Vulnerability & Exploit Database

Displaying entries 241 - 250 of 125504 in total

Microsoft CVE-2018-0788: OpenType Font Driver Elevation of Privilege Vulnerability Vulnerability

  • Severity: 7
  • Published: January 02, 2018

An elevation of privilege vulnerability exists in Windows Adobe Type Manager Font Driver (ATMFD.dll) when it fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code and take control of an affected system. An attacker could then install programs; view, change, or d...

Microsoft CVE-2018-0766: Microsoft Edge Information Disclosure Vulnerability Vulnerability

  • Severity: 4
  • Published: January 02, 2018

An information disclosure vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit the vulnerability, in a web-based attack scenario, an attacker could host a website that ...

Ubuntu: USN-3477-4: Firefox regression Vulnerability

  • Severity: 4
  • Published: January 02, 2018

USN-3477-1 fixed vulnerabilities in Firefox. The update introduced a crash reporting issue where background tab crash reports were sent to Mozilla without user opt-in. This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

Multiple security issues were discovered in ...

CentOS: (CVE-2017-5754) (Multiple Advisories): kernel Vulnerability

  • Severity: 5
  • Published: January 02, 2018

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.

Microsoft CVE-2018-0747: Windows Information Disclosure Vulnerability Vulnerability

  • Severity: 2
  • Published: January 02, 2018

An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a kernel object. To exploit the vulnerability...

Microsoft CVE-2018-0745: Windows Information Disclosure Vulnerability Vulnerability

  • Severity: 2
  • Published: January 02, 2018

An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a kernel object. To exploit the vulnerability...

Microsoft CVE-2018-0749: SMB Server Elevation of Privilege Vulnerability Vulnerability

  • Severity: 5
  • Published: January 02, 2018

An elevation of privilege vulnerability exists in the Microsoft Server Message Block (SMB) Server when an attacker with valid credentials attempts to open a specially crafted file over the SMB protocol on the same machine. An attacker who successfully exploited this vulnerability could bypass certain security checks in the operating syst...