524 matches found
CVE-2018-1000006
GitHub Electron versions 1.8.2-beta.3 and earlier, 1.7.10 and earlier, 1.6.15 and earlier has a vulnerability in the protocol handler, specifically Electron apps running on Windows 10, 7 or 2008 that register custom protocol handlers can be tricked in arbitrary command execution if the user click...
Design/Logic Flaw
GitHub Electron versions 1.8.2-beta.3 and earlier, 1.7.10 and earlier, 1.6.15 and earlier has a vulnerability in the protocol handler, specifically Electron apps running on Windows 10, 7 or 2008 that register custom protocol handlers can be tricked in arbitrary command execution if the user click...
CVE-2018-1000006
The CVE-2018-1000006 entry concerns GitHub Electron. Affected Electron versions include 1.8.2-beta.3 and earlier, 1.7.10 and earlier, and 1.6.15 and earlier. The vulnerability lies in the protocol handler: Electron apps on Windows (10/7/2008) that register custom protocol handlers can be tricked ...
CVE-2018-1000006
GitHub Electron versions 1.8.2-beta.3 and earlier, 1.7.10 and earlier, 1.6.15 and earlier has a vulnerability in the protocol handler, specifically Electron apps running on Windows 10, 7 or 2008 that register custom protocol handlers can be tricked in arbitrary command execution if the user click...
Skype, Slack and Other Popular Windows Apps Vulnerable to Critical Framework Bug
UPDATE Hundreds of software applications built using the developer framework called Electron may be vulnerable to a remote code execution flaw, according to developers of the framework. Impacted are dozens of popular Windows applications such as Microsoft’s Skype for Windows and Slack. Earlier th...
Remote Code Execution
Overview Affected versions of electron may be susceptible to a remote code execution flaw when certain conditions are met: 1. The electron application is running on Windows. 2. The electron application registers as the default handler for a protocol, such as nodeapp://. This vulnerability is caus...
Remote Code Execution in electron
Affected versions of electron may be susceptible to a remote code execution flaw when certain conditions are met: 1. The electron application is running on Windows. 2. The electron application registers as the default handler for a protocol, such as nodeapp://. This vulnerability is caused by a...
PT-2018-9198 · Microsoft +2 · Windows 2008 +4
Name of the Vulnerable Software and Affected Versions: GitHub Electron versions 1.8.2-beta.3 and earlier GitHub Electron versions 1.7.10 and earlier GitHub Electron versions 1.6.15 and earlier Description: The issue is related to a vulnerability in the protocol handler of Electron apps running on...
Microsoft Windows Multiple Vulnerabilities (KB4053578)
This host is missing a critical security update according to Microsoft KB4053578 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Microsoft Windows Multiple Vulnerabilities (KB4054519)
This host is missing a critical security update according to Microsoft KB4054519 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2017-11927
Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allow an information vulnerability due to the way the Windows its:// protocol handler determines...
CVE-2017-11927
Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allow an information vulnerability due to the way the Windows its:// protocol handler determines...
Information disclosure
Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allow an information vulnerability due to the way the Windows its:// protocol handler determines...
Windows 8.1 and Windows Server 2012 R2 December 2017 Security Updates
The remote Windows host is missing security update 4054522 or cumulative update 4054519. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft browsers. An attacke...
KB4053578: Windows 10 Version 1511 December 2017 Security Update
The remote Windows host is missing security update 4053578. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a wa...
Windows Server 2012 December 2017 Security Updates
The remote Windows host is missing security update 4054523 or cumulative update 4054520. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists in RPC if the server has Routing and Remote Access enabled. An attacker who successfully exploited this...
Windows 7 and Windows Server 2008 R2 December 2017 Security Updates
The remote Windows host is missing security update 4054521 or cumulative update 4054518. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft browsers. An attacke...
KB4053580: Windows 10 Version 1703 December 2017 Security Update
The remote Windows host is missing security update 4053580. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a wa...
CVE-2017-11480
Packetbeat (Elastic Beats) contains a denial-of-service flaw in the PostgreSQL protocol handler. In affected versions prior to 5.6.4 (and mentions of 6.0.0 in some advisories), an attacker that can send arbitrary network traffic to a monitored PostgreSQL port could cause Packetbeat to fail loggin...
Description of the security update for the information disclosure vulnerability in Windows Server 2008: December 12, 2017
Description of the security update for the information disclosure vulnerability in Windows Server 2008: December 12, 2017 Summary An information disclosure vulnerability exists when the Windows its:// protocol handler unnecessarily sends traffic to a remote site to determine the zone of a provide...