Lucene search
K

793 matches found

Cvelist
Cvelist
added 2021/06/11 2:45 p.m.27 views

CVE-2021-25394

A use after free vulnerability via race condition in MFC charger driver prior to SMR MAY-2021 Release 1 allows arbitrary write given a radio privilege is compromised...

6.4CVSS6.7AI score0.00422EPSS
Exploits0References1
CVE
CVE
added 2021/06/11 2:45 p.m.428 views

CVE-2021-25394

CVE-2021-25394 is a race-condition-based use-after-free vulnerability in Samsung Mobile Devices’ MFC charger driver, prior to SMR MAY-2021 Release 1. The issue enables arbitrary writes after a radio privilege is compromised, with local attack vector and partial integrity/availability impact per C...

6.4CVSS6.8AI score0.00422EPSS
In wildExploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2021/06/11 12:0 a.m.23 views

CVE-2021-25394

A use after free vulnerability via race condition in MFC charger driver prior to SMR MAY-2021 Release 1 allows arbitrary write given a radio privilege is compromised. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

6.4CVSS7.1AI score0.00422EPSS
In wildExploits0References2
Packet Storm
Packet Storm
added 2021/05/21 12:0 a.m.204 views

DELL dbutil_2_3.sys 2.3 Arbitrary Write / Privilege Escalation

Exploit Title: DELL dbutil23.sys 2.3 - Arbitrary Write to Local Privilege Escalation LPE Date: 10/05/2021 Exploit Author: Paolo Stagno aka VoidSec Version: include include include include define IOCTLCODE 0x9B0C1EC8 // IOCTLCODE value, used to reach the vulnerable function taken from IDA define...

4.6CVSS0.5AI score0.57474EPSS
Exploits17
Exploit DB
Exploit DB
added 2021/05/21 12:0 a.m.287 views

DELL dbutil_2_3.sys 2.3 - Arbitrary Write to Local Privilege Escalation (LPE)

Exploit Title: DELL dbutil23.sys 2.3 - Arbitrary Write to Local Privilege Escalation LPE Date: 10/05/2021 Exploit Author: Paolo Stagno aka VoidSec Version: include include include include define IOCTLCODE 0x9B0C1EC8 // IOCTLCODE value, used to reach the vulnerable function taken from IDA define...

8.8CVSS7.9AI score0.57474EPSS
Exploits17
OSV
OSV
added 2021/05/14 11:15 p.m.5 views

AZL-6562 CVE-2021-33034 affecting package kernel for versions less than 5.10.78.1-1

In the Linux kernel before 5.12.4, net/bluetooth/hcievent.c has a use-after-free when destroying an hcichan, aka CID-5c4c8c954409. This leads to writing an arbitrary value...

7.8CVSS6.7AI score0.00826EPSS
Exploits1References1
OSV
OSV
added 2021/05/14 11:15 p.m.1 views

DEBIAN-CVE-2021-33034

In the Linux kernel before 5.12.4, net/bluetooth/hcievent.c has a use-after-free when destroying an hcichan, aka CID-5c4c8c954409. This leads to writing an arbitrary value...

7.8CVSS6.6AI score0.00826EPSS
Exploits1References1
OSV
OSV
added 2021/05/14 11:15 p.m.5 views

AZL-6561 CVE-2021-33033 affecting package kernel for versions less than 5.10.78.1-1

The Linux kernel before 5.11.14 has a use-after-free in cipsov4genopt in net/ipv4/cipsoipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd. This leads to writing an arbitrary value...

7.8CVSS6.7AI score0.00571EPSS
Exploits1References1
OSV
OSV
added 2021/05/14 11:15 p.m.1 views

UBUNTU-CVE-2021-33034

In the Linux kernel before 5.12.4, net/bluetooth/hcievent.c has a use-after-free when destroying an hcichan, aka CID-5c4c8c954409. This leads to writing an arbitrary value...

7.8CVSS6.8AI score0.00826EPSS
Exploits1References16
CNNVD
CNNVD
added 2021/05/05 12:0 a.m.5 views

impacket 路径遍历漏洞

impacket is a software application. A collection of Python classes for handling network protocols. A security vulnerability exists in Impacket versions prior to 0.9.22, which stems from a multiple path traversal vulnerability in smbserver.py. An attacker could exploit this vulnerability to... Lis...

9.8CVSS8.8AI score0.1926EPSS
Exploits1References11
CVE
CVE
added 2021/04/02 5:55 p.m.91 views

CVE-2021-1769

CVE-2021-1769 describes a logic issue in macOS/iOS/watchOS/tvOS/iPadOS components where improved validation fixes allow bypassing Pointer Authentication. The vulnerability is triggered by a malicious attacker with arbitrary read/write capabilities and results in potential bypass of Pointer Authen...

5.5CVSS5.8AI score0.00307EPSS
Exploits0References4Affected Software6
CVE
CVE
added 2021/03/11 8:25 p.m.63 views

CVE-2021-22712

Schneider Electric IGSS Def.exe (Definition) has a CWE-119 buffer bounds vulnerability in V15.0.0.21041 and earlier, allowing arbitrary read/write via parsing a malicious CGF file due to an unchecked pointer address. ZDI reports remote code execution with user interaction required (visit a malici...

9.3CVSS7.5AI score0.00841EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2021/02/03 12:0 a.m.3 views

Command Execution Vulnerability in PHP Simple Auto Card Issuing Platform Personal Edition

PHP simple automatic card issuance platform personal version is the use of php mysql for the development of automatic card payment platform. The platform backend has an arbitrary write configuration file vulnerability that leads to command execution. PHP Simple Automatic Card Issuance Platform...

7.9AI score
Exploits0
VulnCheck KEV
VulnCheck KEV
added 2021/01/28 12:0 a.m.4 views

VulnCheck KEV: CVE-2017-16238

Tgsoft Vir.itexplorer arbitrary write kernel vulnerability via 0x82730080 ioctls...

7.2AI score
Exploits0References1
Cvelist
Cvelist
added 2021/01/21 9:41 a.m.22 views

CVE-2020-11179

Arbitrary read and write to kernel addresses by temporarily overwriting ring buffer pointer and creating a race condition. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...

7.1AI score0.00316EPSS
Exploits0References1
CNVD
CNVD
added 2021/01/08 12:0 a.m.2 views

Gotenberg Directory Traversal Vulnerability

Gotenberg is a Docker-powered stateless API for converting HTML, Markdown and Office documents to PDF. A directory traversal vulnerability exists in the file upload functionality of Gotenberg 6.2.1 and earlier. An attacker could use this vulnerability to upload and overwrite arbitrary writable...

9.8CVSS7.9AI score0.05591EPSS
Exploits2References1
NVD
NVD
added 2020/12/28 9:15 p.m.11 views

CVE-2020-27172

An issue was discovered in G-Data before 25.5.9.25 using Symbolic links, it is possible to abuse the infected-file restore mechanism to achieve arbitrary write that leads to elevation of privileges...

9.8CVSS9.5AI score0.01329EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/12/28 8:26 p.m.15 views

CVE-2020-27172

An issue was discovered in G-Data before 25.5.9.25 using Symbolic links, it is possible to abuse the infected-file restore mechanism to achieve arbitrary write that leads to elevation of privileges...

9.5AI score0.01329EPSS
Exploits0References1
Prion
Prion
added 2020/12/15 3:15 p.m.19 views

Memory corruption

An arbitrary memory write vulnerability in Asylo versions up to 0.6.0 allows an untrusted attacker to make a call to ecallrestore using the attribute output which fails to check the range of a pointer. An attacker can use this pointer to write to arbitrary memory addresses including those within...

2.1CVSS5.5AI score0.00156EPSS
Exploits1References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/11/06 12:0 a.m.47 views

EulerOS Virtualization 3.0.6.6 : kernel (EulerOS-SA-2020-2443)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - btrfsrootnode in fs/btrfs/ctree.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because...

7.8CVSS6.8AI score0.05228EPSS
Exploits8References15
Rows per page
Query Builder