• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-281

CVE-2018-5163

February 26, 2023 by

If a malicious attacker has used another vulnerability to gain full control over a content process, they may be able to replace the alternate data resources stored in the JavaScript Start-up Bytecode Cache (JSBC) for other JavaScript code. If the parent process then runs this replaced code, the executed script would be run with the parent process’ privileges, escaping the sandbox on content processes. This vulnerability affects Firefox < 60.

CVE-2018-4115

February 26, 2023 by

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves CFPreferences in the “System Preferences” component. It allows attackers to bypass intended access restrictions by leveraging incorrect configuration-profile persistence.

CVE-2018-3762

February 26, 2023 by

Nextcloud Server before 12.0.8 and 13.0.3 suffers from improper checks of dropped permissions for incoming shares allowing a user to still request previews for files it should not have access to.

CVE-2018-12989

February 26, 2023 by

The report-viewing feature in Pearson VUE Certiport Console 8 and IQSystem 7 before 2018-06-26 mishandles child processes and consequently launches Internet Explorer or Microsoft Edge as Administrator, which allows local users to gain privileges.

CVE-2020-9781

February 26, 2023 by

The issue was addressed by clearing website permission prompts after navigation. This issue is fixed in iOS 13.4 and iPadOS 13.4. A user may grant website permissions to a site they didn’t intend to.

CVE-2020-9442

February 26, 2023 by

OpenVPN Connect 3.1.0.361 on Windows has Insecure Permissions for %PROGRAMDATA%OpenVPN Connectdriverstapamd64win10, which allows local users to gain privileges by copying a malicious drvstore.dll there.

  • Go to page 1
  • Go to page 2
  • Go to page 3
  • Interim pages omitted …
  • Go to page 20
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE