2015 年 04 月 14 日,微软发布严重级别的安全公告 MS15-034,编号为 CVE-2015-1635,据称在 Http.sys 中的漏洞可能允许远程执行代码。 2. 漏洞描述 CWE: CWE-119 CVE: CVE-2015-1635 Http.sys 是一个位于 Windows 操作系统核心组件,能够让任何应用程序通过它提供的接口,以 Http 协议
Google patched some Android security vulnerabilities in early August. One of them was a remote code execution vulnerability in Mediaserver (CVE-2016-3820), which was discovered by me. This vulnerability could enable an attacker using a specially crafted
A remote code execution vulnerability exists in Microsoft Visual Studio 2019 and Visual Studio 2017 if an XOML (Extensible Object Markup Language) file references certain types and causes random code to be run when the file is opened in Visual Studio. There ...
A remote code execution vulnerability exists in the remote SAP Gateway as a result of allowing non-SAP applications to communicate with, and potentially run OS commands on SAP applications. An unauthenticated attacker can run the arbitrary commands on remote server to gain access to the system or ...
Microsoft SharePoint Remote Code Execution Vulnerability On this page CVE-2020-17121 Subscribe RSS PowerShell API CSAFSecurity Vulnerability Released: Dec 8, 2020 Assigning CNA Microsoft CVE.org link CVE-2020-17121 Exploitability The following table provides an exploitability assessment ...
On November 27, 2017, Huawei received a notification about a possible remote code execution vulnerability (CVE-2017-17215) regarding Huawei HG532 from Muhammad Mukatren of Check Point Software Technologies Research Department, which also released a security advisory CPAI-2017-1016 but without detailed...
Resolves a reported vulnerability in Windows Media file format (.asf, .wmv, .wma) that could allow remote code execution.
Cybersecurity experts have uncovered a critical Remote Code Execution (RCE) vulnerability in Splunk, the data analytics platform that forms the backbone of many corporate IT infrastructures. Identified as CVE-2023-46214, this flaw could potentially allow attackers to infiltrate and seize control of sys...
Critical unpatched “wormable” remote code execution (RCE) vulnerability in Microsoft Server Message Block 3.1.1 (SMBv3), dubbed EternalDarkness, disclosed by Microsoft. Update 03/13/2020: The Proof-of-concept section has been updated to reflect the public availability of an exploit s...
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a specially crafted Microsoft Office file containing a malicious embedded ClickOnce application.