Win32k Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or...

Windows Kernel Information Disclosure Vulnerability

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information t...

Win32k Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or...

Microsoft Windows Cursor Elevation of Privilege (CVE-2017-8466)

An elevation of privilege vulnerability exists in Microsoft Windows. The vulnerability is caused when Windows fails to properly handle objects in memory. A remote attacker can exploit this vulnerability by enticing a user to run a specially crafted executable file...

KLA11049 Multiple vulnerabilities in Microsoft Office

Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions and spoof user interface. Below is a complete list of vulnerabilities: 1. An improper validating of input before loading...

VulnCheck KEV: CVE-2017-8543

Microsoft Windows allows an attacker to take control of the affected system when Windows Search fails to handle objects in memory...

The vulnerability of the Internet Explorer browser, which allows a violator to trigger memory corruption

The vulnerability of the Internet Explorer browser is related to improper access to objects in memory. Exploiting this vulnerability can allow a remote attacker to cause memory corruption...

Microsoft Chakra Core Remote Code Execution Vulnerability

Chakra is a JavaScript engine developed by Microsoft for its web browsers. A security vulnerability in the way the JavaScript engine is rendered when handling in-memory objects in Microsoft Chakra Core could be exploited by remote attackers to construct malicious web pages that could be parsed by...

Microsoft Edge Remote Code Execution Vulnerability

Microsoft Edge is the web browser built into the Windows 10 version. A remote code execution vulnerability exists in the scripting engine presentation when Microsoft Edge handles in-memory objects, where an attacker could execute arbitrary code in the current user context...

Microsoft Windows Kernel 'Win32k.sys' local elevation of privilege vulnerability (CNVD-2017-06619)

Microsoft Windows is the popular computer operating system. A local elevation of privilege vulnerability in the Windows Kernel's handling of memory objects exists in some versions of Windows, which when successfully exploited allows an attacker to run arbitrary code in kernel mode...

Microsoft DirectX Graphics Kernel Local Elevation of Privilege Vulnerability

Microsoft Windows is the popular computer operating system. A local elevation of privilege vulnerability exists in the implementation of Microsoft Windows when memory objects are not handled correctly, which could allow a local attacker to take control of the affected system via a constructed...

Microsoft Windows Kernel Local Information Disclosure Vulnerability (CNVD-2017-06610)

Microsoft Windows is the popular computer operating system. The Windows kernel does not properly handle memory objects and is implemented with a local information disclosure vulnerability that, when successfully exploited, allows an attacker to obtain sensitive information...

Microsoft Windows Kernel Local Elevation of Privilege Vulnerability (CNVD-2017-06616)

Microsoft Windows is the popular computer operating system. A local elevation of privilege vulnerability in the Windows Kernel's handling of memory objects exists in some versions of Windows, which when successfully exploited, could allow an attacker to execute arbitrary code and denial of servic...

Microsoft Windows 'Tcpip.sys' Information Disclosure Vulnerability (KB4018885)

This host is missing an important security update according to Microsoft KB4018885. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescripti...

Win32k Information Disclosure Vulnerability

An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit the vulnerability, an attacker would have to eithe...

Microsoft Edge Memory Corruption (CVE-2017-0221)

A remote code execution vulnerability exists in Microsoft Edge. The vulnerability is due to a memory corruption when handling of objects in memory. A remote attacker can exploit this issue by enticing a user to open a specially crafted web-page with an affected version of Microsoft Edge allowing...

VulnCheck KEV: CVE-2017-0222

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory...

Adobe Acrobat and Reader Information Disclosure (APSB17-11: CVE-2017-3053)

An information disclosure vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted JPEG...

Microsoft Office Memory Corruption Vulnerability (CNVD-2017-05362)

Microsoft Office is a suite of office software based on the Windows operating system developed by Microsoft. An information disclosure vulnerability exists in the Office software that does not properly handle memory objects, which can be exploited by an attacker to obtain memory information...

Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability (CNVD-2017-05767)

Microsoft Edge is the web browser built into the Windows 10 version. A memory corruption vulnerability vulnerability exists in the implementation when Microsoft Edge does not properly handle memory objects, which can be exploited by an attacker to execute arbitrary code and corrupt memory...