Vulnerability & Exploit Database

Displaying entries 201 - 210 of 125504 in total

Microsoft CVE-2018-0773: Scripting Engine Memory Corruption Vulnerability Vulnerability

  • Severity: 8
  • Published: January 02, 2018

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same ...

Microsoft CVE-2018-0781: Scripting Engine Memory Corruption Vulnerability Vulnerability

  • Severity: 8
  • Published: January 02, 2018

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same ...

Microsoft CVE-2018-0800: Scripting Engine Information Disclosure Vulnerability Vulnerability

  • Severity: 4
  • Published: January 02, 2018

An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. In a web-based attack scenario, an attacker could host a website in an attempt to...

Microsoft CVE-2018-0772: Scripting Engine Memory Corruption Vulnerability Vulnerability

  • Severity: 8
  • Published: January 02, 2018

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same u...

Microsoft CVE-2018-0750: Windows GDI Information Disclosure Vulnerability Vulnerability

  • Severity: 2
  • Published: January 02, 2018

A Win32k information disclosure vulnerability exists when the Windows GDI component improperly discloses kernel memory addresses. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system ...

Debian: CVE-2017-1000472: poco -- security update Vulnerability

  • Severity: 4
  • Published: January 02, 2018

The ZipCommon::isValidPath() function in Zip/src/ZipCommon.cpp in POCO C++ Libraries before 1.8 does not properly restrict the filename value in the ZIP header, which allows attackers to conduct absolute path traversal attacks during the ZIP decompression, and possibly create or overwrite arbitrary files, via a crafted ZIP file, related ...

Microsoft CVE-2018-0777: Scripting Engine Memory Corruption Vulnerability Vulnerability

  • Severity: 8
  • Published: January 02, 2018

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same ...

Microsoft CVE-2018-0775: Scripting Engine Memory Corruption Vulnerability Vulnerability

  • Severity: 8
  • Published: January 02, 2018

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same ...