147 matches found
NVIDIA Windows Privilege Delegation Escalation
Lenovo Security Advisory: LEN-2015-008 Potential Impact: Escalation of Privilege Severity: Medium Summary: The NVIDIA Display Driver’s kernel administrator check improperly validates local client impersonation levels in some cases. Description: This vulnerability can only be exploited by a user...
Apple OS X El Capitan CoreStorage Arbitrary Code Execution Vulnerability
Apple OS X El Capitan is an operating system on Apple devices. A security vulnerability in Apple OS X El CoreStorage allows attackers to exploit the vulnerability to execute arbitrary code with kernel privileges...
ASUS Memory Mapping Driver (ASMMAP/ASMMAP64) - Physical Memory Read/Write
Exploit for windows platform in category dos / poc / Source: http://rol.im/asux/ ASUS Memory Mapping Driver ASMMAP/ASMMAP64: Physical Memory Read/Write PoC by slipstream/RoL - https://twitter.com/TheWack0lian - http://rol.im/chat/ The ASUS "Generic Function Service" includes a couple of drivers,...
Apple OS X Bluetooth Component Memory Corruption Vulnerability
Apple OS X is a specialized operating system developed by Apple for Mac computers.Bluetooth is one of the Bluetooth components. A security vulnerability exists in the Bluetooth component of Apple OS X versions prior to 10.11.4. The vulnerability can be exploited by an attacker with a specially...
Android Widevine Trusted Application Information Disclosure Vulnerability
Android is a Linux-based open source operating system developed by Google and the Open Handheld Alliance OHA, and the Widevine Trusted Application is one of the components used to validate the Google DRM platform. A security vulnerability exists in Widevine Trusted Application in version 6.0.1 of...
CVE-2016-0825
The Widevine Trusted Application in Android 6.0.1 before 2016-03-01 allows attackers to obtain sensitive TrustZone secure-storage information by leveraging kernel access, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 20860039...
CVE-2016-0825
The Widevine Trusted Application in Android 6.0.1 before 2016-03-01 allows attackers to obtain sensitive TrustZone secure-storage information by leveraging kernel access, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 20860039...
Design/Logic Flaw
The Widevine Trusted Application in Android 6.0.1 before 2016-03-01 allows attackers to obtain sensitive TrustZone secure-storage information by leveraging kernel access, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 20860039...
CVE-2016-0825
The Widevine Trusted Application in Android 6.0.1 before 2016-03-01 allows attackers to obtain sensitive TrustZone secure-storage information by leveraging kernel access, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 20860039...
UBUNTU-CVE-2016-0825
The Widevine Trusted Application in Android 6.0.1 before 2016-03-01 allows attackers to obtain sensitive TrustZone secure-storage information by leveraging kernel access, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 20860039...
CVE-2016-0825
The CVE-2016-0825 issue concerns the Widevine Trusted Application on Android 6.0.1 before 2016-03-01. According to the sources, an attacker with kernel access could disclose TrustZone secure-storage information, demonstrated by obtaining Signature or SignatureOrSystem permissions. The vulnerabili...
CVE-2016-0825
The Widevine Trusted Application in Android 6.0.1 before 2016-03-01 allows attackers to obtain sensitive TrustZone secure-storage information by leveraging kernel access, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 20860039...
Caution Urged over Patched Windows USB Driver Flaw
USB-related vulnerabilities make people nervous; you need look no further than Stuxnet and BadUSB to see the dangers associated with infected portable storage devices and peripherals. Yesterday, Microsoft patched a flaw in the Windows USB Mass Storage Class Driver that could put some people on...
The vulnerability of the Android operating system allows a perpetrator to obtain confidential information and bypass security mechanisms.
The vulnerability of the Android operating system’s kernel is related to deficiencies in access control for certain functions. Exploiting this vulnerability can allow a malicious actor, operating remotely, to obtain confidential information or bypass security mechanisms...
Apple iO Disk Image Processing Information Disclosure Vulnerability
Apple iOS is the latest operating system that runs on Apple's iPhone and iPod touch devices. Apple iOS suffers from a security vulnerability in the handling of disk files that allows attackers to build malicious applications and gain access to the kernel layout...
Windows XP Zero Day Tied To Reader Flaw, Exploited in Wild
If your organization needed more incentive to move off Windows XP, a new zero-day vulnerability made public recently may be it. The bug, which is being exploited in the wild, allows local privilege escalation and kernel access. But in the bigger picture, it’s another indicator that attackers migh...
PT-2013-4224 · Microsoft · Windows Xp +8
Name of the Vulnerable Software and Affected Versions: Microsoft Windows XP versions SP2 through SP3 Microsoft Windows Server 2003 version SP2 Microsoft Windows Vista version SP2 Microsoft Windows Server 2008 versions SP2 through R2 SP1 Microsoft Windows 7 version SP1 Microsoft Windows 8 Microsof...
kernel: sysctl: restrict write access to dmesg_restrict
The sysrqsysctlhandler function in kernel/sysctl.c in the Linux kernel before 2.6.39 does not require the CAPSYSADMIN capability to modify the dmesgrestrict value, which allows local users to bypass intended access restrictions and read the kernel ring buffer by leveraging root privileges, as...
Information disclosure by setuid mount.cifs
Description The mount.cifs program allows a user to pass in the name of a credentials file or a file containing a password via several different means. When installed as a setuid program, it does not check to see whether the user would have had access to this file prior to gaining root privileges...
CVE-2002-2016
User-mode Linux UML 2.4.17-8 does not restrict access to kernel address space, which allows local users to execute arbitrary code...