792 matches found
grub2-bhyve -- multiple privilege escalations
Reno Robert reports: FreeBSD uses a two-process model for running a VM. For booting non-FreeBSD guests, a modified grub-emu is used grub-bhyve. Grub-bhyve executes command from guest grub.cfg file. This is a security problem because grub was never written to handle inputs from OS as untrusted. In...
CVE-2018-6240
CVE-2018-6240 affects NVIDIA Tegra BootRom. A local attacker with kernel privileges can write an arbitrary value to an arbitrary physical address, enabling escalation of privileges. Connected NVIDIA advisories confirm this vulnerability and map fixes to specific Jetson/Linux-for-Tegra releases: T...
jenkins: Arbitrary file write vulnerability using file parameter definitions (SECURITY-1424)
A path traversal vulnerability in Jenkins 2.185 and earlier, LTS 2.176.1 and earlier in core/src/main/java/hudson/model/FileParameterValue.java allowed attackers with Job/Configure permission to define a file parameter with a file name outside the intended directory, resulting in an arbitrary fil...
CVE-2018-15738
An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains an Arbitrary Write vulnerability due to not validating the output buffer address value from IOCtl 0x8000205F...
CVE-2018-15738
An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains an Arbitrary Write vulnerability due to not validating the output buffer address value from IOCtl 0x8000205F...
Design/Logic Flaw
An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains an Arbitrary Write vulnerability due to not validating the output buffer address value from IOCtl 0x8000205F...
CVE-2018-15738
An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains an Arbitrary Write vulnerability due to not validating the output buffer address value from IOCtl 0x8000205F...
CVE-2018-15738
The CVE-2018-15738 entry affects STOPzilla AntiMalware 6.5.2.59. The vulnerability is an Arbitrary Write in the driver szkg64.sys caused by failing to validate the output buffer address from IOCTL 0x8000205F. The connected records corroborate this description but do not provide explicit exploit d...
STOPzilla AntiMalware Arbitrary Write Vulnerability
STOPzilla AntiMalware is a set of antivirus software from the American company STOPzilla that is mainly used for malware detection and killing. A security vulnerability exists in the szkg64.sys driver file in STOPzilla AntiMalware version 6.5.2.59. The vulnerability originates from a networked...
STOPzilla AntiMalware Arbitrary Write Vulnerability (CNVD-2019-40577)
STOPzilla AntiMalware is a malware removal software. An arbitrary write vulnerability exists in the driver file szkg64.sys in STOPzilla AntiMalware 6.5.2.59. The vulnerability stems from an unverified output buffer address value starting at IOCtl 0x8000206B. An attacker can exploit this...
STOPzilla AntiMalware Arbitrary Write Vulnerability
STOPzilla AntiMalware is a malware removal software. An arbitrary write vulnerability exists in the driver file szkg64.sys in STOPzilla AntiMalware 6.5.2.59. The vulnerability stems from an unverified output buffer address value starting at IOCtl 0x80002063. An attacker can exploit this...
CVE-2018-15734
An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains an Arbitrary Write vulnerability due to not validating the output buffer address value from IOCtl 0x8000206B...
CVE-2018-15735
An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains an Arbitrary Write vulnerability due to not validating the output buffer address value from IOCtl 0x8000206F...
CVE-2018-15732
An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains an Arbitrary Write vulnerability due to not validating the output buffer address value from IOCtl 0x80002063...
CVE-2018-15734
An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains an Arbitrary Write vulnerability due to not validating the output buffer address value from IOCtl 0x8000206B...
CVE-2018-15735
An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains an Arbitrary Write vulnerability due to not validating the output buffer address value from IOCtl 0x8000206F...
CVE-2018-15732
An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains an Arbitrary Write vulnerability due to not validating the output buffer address value from IOCtl 0x80002063...
Design/Logic Flaw
An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains an Arbitrary Write vulnerability due to not validating the output buffer address value from IOCtl 0x8000206B...
Design/Logic Flaw
An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains an Arbitrary Write vulnerability due to not validating the output buffer address value from IOCtl 0x80002063...
Design/Logic Flaw
An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains an Arbitrary Write vulnerability due to not validating the output buffer address value from IOCtl 0x8000206F...