Lucene search
K

1777 matches found

Zero Day Initiative
Zero Day Initiative
added 2017/05/11 12:0 a.m.20 views

Avast Free Antivirus aswSnx Kernel Driver Untrusted Pointer Dereference Privilege Escalation Vulnerability

This vulnerability allows attackers to elevate their privileges on vulnerable installations of Avast Free Antivirus. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of the 0x82ac0170 IOCTL by the aswSnx driver in the kernel. An address pass...

7.2CVSS3.6AI score
Exploits0
VulnCheck KEV
VulnCheck KEV
added 2017/05/09 12:0 a.m.5 views

VulnCheck KEV: CVE-2017-0263

Microsoft Win32k contains a privilege escalation vulnerability due to the Windows kernel-mode driver failing to properly handle objects in memory...

7.8CVSS7.3AI score0.10034EPSS
Exploits4References1
RedHat Linux
RedHat Linux
added 2017/04/18 9:49 a.m.8 views

kernel: Race condition access to n_hdlc.tbuf causes double free in n_hdlc_release()

A race condition flaw was found in the NHLDC Linux kernel driver when accessing nhdlc.tbuf list that can lead to double free. A local, unprivileged user able to set the HDLC line discipline on the tty device could use this flaw to increase their privileges on the system...

7CVSS6.6AI score0.01021EPSS
Exploits2References6
OSV
OSV
added 2017/04/12 2:59 p.m.2 views

CVE-2017-0189

An elevation of privilege vulnerability exists in Windows 10 when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode, aka "Win32k Elevation of Privilege Vulnerability." This C...

7.8CVSS7.4AI score0.0205EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2017/04/12 10:51 a.m.89 views

Important: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise MRG 2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

7.8CVSS6.9AI score0.0596EPSS
Exploits21References7
RedHat Linux
RedHat Linux
added 2017/04/11 11:46 a.m.12 views

kernel: Race condition access to n_hdlc.tbuf causes double free in n_hdlc_release()

A race condition flaw was found in the NHLDC Linux kernel driver when accessing nhdlc.tbuf list that can lead to double free. A local, unprivileged user able to set the HDLC line discipline on the tty device could use this flaw to increase their privileges on the system...

7CVSS6.6AI score0.01021EPSS
Exploits2References6
BDU FSTEC
BDU FSTEC
added 2017/04/06 12:0 a.m.8 views

The vulnerability of the Windows operating system, which allows a hacker to increase their privileges

The vulnerability of kernel-level drivers in the Windows operating system is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor, operating locally, to enhance their privileges through a specially crafted application...

7.2CVSS7.2AI score0.01835EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2017/04/06 12:0 a.m.8 views

The vulnerability of the Windows operating system, which allows a hacker to increase their privileges

The vulnerability of kernel-level drivers in the Windows operating system is related to deficiencies in access control. Exploiting this vulnerability allows a local attacker to enhance their privileges through a specially created application...

7.2CVSS7.2AI score0.02388EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2017/04/04 12:0 a.m.47 views

SUSE SLES11 Security Update : kernel (SUSE-SU-2017:0912-1)

The SUSE Linux Enterprise 11 SP4 kernel was updated to fix the following security bug : - CVE-2017-2636: A race condition in the nhdlc tty Linux kernel driver drivers/tty/nhdlc.c could have been exploited to gain a local privilege escalation bnc1027565 Note that Tenable Network Security has...

7CVSS6.8AI score0.01021EPSS
Exploits2References4
Prion
Prion
added 2017/03/16 9:59 p.m.15 views

Integer overflow

Integer overflow in the cswinkernelmalloc function in winkernelmm.c in Capstone 3.0.4 and earlier allows attackers to cause a denial of service heap-based buffer overflow in a kernel driver or possibly have unspecified other impact via a large value...

7.5CVSS9AI score0.01245EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2017/03/16 9:59 p.m.3 views

PYSEC-2017-113

Integer overflow in the cswinkernelmalloc function in winkernelmm.c in Capstone 3.0.4 and earlier allows attackers to cause a denial of service heap-based buffer overflow in a kernel driver or possibly have unspecified other impact via a large value...

8.8CVSS9.1AI score0.01245EPSS
Exploits0References3
NVD
NVD
added 2017/03/16 9:59 p.m.14 views

CVE-2017-6952

Integer overflow in the cswinkernelmalloc function in winkernelmm.c in Capstone 3.0.4 and earlier allows attackers to cause a denial of service heap-based buffer overflow in a kernel driver or possibly have unspecified other impact via a large value...

8.8CVSS9.1AI score0.01245EPSS
Exploits0References2
OSV
OSV
added 2017/03/16 9:59 p.m.14 views

CVE-2017-6952

Integer overflow in the cswinkernelmalloc function in winkernelmm.c in Capstone 3.0.4 and earlier allows attackers to cause a denial of service heap-based buffer overflow in a kernel driver or possibly have unspecified other impact via a large value...

8.8CVSS7.7AI score
Exploits0References2
Cvelist
Cvelist
added 2017/03/16 9:0 p.m.15 views

CVE-2017-6952

Integer overflow in the cswinkernelmalloc function in winkernelmm.c in Capstone 3.0.4 and earlier allows attackers to cause a denial of service heap-based buffer overflow in a kernel driver or possibly have unspecified other impact via a large value...

9.1AI score0.01245EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2017/03/16 9:0 p.m.47 views

CVE-2017-6952

Integer overflow in the cswinkernelmalloc function in winkernelmm.c in Capstone 3.0.4 and earlier allows attackers to cause a denial of service heap-based buffer overflow in a kernel driver or possibly have unspecified other impact via a large value...

8.8CVSS9.1AI score0.01245EPSS
Exploits0
Xen Project
Xen Project
added 2017/03/14 12:0 p.m.102 views

Cirrus VGA Heap overflow via display refresh

ISSUE DESCRIPTION When a graphics update command gets passed to the VGA emulator, there are 3 possible modes that can be used to update the display: blank - Clears the display text - Treats the display as showing text graph - Treats the display as showing graphics After the display geometry gets...

9.9CVSS7.6AI score0.04448EPSS
Exploits0Affected Software1
ArchLinux
ArchLinux
added 2017/03/14 12:0 a.m.37 views

[ASA-201703-8] linux: privilege escalation

Arch Linux Security Advisory ASA-201703-8 ========================================= Severity: High Date : 2017-03-14 CVE-ID : CVE-2017-2636 Package : linux Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-192 Summary ======= The package linux before version 4.10.2...

7CVSS0.6AI score0.01021EPSS
Exploits2References5
seebug.org
seebug.org
added 2017/03/09 12:0 a.m.187 views

Linux kernel local privilege escalation flaw in n_hdlc(CVE-2017-2636)

This article discloses the exploitation of CVE-2017-2636, which is a race condition in the nhdlc Linux kernel driver drivers/tty/nhdlc.c. The described exploit gains root privileges bypassing Supervisor Mode Execution Protection SMEP. This driver provides HDLC serial line discipline and comes as ...

7.2CVSS7.6AI score0.03723EPSS
Exploits11
OSV
OSV
added 2017/03/08 1:59 a.m.5 views

CVE-2017-0520

An elevation of privilege vulnerability in the Qualcomm crypto engine driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions:...

7CVSS7.5AI score0.01486EPSS
Exploits0References5
CNVD
CNVD
added 2017/02/09 12:0 a.m.5 views

Multiple Cisco Products Cisco TelePresence Software Input Validation Vulnerability

Cisco TelePresence Software is the United States Cisco Cisco company's set of video conferencing solutions known as & ldquo; telepresence & rdquo; system. The program provides audio, video space and other components that can provide remote participants with a & ldquo; face-to-face & rdquo; virtua...

10CVSS6.7AI score0.06836EPSS
Exploits0References1
Rows per page
Query Builder