Lucene search
K

44 matches found

Positive Technologies
Positive Technologies
added 2019/12/02 12:0 a.m.7 views

PT-2019-15818 · Teamviewer · Teamviewer

Name of the Vulnerable Software and Affected Versions: TeamViewer desktop application version 14.3.4730 Description: An issue in the Chat functionality of the TeamViewer desktop application on Windows allows every communication to be saved within Windows main memory upon login. When a user logs o...

6.5CVSS4.6AI score0.02079EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2019/10/03 12:0 a.m.4 views

The vulnerability of the DirectWrite programming interface in Windows operating systems allows attackers to disclose sensitive information.

The vulnerability of the DirectWrite programming interface in Windows operating systems is related to errors in object handling in memory. Exploiting this vulnerability can allow a remote attacker to disclose sensitive information through a specially crafted document or web page...

7.8CVSS5.5AI score0.12096EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2019/08/30 12:0 a.m.5 views

The vulnerability of the PsmServiceExtHost.dll library in the Windows operating system allows a hacker to elevate their privileges and execute arbitrary code.

The vulnerability of the PsmServiceExtHost.dll library in the Windows operating system is related to errors in memory object handling. Exploiting this vulnerability can allow an attacker to enhance their privileges and execute arbitrary code through a specially created application...

7CVSS5.9AI score0.00742EPSS
Exploits0References2
OSV
OSV
added 2019/08/14 9:15 p.m.3 views

CVE-2019-0716

A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. To exploit this vulnerability, an attacker would have to log on to an affected system and run a...

5.8CVSS6.8AI score0.04415EPSS
Exploits0References1
OSV
OSV
added 2019/06/28 8:42 a.m.5 views

OPENSUSE-SU-2019:1664-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Mozilla Thunderbird was updated to 60.7.2 / MFSA 2019-20 boo1138872: CVE-2019-11707: Type confusion in Array.pop CVE-2019-11708: sandbox escape using Prompt:Open Mozilla Thunderbird was updated to 60.7.1 / MFSA 2019-17 boo1137595:...

10CVSS8.7AI score0.55874EPSS
Exploits32References28
BDU FSTEC
BDU FSTEC
added 2019/04/19 12:0 a.m.4 views

The vulnerability of the Win32k component of the Windows operating system, which allows a hacker to increase their privileges

The vulnerability of the Win32k component of the Windows operating system is related to errors in memory object handling. Exploiting this vulnerability can allow a remote attacker to gain increased privileges...

7.8CVSS7.7AI score0.4523EPSS
Exploits26References2
ATTACKERKB
ATTACKERKB
added 2019/04/09 12:0 a.m.50 views

CVE-2019-0685

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka ‘Win32k Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2019-0803, CVE-2019-0859. Recent assessments: Assessed Attacker Value: 0 Assessed...

7.8CVSS8.4AI score0.4523EPSS
In wildExploits28References2
Kitploit
Kitploit
added 2019/04/08 12:43 p.m.182 views

Beagle - An Incident Response And Digital Forensics Tool Which Transforms Security Logs And Data Into Graphs

Beagle is an incident response and digital forensics tool which transforms data sources and logs into graphs. Supported data sources include FireEye HX Triages, Windows EVTX files, SysMon logs and Raw Windows memory images. The resulting Graphs can be sent to graph databases such as Neo4J or...

6.6AI score
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2019/01/18 12:0 a.m.6 views

The vulnerability of the Windows operating system arises from an operation that goes beyond the buffer boundaries in memory, allowing a hacker to execute arbitrary code.

The vulnerability of the Windows Jet Database Engine component of the Windows operating system arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...

7.8CVSS7.9AI score0.20505EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2019/01/15 12:0 a.m.6 views

The vulnerability of the software interfaces of DirectX applications for the Windows operating system arises from errors in the memory object handling mechanisms. This vulnerability allows attackers to access confidential information.

The vulnerability of the software interfaces of DirectX applications for the Windows operating system is related to errors in the memory object handling mechanisms. Exploiting this vulnerability can allow an attacker to access confidential information through a specially crafted application...

5.5CVSS6.7AI score0.01682EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2018/12/28 12:0 a.m.8 views

The vulnerability of the Windows operating system, related to errors in memory object handling, allows an intruder to disclose protected information.

The vulnerability of the DirectX driver for the Windows operating system is related to object handling errors in memory. Exploiting this vulnerability can allow an attacker to disclose sensitive information through a specially created application...

4.7CVSS6.2AI score0.01819EPSS
Exploits0References4
OSV
OSV
added 2018/05/09 7:29 p.m.3 views

CVE-2018-8136

A remote code execution vulnerability exists in the way that Windows handles objects in memory, aka "Windows Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows...

7.8CVSS7.7AI score0.21882EPSS
Exploits0References3
OSV
OSV
added 2018/04/12 1:29 a.m.3 views

CVE-2018-8116

A denial of service vulnerability exists in the way that Windows handles objects in memory, aka "Microsoft Graphics Component Denial of Service Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 201...

5.5CVSS5.8AI score0.01428EPSS
Exploits0References3
CNVD
CNVD
added 2017/08/09 12:0 a.m.4 views

Microsoft Windows Edge JavaScript Engine Remote Code Execution Vulnerability (CNVD-2017-20500)

Microsoft Windows 10 and Windows Server 2016 are both products of the American company Microsoft. The former is a set of operating systems for personal computers and the latter is a set of server operating systems.Edge is one of the default browsers that comes with the system.JavaScript engines i...

7.6CVSS8.3AI score0.69277EPSS
Exploits3References1
OSV
OSV
added 2017/06/15 1:29 a.m.6 views

CVE-2017-8494

Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow a locally-authenticated attacker to run a specially crafted application on a targeted system when Windows Secure Kernel Mode fails to properly handle objects in memory, aka "Windows Elevation of Privilege Vulnerability...

7.3CVSS5.8AI score0.01947EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2017/03/31 12:0 a.m.8 views

The vulnerability of the Windows operating system allows a perpetrator to obtain confidential information from the process memory.

The vulnerability of the Uniscribe component of the Windows operating system is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor, acting remotely, to obtain confidential information from the process’s memory through a specially crafted web...

4.3CVSS5.8AI score0.22951EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2017/03/23 12:0 a.m.7 views

The vulnerability of the Windows operating system allows a perpetrator to obtain confidential information from the process memory.

The vulnerability of the Uniscribe component of the Windows operating system is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor, acting remotely, to obtain confidential information from the process’s memory through a specially crafted web...

4.3CVSS5.8AI score0.22471EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2017/03/23 12:0 a.m.8 views

The vulnerability of the Windows operating system allows a perpetrator to obtain confidential information from the process memory.

The vulnerability of the Uniscribe component of the Windows operating system is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor, acting remotely, to obtain confidential information from the process’s memory through a specially crafted web...

4.3CVSS5.8AI score0.22471EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2017/03/23 12:0 a.m.7 views

The vulnerability of the Windows operating system allows a perpetrator to obtain confidential information from the process memory.

The vulnerability of the Uniscribe component of the Windows operating system is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor, operating remotely, to obtain confidential information from the process’s memory through a specially crafted...

4.3CVSS5.8AI score0.22471EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2017/03/23 12:0 a.m.7 views

The vulnerability of the Windows operating system allows a perpetrator to obtain confidential information from the process memory.

The vulnerability of the Uniscribe component of the Windows operating system is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor, acting remotely, to obtain confidential information from the process’s memory through a specially crafted web...

4.3CVSS5.8AI score0.22471EPSS
Exploits1References3
Rows per page
Query Builder