Lucene search
K

206 matches found

Zero Day Initiative
Zero Day Initiative
added 2021/03/12 12:0 a.m.42 views

Google Android fts_driver_test_write Heap-based Buffer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on affected installations of Google Android. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

7.8CVSS5.8AI score0.00217EPSS
Exploits0References1
NCSC
NCSC
added 2021/03/10 12:0 a.m.4 views

Vulnerabilities fixed in Oracle Enterprise Linux

Oracle has fixed vulnerabilities in Oracle Enterprise Linux. The vulnerabilities allow a local, authenticated malicious agent to able to perform attacks that result in the following categories of damage: Denial-of-Service DoS Code execution at the kernel level Increased user privileges -= Oracle ...

7.8CVSS8.3AI score0.01377EPSS
Exploits1
Zero Day Initiative
Zero Day Initiative
added 2021/03/09 12:0 a.m.57 views

Google Android fts_driver_test_write Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Google Android. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

5.5CVSS3.1AI score0.00124EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2021/02/24 12:0 a.m.37 views

Apple macOS process_token_BindQueryBufferMultiple Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AppleIntelKBLGraphic...

7.8CVSS4.2AI score0.01143EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2021/02/24 12:0 a.m.33 views

Apple macOS process_token_BindQueryStoreRegisterToMemoryList Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AppleIntelKBLGraphic...

7.8CVSS4AI score0.00902EPSS
Exploits0References1
OSV
OSV
added 2020/12/08 9:15 p.m.2 views

CVE-2020-27904

A logic issue existed resulting in memory corruption. This was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1. An application may be able to execute arbitrary code with kernel privileges...

7.8CVSS7.3AI score0.03142EPSS
Exploits1References4
CNVD
CNVD
added 2020/11/02 12:0 a.m.4 views

Memory Initialization Vulnerability in Multiple Apple Products

Apple iOS is an operating system developed for mobile devices. apple tvOS is an operating system for Smart TVs. A security vulnerability exists in Apple iOS before 13.6, iPadOS before 13.6, tvOS before 13.4.8, watchOS before 6.2.8 and macOS Catalina before 10.15.6. The vulnerability can be...

9.3CVSS7.3AI score0.0131EPSS
Exploits0References1
OSV
OSV
added 2020/10/22 7:15 p.m.3 views

CVE-2020-9927

A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.6. An application may be able to execute arbitrary code with kernel privileges...

7.8CVSS6AI score0.00354EPSS
Exploits0References1
OSV
OSV
added 2020/10/16 5:15 p.m.4 views

CVE-2020-9799

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.6. A malicious application may be able to execute arbitrary code with kernel privileges...

7.8CVSS7.3AI score0.01232EPSS
Exploits0References1
NVD
NVD
added 2020/08/25 9:15 p.m.32 views

CVE-2020-17402

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.4 47270. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...

6.5CVSS6.3AI score0.00475EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/08/25 8:20 p.m.31 views

CVE-2020-17396

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

8.8CVSS8.8AI score0.00533EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2020/08/13 12:0 a.m.27 views

Microsoft Windows PFB Font File Heap-based Buffer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the parsing of...

7.8CVSS5.2AI score0.00901EPSS
Exploits0References1
CNVD
CNVD
added 2020/08/10 12:0 a.m.3 views

FreeBSD competitive conditions loophole (CNVD-2020-47966)

FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. A Competitive Condition Issue vulnerability exists in the handling of parameters in FreeBSD. An attacker could exploit this vulnerability to elevate privileges and execute code in the context of the kernel...

7CVSS7.2AI score0.00721EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2020/08/06 12:0 a.m.40 views

FreeBSD Kernel sendmsg System Call Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of FreeBSD Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

8.8CVSS3.6AI score0.00721EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/07/24 12:0 a.m.4 views

PT-2020-6679 · Apple · Ios +2

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 13.6 iPadOS versions prior to 13.6 tvOS versions prior to 13.4.8 Description: The issue is related to a memory corruption problem in the AVEVideoEncoder component, which can lead to a buffer overflow. This can potentiall...

9.3CVSS7.8AI score0.03899EPSS
Exploits0References9
Zero Day Initiative
Zero Day Initiative
added 2020/07/16 12:0 a.m.55 views

Microsoft Windows PFB Font File Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the parsing of...

7.8CVSS5AI score0.21367EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/06/09 12:0 a.m.4 views

PT-2020-20789 · Apple · Ios +2

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 13.5 iPadOS versions prior to 13.5 macOS Catalina versions prior to 10.15.5 Description: A memory corruption issue was addressed with improved state management, allowing an application to potentially execute arbitrary co...

9.3CVSS7.7AI score0.01033EPSS
Exploits0References2
OSV
OSV
added 2020/05/11 11:15 p.m.6 views

CVE-2020-10067

A malicious userspace application can cause a integer overflow and bypass security checks performed by system call handlers. The impact would depend on the underlying system call and can range from denial of service to information leak to memory corruption resulting in code execution within the...

7.8CVSS7.5AI score0.00446EPSS
Exploits0References5
OSV
OSV
added 2020/04/29 12:15 a.m.10 views

CVE-2020-7452

In FreeBSD 12.1-STABLE before r357490, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r357489, and 11.3-RELEASE before 11.3-RELEASE-p7, incorrect use of a user-controlled pointer in the epair virtual network module allowed vnet jailed privileged users to panic the host system and...

9.1CVSS7.4AI score0.01834EPSS
Exploits0References1
OSV
OSV
added 2020/03/23 6:15 p.m.4 views

CVE-2020-8876

This vulnerability allows local attackers to disclose information on affected installations of Parallels Desktop 15.1.2-47123. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

5.5CVSS6.1AI score0.00507EPSS
Exploits0References1
Rows per page
Query Builder