Lucene search
K

101 matches found

Amazon
Amazon
added 2018/01/18 12:0 a.m.73 views

Important: kernel

Issue Overview: Race condition in rawsendmsg function allows denial-of-service or kernel addresses leak A flaw was found in the Linux kernel's implementation of rawsendmsg allowing a local attacker to panic the kernel or possibly leak kernel addresses. A local attacker, with the privilege of...

7.8CVSS6.8AI score0.01355EPSS
Exploits5
CNVD
CNVD
added 2017/11/20 12:0 a.m.2 views

Android NVIDIA Thermal Driver Information Disclosure Vulnerability

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA, of which NVIDIA Thermal driver is a temperature control component. An information disclosure vulnerability exists in the NVIDIA Thermal driver in Android, which stems from a lack ...

7.5CVSS6.3AI score0.00412EPSS
Exploits0References1
OSV
OSV
added 2016/12/29 9:59 a.m.6 views

CVE-2016-5328

VMware Tools 9.x and 10.x before 10.1.0 on OS X, when System Integrity Protection SIP is enabled, allows local users to determine kernel memory addresses and bypass the kASLR protection mechanism via unspecified vectors...

5.5CVSS5.8AI score0.00351EPSS
Exploits0References3
OSV
OSV
added 2016/12/29 9:59 a.m.5 views

CVE-2016-5329

VMware Fusion 8.x before 8.5 on OS X, when System Integrity Protection SIP is enabled, allows local users to determine kernel memory addresses and bypass the kASLR protection mechanism via unspecified vectors...

5.5CVSS5.8AI score0.00327EPSS
Exploits0References3
CNVD
CNVD
added 2016/10/27 12:0 a.m.9 views

VMware Tools Local Information Disclosure Vulnerability

VMware Tools is a set of enhancements that come with VMware's VMWare virtual machines. It is a set of drivers provided by VMware to enhance the performance of virtual graphics cards and hard drives, as well as to synchronize the clocks of the virtual machines with those of the host computer. A...

5.5CVSS6AI score0.00351EPSS
Exploits0References1
CNVD
CNVD
added 2016/10/27 12:0 a.m.5 views

VMware Fusion Local Information Disclosure Vulnerability

VMware Fusion allows Windows applications to run seamlessly on Intel-based Mac machines. A local information disclosure vulnerability exists in VMware Fusion. Since System Integrity Protection SIP is enabled by default on Mac OS X, a local attacker can exploit the vulnerability to obtain kernel...

5.5CVSS6.1AI score0.00327EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2016/08/31 12:0 a.m.5 views

Multiple vulnerabilities in the Kaspersky Total Security antivirus protection system allow attackers to obtain confidential information.

The multiple vulnerabilities of the KLDISK driver in the Kaspersky Total Security antivirus protection software are related to the lack of protection for operational data. Exploiting these vulnerabilities could allow an intruder, operating locally, to gain access to confidential information—such ...

4.6CVSS5.9AI score0.0067EPSS
Exploits2References2Affected Software1
OSV
OSV
added 2016/08/06 10:59 a.m.4 views

UBUNTU-CVE-2014-9878

drivers/mmc/card/mmcblocktest.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not reject kernel-space buffer addresses, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28769208 and Qualcomm internal bug CR547479...

7.8CVSS7.5AI score0.00454EPSS
Exploits0References4
securityvulns
securityvulns
added 2015/03/16 12:0 a.m.78 views

APPLE-SA-2015-03-09-3 Security Update 2015-002

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2015-03-09-3 Security Update 2015-002 Security Update 2015-002 is now available and addresses the following: iCloud Keychain Available for: OS X Yosemite v10.10.2 Impact: An attacker with a privileged network position may be able to execute...

10CVSS0.19633EPSS
Exploits1
CNVD
CNVD
added 2015/03/12 12:0 a.m.3 views

Microsoft windows kernel mode driver kernel information disclosure vulnerability (CNVD-2015-01618)

Microsoft Windows is a popular operating system. A security vulnerability exists in the Microsoft Windows kernel mode driver that allows an attacker to exploit the vulnerability to obtain kernel-sensitive address information, which can be used to conduct further attacks on the system...

2.1CVSS6.6AI score0.02379EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2015/01/28 10:6 a.m.13 views

Apple Patches Thunderstrike Bug in OSX, Fixes More Than 30 Flaws in iOS

Apple has released major security updates for both OS X and iOS that includes patches for a number of bugs that could lead to arbitrary code execution. The release of iOS 8.1.3 fixes a vulnerability that allowed an attacker to bypass the sandbox restrictions in Safari and the OS X update fixes a...

0.4AI score
Exploits0References4
NVD
NVD
added 2014/08/12 9:55 p.m.31 views

CVE-2014-4064

The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not properly handle use of the paged kernel pool for allocation of uninitialized memory, which allows...

4.9CVSS5.4AI score0.02445EPSS
Exploits0References3
exploitpack
exploitpack
added 2014/01/14 12:0 a.m.30 views

Linux Kernel (Ubuntu 11.1012.04) - binfmt_script Stack Data Disclosure

Linux Kernel Ubuntu 11.1012.04 - binfmtscript Stack Data Disclosure Source: http://www.halfdog.net/Security/2012/LinuxKernelBinfmtScriptStackDataDisclosure/ Introduction Problem description: Linux kernel binfmtscript handling in combination with CONFIGMODULES can lead to disclosure of kernel stac...

Exploits0
OpenVAS
OpenVAS
added 2011/07/18 12:0 a.m.46 views

Ubuntu: Security Advisory (USN-1159-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.4AI score0.04364EPSS
Exploits30References2
Prion
Prion
added 2009/11/30 9:30 p.m.23 views

Memory corruption

kl1.sys in Kaspersky Anti-Virus 2010 9.0.0.463, and possibly other versions before 9.0.0.736, does not properly validate input to IOCTL 0x0022c008, which allows local users to cause a denial of service system crash via IOCTL requests using crafted kernel addresses that trigger memory corruption,...

4.9CVSS6.8AI score0.00834EPSS
Exploits1References8Affected Software1
Cvelist
Cvelist
added 2009/11/30 9:0 p.m.28 views

CVE-2009-4114

kl1.sys in Kaspersky Anti-Virus 2010 9.0.0.463, and possibly other versions before 9.0.0.736, does not properly validate input to IOCTL 0x0022c008, which allows local users to cause a denial of service system crash via IOCTL requests using crafted kernel addresses that trigger memory corruption,...

6.2AI score0.00834EPSS
Exploits1References8
Prion
Prion
added 2009/10/01 5:0 p.m.14 views

Memory corruption

aavmKer4.sys in avast! Home and Professional for Windows before 4.8.1356 does not properly validate input to IOCTLs 1 0xb2d6000c and 2 0xb2d60034, which allows local users to gain privileges via IOCTL requests using crafted kernel addresses that trigger memory corruption, a different vulnerabilit...

6.9CVSS6.5AI score0.00781EPSS
Exploits8References4Affected Software2
securityvulns
securityvulns
added 2008/04/24 12:0 a.m.29 views

[W01-0408] Realtek HD Audio Codec Drivers (Vista) - Local Privilege Escalation

Wintercore Advisory Realtek HD Audio Codec Drivers Vista - Local Privilege Escalation :: Non-Technical Description Realtek HD Audio Codec Drivers are prone to a local privilege escalation due to insufficient validation of user-mode buffers. Successful exploitation grants SYSTEM privileges to...

2.2AI score
Exploits0
NVD
NVD
added 2008/01/09 10:46 p.m.29 views

CVE-2007-5762

NICM.SYS driver 3.0.0.4, as used in Novell NetWare Client 4.91 SP4, allows local users to execute arbitrary code by opening the \.\nicm device and providing crafted kernel addresses via IOCTLs with the METHODNEITHER buffering mode...

7.2CVSS7AI score0.0088EPSS
Exploits7References7
Cvelist
Cvelist
added 2008/01/09 10:0 p.m.35 views

CVE-2007-5762

NICM.SYS driver 3.0.0.4, as used in Novell NetWare Client 4.91 SP4, allows local users to execute arbitrary code by opening the \.\nicm device and providing crafted kernel addresses via IOCTLs with the METHODNEITHER buffering mode...

7AI score0.0088EPSS
Exploits7References7
Rows per page
Query Builder