We have discovered that the nt!NtQueryInformationThread system call invoked with the 0 information class ThreadBasicInformation discloses portions of uninitialized kernel stack memory to...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2018/03/07 12:0 a.m.171 views

Tenda AC15 Router - Unauthenticated Remote Code Execution(CVE-2018-5767)

INTRODUCTION In this post we will be presenting a pre-authenticated remote code execution vulnerability present in Tenda’s AC15 router. We start by analysing the vulnerability, before moving on to our regular pattern of exploit development – identifying problems and then fixing those in turn to...

7.5CVSS10AI score0.41403EPSS
Exploits5
0day.today
0day.today
added 2018/03/05 12:0 a.m.35 views

Xion 1.0.125 - .m3u Local SEH-Based Unicode Venetian Exploit

Exploit for windows platform in category local exploits !/usr/bin/perl Title: Xion 1.0.125 .m3u File Local SEH-based Unicode The “Venetian” Exploit Vulnerability Type: Execute Code, Overflow UTF-16LE buffer, Memory corruption Date: Feb 18, 2018 Author: James Anderson synthetic Original Advisory:...

0.1AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2018/02/21 5:0 p.m.48 views

How to mitigate rapid cyberattacks such as Petya and WannaCrypt

In the first blog post of this 3-part series, we introduced what rapid cyberattacks are and illustrated how rapid cyberattacks are different in terms of execution and outcome. In the second blog post, we provided some details on Petya and how it worked. In this final blog post, we will share:...

7.2AI score
Exploits0
CERT
CERT
added 2017/11/17 12:0 a.m.513 views

Windows 8 and later fail to properly randomize every application if system-wide mandatory ASLR is enabled via EMET or Windows Defender Exploit Guard

Overview Microsoft Windows 8 introduced a change in how system-wide mandatory ASLR is implemented. This change requires system-wide bottom-up ASLR to be enabled for mandatory ASLR to receive entropy. Tools that enable system-wide ASLR without also setting bottom-up ASLR will fail to properly...

7AI score
Exploits0References5
Microsoft Malware Protection
Microsoft Malware Protection
added 2017/10/23 1:5 p.m.4313 views

Windows Defender Exploit Guard: Reduce the attack surface against next-generation malware

Windows Defender Exploit Guard is a new set of intrusion prevention capabilities that ships with the Windows 10 Fall Creators Update. The four components of Windows Defender Exploit Guard are designed to lock down the device against a wide variety of attack vectors and block behaviors commonly us...

9.3CVSS8.5AI score0.88698EPSS
Exploits17
ICS
ICS
added 2017/10/10 12:0 a.m.89 views

JanTek JTC-200

CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Public exploits are available. Vendor: JanTek Equipment: JTC-200 Vulnerabilities: Cross-site Request Forgery, Improper Authentication AFFECTED PRODUCTS The following versions of JTC-200, a TCP/IP converter, are affected:...

10CVSS9.6AI score0.02392EPSS
Exploits2References3
ThreatPost
ThreatPost
added 2017/08/18 12:0 p.m.13 views

It's Not Exactly Open Season on the iOS Secure Enclave

The black box that is Apple’s iOS Secure Enclave may have been pried open, but that doesn’t necessarily mean it’s open season on iPhones and iPads worldwide. Yesterday’s public disclosure of the decryption key for the Secure Enclave Processor firmware does indeed allow white and black hats to pok...

7.1AI score
Exploits0References5
Rows per page
Query Builder