Skip to content

Home Early Warning System Issues
Issues
Oracle VirtualBox Zero-Day Vulnerability and Exploit Released
Monday, 12 November 2018 14:00

A 0-day vulnerability was discovered in VirtualBox 5.2.20 and prior. An attacker or a malicious program with root or administrator privilege in the guest OS can escape and execute arbitrary code in the application layer (ring 3) of the host OS. No patch was available at the time of this entry. Users can protect themselves against potential cyber attacks by changing the network card of their virtual machines from NAT to "PCnet" or to "Paravirtualized Network", or other.

 
0-Day Remote Arbitrary Code Execution Vulnerability in Microsoft Edge
Wednesday, 07 November 2018 11:00

A 0-day vulnerability was discovered in Microsoft Edge. A remote attacker may be able to execute arbitrary code or gain control of the target system. Security researchers have developed a PoC(Proof-of-Concept) to demonstrate this issue. No patch was available at the time of this entry.

 
A Flaw in Microsoft Office 2016 and Older Versions Could Allow Attackers to Infect User's Computers
Wednesday, 31 October 2018 12:00

A flaw was reported in Microsoft Office 2016 and older versions. Attackers may be able to send users a maliciously crafted document with an embed video. When users clicked on an embedded video link, would prompt users to run an embedded executable. Microsoft has no plans to fix the issue at the time of this entry, users are advised not ot open email attachments from unknown or suspicious sources.

 
Microsoft Skype for Business Audio File Processing Arbitrary Code Execution Vulnerability
Tuesday, 30 October 2018 12:00

A vulnerability was reported in Microsoft Skype for Business in a third party component. Remote attackers may be able to conduct an on-premise X.509 validation attack against the AudioCodes algorithm and execute arbitrary code on the target system.No solution was available at the time of this entry.

 
Vulnerability in Microsoft Data Sharing Allows Attackers to Perform Privilege Escalation Attacks
Thursday, 25 October 2018 17:00

A vulnerability was reported in Microsoft Data Sharing (dssvc.dll) in Windows 10 and recent versions of Windows severs editions. Attackers with limited privilege may be able to elevate privileges and delete critical system files on affected systems through the PoC code released by the researcher. No patch was available at the time of this entry.

 
<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>

Page 1 of 141
[YOUR IP : 52.91.90.122: 39898] ...   [YOUR BROWSER: CCBot/2.0 (https://commoncrawl.org/faq/)] ...