793 matches found
CVE-2021-25394
A use after free vulnerability via race condition in MFC charger driver prior to SMR MAY-2021 Release 1 allows arbitrary write given a radio privilege is compromised...
CVE-2021-25394
CVE-2021-25394 is a race-condition-based use-after-free vulnerability in Samsung Mobile Devices’ MFC charger driver, prior to SMR MAY-2021 Release 1. The issue enables arbitrary writes after a radio privilege is compromised, with local attack vector and partial integrity/availability impact per C...
CVE-2021-25394
A use after free vulnerability via race condition in MFC charger driver prior to SMR MAY-2021 Release 1 allows arbitrary write given a radio privilege is compromised. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
DELL dbutil_2_3.sys 2.3 Arbitrary Write / Privilege Escalation
Exploit Title: DELL dbutil23.sys 2.3 - Arbitrary Write to Local Privilege Escalation LPE Date: 10/05/2021 Exploit Author: Paolo Stagno aka VoidSec Version: include include include include define IOCTLCODE 0x9B0C1EC8 // IOCTLCODE value, used to reach the vulnerable function taken from IDA define...
DELL dbutil_2_3.sys 2.3 - Arbitrary Write to Local Privilege Escalation (LPE)
Exploit Title: DELL dbutil23.sys 2.3 - Arbitrary Write to Local Privilege Escalation LPE Date: 10/05/2021 Exploit Author: Paolo Stagno aka VoidSec Version: include include include include define IOCTLCODE 0x9B0C1EC8 // IOCTLCODE value, used to reach the vulnerable function taken from IDA define...
AZL-6562 CVE-2021-33034 affecting package kernel for versions less than 5.10.78.1-1
In the Linux kernel before 5.12.4, net/bluetooth/hcievent.c has a use-after-free when destroying an hcichan, aka CID-5c4c8c954409. This leads to writing an arbitrary value...
DEBIAN-CVE-2021-33034
In the Linux kernel before 5.12.4, net/bluetooth/hcievent.c has a use-after-free when destroying an hcichan, aka CID-5c4c8c954409. This leads to writing an arbitrary value...
AZL-6561 CVE-2021-33033 affecting package kernel for versions less than 5.10.78.1-1
The Linux kernel before 5.11.14 has a use-after-free in cipsov4genopt in net/ipv4/cipsoipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd. This leads to writing an arbitrary value...
UBUNTU-CVE-2021-33034
In the Linux kernel before 5.12.4, net/bluetooth/hcievent.c has a use-after-free when destroying an hcichan, aka CID-5c4c8c954409. This leads to writing an arbitrary value...
impacket 路径遍历漏洞
impacket is a software application. A collection of Python classes for handling network protocols. A security vulnerability exists in Impacket versions prior to 0.9.22, which stems from a multiple path traversal vulnerability in smbserver.py. An attacker could exploit this vulnerability to... Lis...
CVE-2021-1769
CVE-2021-1769 describes a logic issue in macOS/iOS/watchOS/tvOS/iPadOS components where improved validation fixes allow bypassing Pointer Authentication. The vulnerability is triggered by a malicious attacker with arbitrary read/write capabilities and results in potential bypass of Pointer Authen...
CVE-2021-22712
Schneider Electric IGSS Def.exe (Definition) has a CWE-119 buffer bounds vulnerability in V15.0.0.21041 and earlier, allowing arbitrary read/write via parsing a malicious CGF file due to an unchecked pointer address. ZDI reports remote code execution with user interaction required (visit a malici...
Command Execution Vulnerability in PHP Simple Auto Card Issuing Platform Personal Edition
PHP simple automatic card issuance platform personal version is the use of php mysql for the development of automatic card payment platform. The platform backend has an arbitrary write configuration file vulnerability that leads to command execution. PHP Simple Automatic Card Issuance Platform...
VulnCheck KEV: CVE-2017-16238
Tgsoft Vir.itexplorer arbitrary write kernel vulnerability via 0x82730080 ioctls...
CVE-2020-11179
Arbitrary read and write to kernel addresses by temporarily overwriting ring buffer pointer and creating a race condition. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...
Gotenberg Directory Traversal Vulnerability
Gotenberg is a Docker-powered stateless API for converting HTML, Markdown and Office documents to PDF. A directory traversal vulnerability exists in the file upload functionality of Gotenberg 6.2.1 and earlier. An attacker could use this vulnerability to upload and overwrite arbitrary writable...
CVE-2020-27172
An issue was discovered in G-Data before 25.5.9.25 using Symbolic links, it is possible to abuse the infected-file restore mechanism to achieve arbitrary write that leads to elevation of privileges...
CVE-2020-27172
An issue was discovered in G-Data before 25.5.9.25 using Symbolic links, it is possible to abuse the infected-file restore mechanism to achieve arbitrary write that leads to elevation of privileges...
Memory corruption
An arbitrary memory write vulnerability in Asylo versions up to 0.6.0 allows an untrusted attacker to make a call to ecallrestore using the attribute output which fails to check the range of a pointer. An attacker can use this pointer to write to arbitrary memory addresses including those within...
EulerOS Virtualization 3.0.6.6 : kernel (EulerOS-SA-2020-2443)
According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - btrfsrootnode in fs/btrfs/ctree.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because...