1777 matches found
Avast Free Antivirus aswSnx Kernel Driver Untrusted Pointer Dereference Privilege Escalation Vulnerability
This vulnerability allows attackers to elevate their privileges on vulnerable installations of Avast Free Antivirus. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of the 0x82ac0170 IOCTL by the aswSnx driver in the kernel. An address pass...
VulnCheck KEV: CVE-2017-0263
Microsoft Win32k contains a privilege escalation vulnerability due to the Windows kernel-mode driver failing to properly handle objects in memory...
kernel: Race condition access to n_hdlc.tbuf causes double free in n_hdlc_release()
A race condition flaw was found in the NHLDC Linux kernel driver when accessing nhdlc.tbuf list that can lead to double free. A local, unprivileged user able to set the HDLC line discipline on the tty device could use this flaw to increase their privileges on the system...
CVE-2017-0189
An elevation of privilege vulnerability exists in Windows 10 when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode, aka "Win32k Elevation of Privilege Vulnerability." This C...
Important: Red Hat Security Advisory: kernel-rt security and bug fix update
An update for kernel-rt is now available for Red Hat Enterprise MRG 2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
kernel: Race condition access to n_hdlc.tbuf causes double free in n_hdlc_release()
A race condition flaw was found in the NHLDC Linux kernel driver when accessing nhdlc.tbuf list that can lead to double free. A local, unprivileged user able to set the HDLC line discipline on the tty device could use this flaw to increase their privileges on the system...
The vulnerability of the Windows operating system, which allows a hacker to increase their privileges
The vulnerability of kernel-level drivers in the Windows operating system is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor, operating locally, to enhance their privileges through a specially crafted application...
The vulnerability of the Windows operating system, which allows a hacker to increase their privileges
The vulnerability of kernel-level drivers in the Windows operating system is related to deficiencies in access control. Exploiting this vulnerability allows a local attacker to enhance their privileges through a specially created application...
SUSE SLES11 Security Update : kernel (SUSE-SU-2017:0912-1)
The SUSE Linux Enterprise 11 SP4 kernel was updated to fix the following security bug : - CVE-2017-2636: A race condition in the nhdlc tty Linux kernel driver drivers/tty/nhdlc.c could have been exploited to gain a local privilege escalation bnc1027565 Note that Tenable Network Security has...
Integer overflow
Integer overflow in the cswinkernelmalloc function in winkernelmm.c in Capstone 3.0.4 and earlier allows attackers to cause a denial of service heap-based buffer overflow in a kernel driver or possibly have unspecified other impact via a large value...
PYSEC-2017-113
Integer overflow in the cswinkernelmalloc function in winkernelmm.c in Capstone 3.0.4 and earlier allows attackers to cause a denial of service heap-based buffer overflow in a kernel driver or possibly have unspecified other impact via a large value...
CVE-2017-6952
Integer overflow in the cswinkernelmalloc function in winkernelmm.c in Capstone 3.0.4 and earlier allows attackers to cause a denial of service heap-based buffer overflow in a kernel driver or possibly have unspecified other impact via a large value...
CVE-2017-6952
Integer overflow in the cswinkernelmalloc function in winkernelmm.c in Capstone 3.0.4 and earlier allows attackers to cause a denial of service heap-based buffer overflow in a kernel driver or possibly have unspecified other impact via a large value...
CVE-2017-6952
Integer overflow in the cswinkernelmalloc function in winkernelmm.c in Capstone 3.0.4 and earlier allows attackers to cause a denial of service heap-based buffer overflow in a kernel driver or possibly have unspecified other impact via a large value...
CVE-2017-6952
Integer overflow in the cswinkernelmalloc function in winkernelmm.c in Capstone 3.0.4 and earlier allows attackers to cause a denial of service heap-based buffer overflow in a kernel driver or possibly have unspecified other impact via a large value...
Cirrus VGA Heap overflow via display refresh
ISSUE DESCRIPTION When a graphics update command gets passed to the VGA emulator, there are 3 possible modes that can be used to update the display: blank - Clears the display text - Treats the display as showing text graph - Treats the display as showing graphics After the display geometry gets...
[ASA-201703-8] linux: privilege escalation
Arch Linux Security Advisory ASA-201703-8 ========================================= Severity: High Date : 2017-03-14 CVE-ID : CVE-2017-2636 Package : linux Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-192 Summary ======= The package linux before version 4.10.2...
Linux kernel local privilege escalation flaw in n_hdlc(CVE-2017-2636)
This article discloses the exploitation of CVE-2017-2636, which is a race condition in the nhdlc Linux kernel driver drivers/tty/nhdlc.c. The described exploit gains root privileges bypassing Supervisor Mode Execution Protection SMEP. This driver provides HDLC serial line discipline and comes as ...
CVE-2017-0520
An elevation of privilege vulnerability in the Qualcomm crypto engine driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions:...
Multiple Cisco Products Cisco TelePresence Software Input Validation Vulnerability
Cisco TelePresence Software is the United States Cisco Cisco company's set of video conferencing solutions known as & ldquo; telepresence & rdquo; system. The program provides audio, video space and other components that can provide remote participants with a & ldquo; face-to-face & rdquo; virtua...