3832 matches found
CVE-2018-10320
CVE-2018-10320 affects Frog CMS 0.9.5 with a stored/reflected XSS via the admin/?/layout/edit layout[name] parameter (Edit Layout). The CNVD entry and NVD description confirm a cross-site scripting vulnerability in Frog CMS 0.9.5, exploitable remotely by crafting the name input to inject script. ...
Frog CMS Cross-Site Scripting Vulnerability (CNVD-2018-08554)
Frog CMS is a content management system CMS developed by software developer Philippe Archambault. The system provides tools for page templates, user rights management, and document management. A cross-site scripting vulnerability exists in Frog CMS version 0.9.5. A remote attacker can exploit the...
Foxit Reader XFA layout sheet Type Confusion Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...
Foxit Reader XFA layout Type Confusion Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...
Product update: Virtuozzo 7.0 Update 7 Hotfix 1 (7.0.7-445)
The Hotfix 1 for Virtuozzo 7.0 Update 7 provides stability and usability bug fixes. Vulnerability id: PSBM-82558 Container migration could sometimes fail due to a CRIU issue. Vulnerability id: PSBM-82711 'prlctl qemu-update' could fail due to unnamed dirty bitmaps. This could result in backups no...
CVE-2018-0971
An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization ASLR bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server...
CVE-2018-0974
An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization ASLR bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server...
CVE-2018-0969
An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization ASLR bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server...
CVE-2018-0972
An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization ASLR bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server...
CVE-2018-0975
An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization ASLR bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server...
Microsoft Windows Kernel Information Disclosure Vulnerability (CNVD-2018-08569)
Microsoft Windows 10 and others are a series of operating systems released by Microsoft Corporation in the U.S. Windows kernel is one of the Windows system kernels. An information disclosure vulnerability exists in Microsoft Windows kernel. An attacker can exploit this vulnerability by logging on...
Microsoft Windows Kernel Information Disclosure Vulnerability (CNVD-2018-08570)
Microsoft Windows 10 and others are a series of operating systems released by Microsoft Corporation in the U.S. Windows kernel is one of the Windows system kernels. An information disclosure vulnerability exists in Microsoft Windows kernel. An attacker can exploit this vulnerability by logging on...
Microsoft Windows Kernel Information Disclosure Vulnerability (CNVD-2018-08571)
Microsoft Windows 10 and others are a series of operating systems released by Microsoft Corporation in the U.S. Windows kernel is one of the Windows system kernels. An information disclosure vulnerability exists in Microsoft Windows kernel. An attacker can exploit this vulnerability by logging on...
Microsoft Windows Kernel Information Disclosure Vulnerability (CNVD-2018-08334)
Microsoft Windows 10 and others are a series of operating systems released by Microsoft Corporation in the U.S. Windows kernel is one of the Windows system kernels. An information disclosure vulnerability exists in Microsoft Windows kernel. An attacker can exploit this vulnerability by logging on...
Microsoft Windows Kernel Information Disclosure Vulnerability (CNVD-2018-08800)
Microsoft Windows 10 and others are a series of operating systems released by Microsoft Corporation in the U.S. Windows kernel is one of the Windows system kernels. An information disclosure vulnerability exists in Microsoft Windows kernel. An attacker can exploit this vulnerability by logging on...
Microsoft Windows Kernel Information Disclosure Vulnerability (CNVD-2018-08801)
Microsoft Windows 10 and others are a series of operating systems released by Microsoft Corporation in the U.S. Windows kernel is one of the Windows system kernels. An information disclosure vulnerability exists in Microsoft Windows kernel. An attacker can exploit this vulnerability by logging on...
kernel: Missing permission check in move_pages system call
The movepages system call in mm/migrate.c in the Linux kernel doesn't check the effective uid of the target process. This enables a local attacker to learn the memory layout of a setuid executable allowing mitigation of ASLR...
kernel: Missing permission check in move_pages system call
The movepages system call in mm/migrate.c in the Linux kernel doesn't check the effective uid of the target process. This enables a local attacker to learn the memory layout of a setuid executable allowing mitigation of ASLR...
kernel: Kernel address information leak in drivers/acpi/sbshc.c:acpi_smbus_hc_add() function potentially allowing KASLR bypass
The acpismbushcadd function in drivers/acpi/sbshc.c in the Linux kernel, through 4.14.15, allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call...
Windows Kernel Information Disclosure Vulnerability
An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization ASLR bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a...