Lucene search
K

159 matches found

Microsoft CVE
Microsoft CVE
added 2020/09/08 7:0 a.m.34 views

Microsoft Graphics Component Information Disclosure Vulnerability

An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker...

5.5CVSS2.2AI score0.01079EPSS
Exploits0
Prion
Prion
added 2020/08/17 7:15 p.m.21 views

Information disclosure

An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the...

4.3CVSS7.9AI score0.07087EPSS
Exploits0References1Affected Software5
Microsoft CVE
Microsoft CVE
added 2020/08/11 7:0 a.m.30 views

Media Foundation Information Disclosure Vulnerability

An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log onto ...

7.8CVSS1.3AI score0.03568EPSS
Exploits0
CNVD
CNVD
added 2020/07/17 12:0 a.m.3 views

Microsoft Windows Picker Platform Elevation of Privilege Vulnerability

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. An elevation of privilege vulnerability exists in Microsoft Windows Picker Platform, which...

7.8CVSS7.4AI score0.00736EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2020/07/14 7:0 a.m.26 views

Microsoft Graphics Component Information Disclosure Vulnerability

An information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. An authenticated attacker could exploit this...

5.5CVSS2.5AI score0.01353EPSS
Exploits0
NVD
NVD
added 2020/06/22 4:15 p.m.31 views

CVE-2020-13279

Client side code execution in gitlab-vscode-extension v2.2.0 allows attacker to execute code on user system...

8.6CVSS0.01201EPSS
Exploits0References2
OSV
OSV
added 2020/06/22 4:15 p.m.26 views

CVE-2020-13279

Client side code execution in gitlab-vscode-extension v2.2.0 allows attacker to execute code on user system...

8.6CVSS7.5AI score0.01201EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/06/18 2:21 a.m.24 views

CVE-2020-3263 Cisco Webex Meetings Desktop App URL Filtering Arbitrary Program Execution Vulnerability

A vulnerability in Cisco Webex Meetings Desktop App could allow an unauthenticated, remote attacker to execute programs on an affected end-user system. The vulnerability is due to improper validation of input that is supplied to application URLs. The attacker could exploit this vulnerability by...

7.5CVSS7.8AI score0.04117EPSS
Exploits0References1
CNVD
CNVD
added 2020/06/10 12:0 a.m.8 views

Microsoft Windows Information Disclosure Vulnerability (CNVD-2021-27709)

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. An information disclosure vulnerability exists in Microsoft Windows, which arises when a...

5.5CVSS8AI score0.01214EPSS
Exploits0References1
CNVD
CNVD
added 2020/06/10 12:0 a.m.7 views

Microsoft Windows Error Reporting Information Disclosure Vulnerability (CNVD-2021-27708)

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. Windows Error Reporting WER is one of the error reporting components. An information...

5.5CVSS8.1AI score0.01214EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2020/05/12 7:0 a.m.19 views

Windows Kernel Information Disclosure Vulnerability

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on ...

5.5CVSS1.7AI score0.01224EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2020/04/14 7:0 a.m.30 views

Windows Kernel Information Disclosure Vulnerability

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on ...

5.5CVSS1.7AI score0.01456EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2020/04/14 7:0 a.m.30 views

Win32k Information Disclosure Vulnerability

An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log ...

5.5CVSS1.4AI score0.01425EPSS
Exploits0
OSV
OSV
added 2020/03/16 4:15 p.m.2 views

UBUNTU-CVE-2020-1740

A flaw was found in Ansible Engine when using Ansible Vault for editing encrypted files. When a user executes "ansible-vault edit", another user on the same computer can read the old and new secret, as it is created in a temporary file with mkstemp and the returned file descriptor is closed and t...

4.7CVSS6.6AI score0.00374EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2019/11/12 8:0 a.m.24 views

DirectWrite Information Disclosure Vulnerability

An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the...

6.5CVSS1.4AI score0.0521EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2019/09/10 7:0 a.m.31 views

DirectWrite Information Disclosure Vulnerability

An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the...

6.5CVSS1.4AI score0.12096EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2019/06/11 7:0 a.m.28 views

Windows GDI Information Disclosure Vulnerability

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could explo...

6.5CVSS1.8AI score0.04314EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2019/06/11 7:0 a.m.22 views

Windows GDI Information Disclosure Vulnerability

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could explo...

6.5CVSS1.8AI score0.04314EPSS
Exploits0
Veracode
Veracode
added 2019/04/25 7:39 a.m.21 views

Symlink Attack

github.com/snapcore/snapd is vulnerable to symlink attack. A malicious current working directory can be used to bypass permission checks on a multi-user system. The vulnerability can be exploited when snap-confine changes the current working directory and attempts to restore the original working...

7.5CVSS7.2AI score0.02418EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2019/04/09 6:29 p.m.16 views

CVE-2018-19586

Silverpeas 5.15 through 6.0.2 is affected by an authenticated Directory Traversal vulnerability that can be triggered during file uploads because core/webapi/upload/FileUploadData.java mishandles a StringUtil.java call. This vulnerability enables regular users to write arbitrary files on the...

9.9CVSS7.2AI score
Exploits0References2
Rows per page
Query Builder