CVE-2019-15348

The Tecno Camon Android device with a build fingerprint of TECNO/H612/TECNO-ID5a:8.1.0/O11019/F-180828V106:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.0.11. This app contains an exported service named...

October 2, 2018, update for Office 2016 (KB4011669)

October 2, 2018, update for Office 2016 KB4011669 This article describes update 4011669 for Microsoft Office 2016 that was released on October 2, 2018. This update has a prerequisite.Be aware that the update on the Microsoft Download Center applies to the Microsoft Installer .msi-based edition of...

CVE-2019-14822

A flaw was discovered in ibus that allows any unprivileged user to monitor and send method calls to the ibus bus of another user due to a misconfiguration in the DBus server setup. A local attacker may use this flaw to intercept all keystrokes of a victim user who is using the graphical interface...

UBUNTU-CVE-2019-14822

A flaw was discovered in ibus in versions before 1.5.22 that allows any unprivileged user to monitor and send method calls to the ibus bus of another user due to a misconfiguration in the DBus server setup. A local attacker may use this flaw to intercept all keystrokes of a victim user who is usi...

Windows Text Service Framework Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in Windows Text Service Framework TSF when the TSF server process does not validate the source of input or commands it receives. An attacker who successfully exploited this vulnerability could inject commands or read input sent through a malicious...

KB4516044: Windows 10 Version 1607 and Windows Server 2016 September 2019 Security Update

The remote Windows host is missing security update 4516044. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists in Windows Text Service Framework TSF when the TSF server process does not validate the source of input or commands it receives. An...

Sogou Input Method Exe Hijacking Vulnerability

Sogou Input Method is a Chinese character input method tool. Sogou Input Method suffers from an exe hijacking vulnerability, which can be exploited by attackers to run malicious files during update checks...

April 25, 2019—KB4493443 (Preview of Monthly Rollup)

April 25, 2019—KB4493443 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4493446 released April 9, 2019 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Addresses an iss...

Update for Windows Server 2008 SP2: April 25, 2019

Update for Windows Server 2008 SP2: April 25, 2019 Summary This update includes the quality improvements from KB4493458, in addition to new Japanese Era related changes. Key changes include: Updates the NLS registry to support the new Japanese Era. Addresses an issue that causes the Date and Time...

April 25, 2019—KB4493460 (Preview of Monthly Rollup)

April 25, 2019—KB4493460 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4493471released April 9, 2019 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Addresses an issu...

May 14, 2019—KB4499151 (Monthly Rollup)

May 14, 2019—KB4499151 Monthly Rollup Improvements and fixes This security update includes improvements and fixes that were a part of update KB4493443 released April 25, 2019 and addresses the following issues: Provides protections against a new subclass of speculative execution side-channel...

April 25, 2019—KB4498375 (OS Build 10240.18187)

April 25, 2019—KB4498375 OS Build 10240.18187 Improvements and fixes This update includes quality improvements. Key changes include: Addresses an issue that prevents an input method editor IME from supporting the new Japanese Era character. Updates the NLS registry to support the new Japanese Era...

CVE-2018-15007

The Sky Elite 6.0L+ Android device with a build fingerprint of SKY/x6069trxl601sky/x6069trxl601sky:6.0/MRA58K/1482897127:user/release-keys contains a pre-installed platform app with a package name of com.fw.upgrade.sysoper versionCode=238, versionName=2.3.8 that contains an exported broadcast...

CVE-2018-7925

The radio module of some Huawei smartphones Emily-AL00A The versions before 8.1.0.171C00 have a lock-screen bypass vulnerability. An unauthenticated attacker could start third-part input method APP through certain operations to bypass lock-screen by exploit this vulnerability...

Huawei Emily-AL00A cell phone lock screen bypass vulnerability

Emily-AL00A is a smartphone launched by Huawei. A lock screen bypass vulnerability exists in the radio module of the Huawei Emily-AL00A phone. An unauthenticated attacker can exploit this vulnerability to bypass the lock screen and launch a third-party input method installed on the phone via...

Security Advisory - Lock-screen Bypass Vulnerability in Huawei Smartphones

There is a lock-screen bypass vulnerability in radio module of some Huawei smartphones. An unauthenticated attacker could start third-part input method APP through certain operations to bypass lock-screen by exploit this vulnerability. Vulnerability ID: HWPSIRT-2018-04055 This vulnerability has...

CVE-2018-18398

Xfce Thunar 1.6.15, when Xfce 4.12 is used, mishandles the IBus-Unikey input method for file searches within File Manager, leading to an out-of-bounds read and SEGV. This could potentially be exploited by an arbitrary local user who creates files in /tmp before the victim uses this input method...

July 12, 2016 — KB3163912 (OS Build 10240.17024)

July 12, 2016 — KB3163912 OS Build 10240.17024 This update includes quality improvements and security fixes. No new operating system features are being introduced in this update. Key changes include: Improved reliability of Internet Explorer 11, Windows Explorer, and Windows Update. Fixed issue i...

November 8, 2016 — KB3198585 (OS Build 10240.17190)

November 8, 2016 — KB3198585 OS Build 10240.17190 This update includes quality improvements and security updates. No new operating system features are being introduced in this update. Key changes include: Addressed issue to update the Access Point Name APN database. Addressed issue with deadlocks...

July 31, 2017—KB4032188 (OS Build 15063.502)

July 31, 2017—KB4032188 OS Build 15063.502 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed issue that causes a Microsoft Installer MSI application to fail for standard non-admin...