Vulnerability & Exploit Database

Displaying entries 1 - 10 of 126436 in total

Ubuntu: USN-3570-1 (CVE-2018-1056): AdvanceCOMP vulnerability Vulnerability

  • Severity: 4
  • Published: February 13, 2018

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From USN-3570-1:

Joonun Jang discovered that AdvanceCOMP incorrectly handled certain malformed zip files. If a user or automated system were tricked into proce...

Microsoft CVE-2018-0830: Windows Kernel Information Disclosure Vulnerability Vulnerability

  • Severity: 4
  • Published: February 12, 2018

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially ...

Microsoft CVE-2018-0836: Scripting Engine Memory Corruption Vulnerability Vulnerability

  • Severity: 4
  • Published: February 12, 2018

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same ...

Microsoft CVE-2018-0840: Scripting Engine Memory Corruption Vulnerability Vulnerability

  • Severity: 4
  • Published: February 12, 2018

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same u...

Microsoft CVE-2018-0833: Windows Denial of Service Vulnerability Vulnerability

  • Severity: 4
  • Published: February 12, 2018

A denial of service vulnerability exists in implementations of the Microsoft Server Message Block 2.0 and 3.0 (SMBv2/SMBv3) client. The vulnerability is due to improper handling of certain requests sent by a malicious SMB server to the client. An attacker who successfully exploited this vulnerability could cause the affected system to st...

Microsoft CVE-2018-0857: Scripting Engine Memory Corruption Vulnerability Vulnerability

  • Severity: 4
  • Published: February 12, 2018

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same ...