Microsoft Windows suffers from a COM Desktop Broker privilege escalation vulnerability.
33bec631eeba1af2a94a0e9dbba06bd0Microsoft Windows suffers from a Browser Broker cross session privilege escalation vulnerability.
229198c64a95f918f122595f4ee355a9Microsoft Windows suffers from DSSVC MoveFileInheritSecurity privilege escalation vulnerabilities.
66e30ac5fe6b293e058c5267f533b4efMicrosoft Windows suffers from a DSSVC CanonicalAndValidateFilePath security feature bypass vulnerability.
47b391aa29c8007a02ea421b578013c9Microsoft Windows suffers from a DSSVC DSOpenSharedFile arbitrary file delete privilege escalation vulnerability.
b222cf88f9572d3d9f640ba2ca02e3d4Microsoft Windows suffers from a DSSVC DSOpenSharedFile arbitrary file open privilege escalation vulnerability.
bb2e921fb41ce1f0d91dd85e884db5f2Microsoft Windows suffers from an SSPI network authentication session 0 privilege escalation vulnerability.
983731eb8f0ab4d5e06fd6f0de137c76Wireshark suffers from a get_t61_string heap out-of-bounds read vulnerability.
43cb4c02b902708d8069391d9e3e6872Polkit suffers from a temporary auth hijacking vulnerability via PID reuse and a non-atomic fork.
57634c3dcea314066b8d2beba7cfe951Microsoft Windows suffers from a privilege escalation vulnerability. The Data Sharing Service does not has a TOCTOU in PolicyChecker::CheckFilePermission resulting in an arbitrary file deletion.
bd93c9fa1baa36c07dad7069c043ffd7WebKit JSC suffers from a use-after-free vulnerability that can be used to bypass write barriers.
f6e693ef692196881715a01dcdc39b91WebKit JSC suffers from out-of-bounds read and write vulnerabilities in JSArray::shiftCountWithArrayStorage.
75dbb70a739e6c66466398a40ffdab49Starting from Windows 10 Fall Creators Update, VBScript execution in IE 11 should be disabled for websites in the Internet Zone and the Restricted Sites Zone by default. However, the VBScript execution policy does not appear to cover VBScript code in MSXML xsl files which can still execute VBScript, even when loaded from the Internet Zone.
ce43b2ebae9f07a7d017a64ce3308636There is an reference leak in Microsoft VBScript that can be turned into an use-after-free given sufficient time. The vulnerability has been confirmed in Internet Explorer on various Windows versions with the latest patches applied.
7a89325a4a9a9ce9b151cea5f6c4b348There is an out-of-bounds write vulnerability in jscript.dll in the JsArrayFunctionHeapSort function. This vulnerability can be exploited through Internet Explorer or potentially through WPAD over local network.
82afb637d0f91a3f4210fbcfc5b8c0eaRazer Cortex has a CEF debugger stub enabled by default allowing arbitrary remote command execution.
1d2152a1c114ec3e8cfb933b419a219cCUPS generates session cookies srandom(time(NULL)) and random() on Linux.
583f7c6a7321642c12877e79a0682883Linux userfaultfd bypasses tmpfs file permissions.
61256d48b95082beb5d8e4ef759bcd4cThe Logitech "Options" craft websocket server has no authentication.
351cebf77410e506f6772f6e57f6204eWebKit JIT int32/double arrays can have proxy objects in the prototype chains.
06865c2504867e5e78ec061c65753733McAfee True Key version 5.1.173.1 on Windows 10 1809 has multiple issues in the implementation of the McAfee.TrueKey.Service which can result in privilege escalation through executing arbitrary processes or deleting files and directories.
f1a320f91998eaef2cba50213365ef59Google Chrome version 70.0.3538.77 stable suffers from cross site scripting and man-in-the-middle vulnerabilities.
983c9bbc501d7d7ca4d8d631173677e7XNU POSIX has an issue where shared memory mapping have an incorrect maximum protection.
ac2760f95d5d33a22ed9bc8cebfab544Wireshark suffers from a stack corruption vulnerability in cdma2k_message_ACTIVE_SET_RECORD_FIELDS.
4f571857a06d3e3cbcb563eac1e1b3e6Chrome V8 sets incorrect type information on Math.expm1.
8d398e4f8f1b1a35eddcca69c66a88fc
© 2019 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed