8704 matches found
Windows Kernel Information Disclosure Vulnerability
An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have t...
Windows Kernel Information Disclosure Vulnerability
An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information t...
Windows Kernel Information Disclosure Vulnerability
An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information t...
Windows Kernel Information Disclosure Vulnerability
An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information t...
Windows Kernel Information Disclosure Vulnerability
An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information t...
Windows Kernel Information Disclosure Vulnerability
An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information t...
Windows kernel information disclosure vulnerability: June 13, 2017
Windows kernel information disclosure vulnerability: June 13, 2017 Summary An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attack...
Windows Kernel Information Disclosure Vulnerability
An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information t...
Windows Kernel Information Disclosure Vulnerability
An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information t...
Windows Kernel Information Disclosure Vulnerability
An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information t...
Cisco TelePresence Endpoint Denial of Service Vulnerability
Cisco TelePresence is a Cisco TelePresence solution. A security vulnerability in the session initialization protocol of the Cisco TelePresence Codec TC and Collaboration Endpoint CE software can be exploited by an attacker to cause an unintended reload of an affected endpoint, resulting in a deni...
CVE-2017-6178: from patch contrast-to-Exploit-vulnerability warning-the black bar safety net
Some time ago in the EDB poking around, saw a driver of a kernel Vulnerability, CVE-2017-6178, like me in learning the Kernel PWN the newbie Natural is not missed:, after debugging analysis after feeling learned a few things, so come and share with everyone. USBPcap is a USB packet capture tool,...
Initialization Vector Reuse
pysaml2 reuses initialization vectors for AES encryption. This may leak information about encrypted data to attackers...
openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2017-629)
This update for java-170-openjdk fixes the following issues : - Update to 2.6.10 - OpenJDK 7u141 bsc1034849 - Security fixes - S8163520, CVE-2017-3509: Reuse cache entries - S8163528, CVE-2017-3511: Better library loading - S8165626, CVE-2017-3512: Improved window framing - S8167110, CVE-2017-351...
Security fix for the ALT Linux 7 package samba-DC version 4.5.10-alt1.M70P.1
4.5.10-alt1.M70P.1 built May 25, 2017 Evgeny Sinelnikov in task 183302 May 24, 2017 Evgeny Sinelnikov - Update to second spring security release - Fix longtime initialization bug in ldb proxy - Security fixes: + CVE-2017-7494 Remote code execution from a writable share...
ImageMagick Information Disclosure Vulnerability (CNVD-2017-07513)
ImageMagick is a set of open-source image processing software from the U.S. company ImageMagick Studio. The software can read, convert and write pictures in a variety of formats. An information disclosure vulnerability exists in versions of ImageMagick prior to 7.0.5-2, which stems from the failu...
CVE-2017-9098
ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE decoder, allowing an attacker to leak sensitive information from process memory space, as demonstrated by remote attacks against ImageMagick code in a long-running server process that converts image da...
(Pwn2Own) Apple macOS AppleMultitouchDevice Uninitialized Memory Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handlin...
SUSE-SU-2017:1313-1 Security update for libxslt
This update for libxslt fixes the following issues: - CVE-2017-5029: The xsltAddTextString function in transform.c lacked a check for integer overflow during a size calculation, which allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page bsc1035905. -...
SUSE-SU-2017:1282-1 Security update for libxslt
This update for libxslt fixes the following issues: - CVE-2017-5029: The xsltAddTextString function in transform.c lacked a check for integer overflow during a size calculation, which allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page bsc1035905. -...