Lucene search
K

241 matches found

Positive Technologies
Positive Technologies
added 2020/02/11 12:0 a.m.3 views

PT-2020-1658 · Microsoft · Chakracore +1

Name of the Vulnerable Software and Affected Versions: Microsoft Edge affected versions not specified Description: The issue is related to errors in handling objects in memory by the ChakraCore JavaScript engine. This could allow a remote attacker to execute arbitrary code, potentially gaining th...

7.6CVSS7.8AI score0.10124EPSS
Exploits0References10
BDU FSTEC
BDU FSTEC
added 2020/01/22 12:0 a.m.4 views

The vulnerability of the Windows operating system update notification dispatcher allows a hacker to escalate their privileges.

The vulnerability of the Windows operating system update notification dispatcher is related to file handling errors. Exploiting this vulnerability can allow an attacker to enhance their privileges through a specially created application...

7.8CVSS7.2AI score0.02928EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2020/01/20 12:0 a.m.4 views

The vulnerability of the Windows operating system’s search indexer allows a hacker to enhance their privileges.

The vulnerability of the Windows Search Indexer exists due to errors in memory object handling. Exploiting this vulnerability can allow an attacker to enhance their privileges through a specially created application...

7.8CVSS7.1AI score0.00749EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2020/01/20 12:0 a.m.7 views

The vulnerability of the Windows operating system’s search indexer allows a hacker to enhance their privileges.

The vulnerability of the Windows Search Indexer exists due to errors in memory object handling. Exploiting this vulnerability can allow an attacker to enhance their privileges through a specially created application...

7.8CVSS7.1AI score0.00749EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2019/12/17 12:0 a.m.6 views

The vulnerability of the RDP protocol implementation in Windows operating systems allows attackers to disclose sensitive information.

The vulnerability of the RDP protocol implementation in Windows operating systems is related to errors in memory object handling. Exploiting this vulnerability allows a malicious actor to disclose sensitive information through a specially created application...

6.8CVSS7.1AI score0.07736EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2019/12/17 12:0 a.m.4 views

The vulnerability of Microsoft Word, Microsoft Office products, and Office 365 allows a perpetrator to execute arbitrary code.

The vulnerabilities of Microsoft Office packages, Office 365, and the Microsoft Word text editor are related to errors in memory object handling. Exploiting these vulnerabilities can allow a malicious actor to execute arbitrary code remotely, using a specially crafted web page or file...

10CVSS7AI score0.04643EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2019/12/09 12:0 a.m.6 views

The vulnerability of the Windows Data Sharing Service, a component of the Windows operating system, allows attackers to exploit their privileges.

The vulnerability of the Windows Data Sharing Service, a component of the Windows operating system, is related to errors in file handling. Exploiting this vulnerability can allow an attacker to enhance their privileges through a specially created application...

7.8CVSS7.1AI score0.00713EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2019/12/03 12:0 a.m.3 views

The vulnerability of the Win32k component in Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Win32k component in Windows operating systems is related to errors in memory object handling. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

5.5CVSS5.9AI score0.01765EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2019/12/03 12:0 a.m.7 views

The vulnerability of the Win32k component in Windows operating systems, allowing a hacker to execute arbitrary code

The vulnerability of the Win32k component in Windows operating systems is related to errors in memory object handling. Exploiting this vulnerability allows an attacker to execute arbitrary code through a specially created application...

7.8CVSS7.7AI score0.01324EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2019/12/03 12:0 a.m.6 views

The vulnerability of the Windows Data Sharing Service, a component of the Windows operating system, allows attackers to exploit their privileges.

The vulnerability of the Windows Data Sharing Service, a component of the Windows operating system, is related to errors in file handling. Exploiting this vulnerability can allow an attacker to enhance their privileges through a specially created application...

7.8CVSS7.1AI score0.00713EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2019/11/25 12:0 a.m.4 views

The vulnerability of the executable file splwow64.exe in the Windows operating system allows a hacker to gain elevated privileges.

The vulnerability of the executable file splwow64.exe in the Windows operating system is related to errors in call handling. Exploiting this vulnerability can allow an attacker to gain increased privileges...

7.8CVSS7.1AI score0.00754EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2019/11/25 12:0 a.m.5 views

The vulnerability of the DirectWrite programming interface in Windows operating systems allows attackers to gain unauthorized access to protected information.

The vulnerability of the DirectWrite programming interface in Windows operating systems is related to errors in object handling in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially created web page or document...

7.1CVSS5.8AI score0.0521EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2019/11/25 12:0 a.m.6 views

The vulnerability of the Windows Data Sharing Service, a data exchange service for the Windows operating system, allows attackers to escalate their privileges.

The vulnerability of the Windows Data Sharing Service in the Windows operating system is related to file handling errors. Exploiting this vulnerability can allow attackers to enhance their privileges through a specially created application...

7.8CVSS7.2AI score0.00713EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2019/11/19 12:0 a.m.6 views

The vulnerability of the ReadGIFImage function (coder/gif.c) in the cross-platform library for handling graphics, GraphicsMagick, and the console-based graphic editor ImageMagick, allowing an intruder to gain unauthorized access to protected information.

The vulnerability of the ReadGIFImage function coder/gif.c in the cross-platform graphics library GraphicsMagick and the console-based graphic editor ImageMagick exists due to errors in object handling in memory. Exploiting this vulnerability could allow an attacker to gain unauthorized access to...

7.8CVSS7.1AI score0.19193EPSS
Exploits4References11Affected Software4
BDU FSTEC
BDU FSTEC
added 2019/11/11 12:0 a.m.4 views

The vulnerability of the mms_ReceiveCommand function (modules/access/mms/mmstu.c) in the VideoLAN VLC media player software allows a hacker to execute arbitrary code.

The vulnerability of the mmsReceiveCommand function in the VideoLAN VLC media player’s modules/access/mms/mmstu.c file is related to integer handling errors. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

6.8CVSS5.9AI score0.11035EPSS
Exploits1References7Affected Software2
BDU FSTEC
BDU FSTEC
added 2019/11/04 12:0 a.m.4 views

The vulnerability of the JavaScript script handler ChakraCore in the Microsoft Edge browser allows a hacker to execute arbitrary code.

The vulnerability of the JavaScript script handler ChakraCore in the Microsoft Edge browser is related to errors in memory object handling. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user...

7.6CVSS6AI score0.09703EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2019/10/29 12:0 a.m.5 views

The vulnerability of the VBScript script handler in Internet Explorer allows a hacker to execute arbitrary code.

The vulnerability of VBScript script handlers in Internet Explorer exists due to errors in memory object handling. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user...

7.1CVSS6AI score0.05478EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/10/24 12:0 a.m.4 views

The vulnerability of the Windows Code Integrity Module in operating systems allows attackers to gain unauthorized access to protected information.

The vulnerability of the Windows Code Integrity Module in operating systems relates to errors in memory object handling. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

5.5CVSS5.5AI score0.02863EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2019/10/24 12:0 a.m.5 views

The vulnerability of Windows operating systems, related to errors in memory object handling, allows a perpetrator to trigger a system failure.

The vulnerability of Windows operating systems is related to errors in memory object handling. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

7.1CVSS5.5AI score0.13988EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2019/10/09 12:0 a.m.4 views

The vulnerability of the baseURI component in browsers such as Firefox ESR, Firefox, and the email client Thunderbird allows attackers to influence the integrity of protected information.

The vulnerability of the baseURI component in browsers such as Firefox ESR, Firefox, and the email client Thunderbird is related to permission handling errors. Exploiting this vulnerability can allow a malicious actor to influence the integrity of protected information from a remote location...

7.8CVSS5.5AI score0.01871EPSS
Exploits0References6Affected Software5
Rows per page
Query Builder