Lucene search
+L

147 matches found

Lenovo
Lenovo
added 2016/06/27 12:0 a.m.50 views

NVIDIA Windows Privilege Delegation Escalation

Lenovo Security Advisory: LEN-2015-008 Potential Impact: Escalation of Privilege Severity: Medium Summary: The NVIDIA Display Driver’s kernel administrator check improperly validates local client impersonation levels in some cases. Description: This vulnerability can only be exploited by a user...

7.2CVSS6.1AI score0.0039EPSS
Exploits0
CNVD
CNVD
added 2016/05/22 12:0 a.m.7 views

Apple OS X El Capitan CoreStorage Arbitrary Code Execution Vulnerability

Apple OS X El Capitan is an operating system on Apple devices. A security vulnerability in Apple OS X El CoreStorage allows attackers to exploit the vulnerability to execute arbitrary code with kernel privileges...

9.3CVSS7.6AI score0.01288EPSS
Exploits0References1
0day.today
0day.today
added 2016/05/09 12:0 a.m.49 views

ASUS Memory Mapping Driver (ASMMAP/ASMMAP64) - Physical Memory Read/Write

Exploit for windows platform in category dos / poc / Source: http://rol.im/asux/ ASUS Memory Mapping Driver ASMMAP/ASMMAP64: Physical Memory Read/Write PoC by slipstream/RoL - https://twitter.com/TheWack0lian - http://rol.im/chat/ The ASUS "Generic Function Service" includes a couple of drivers,...

7AI score
Exploits0
CNVD
CNVD
added 2016/03/24 12:0 a.m.5 views

Apple OS X Bluetooth Component Memory Corruption Vulnerability

Apple OS X is a specialized operating system developed by Apple for Mac computers.Bluetooth is one of the Bluetooth components. A security vulnerability exists in the Bluetooth component of Apple OS X versions prior to 10.11.4. The vulnerability can be exploited by an attacker with a specially...

9.3CVSS7.5AI score0.01288EPSS
Exploits0References1
CNVD
CNVD
added 2016/03/14 12:0 a.m.4 views

Android Widevine Trusted Application Information Disclosure Vulnerability

Android is a Linux-based open source operating system developed by Google and the Open Handheld Alliance OHA, and the Widevine Trusted Application is one of the components used to validate the Google DRM platform. A security vulnerability exists in Widevine Trusted Application in version 6.0.1 of...

5.3CVSS6.3AI score0.00486EPSS
Exploits0References1
NVD
NVD
added 2016/03/12 9:59 p.m.22 views

CVE-2016-0825

The Widevine Trusted Application in Android 6.0.1 before 2016-03-01 allows attackers to obtain sensitive TrustZone secure-storage information by leveraging kernel access, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 20860039...

5.3CVSS4.9AI score0.00486EPSS
Exploits0References2
OSV
OSV
added 2016/03/12 9:59 p.m.3 views

CVE-2016-0825

The Widevine Trusted Application in Android 6.0.1 before 2016-03-01 allows attackers to obtain sensitive TrustZone secure-storage information by leveraging kernel access, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 20860039...

5.3CVSS5.8AI score0.00486EPSS
Exploits0References2
Prion
Prion
added 2016/03/12 9:59 p.m.15 views

Design/Logic Flaw

The Widevine Trusted Application in Android 6.0.1 before 2016-03-01 allows attackers to obtain sensitive TrustZone secure-storage information by leveraging kernel access, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 20860039...

5CVSS6.5AI score0.00486EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2016/03/12 9:59 p.m.26 views

CVE-2016-0825

The Widevine Trusted Application in Android 6.0.1 before 2016-03-01 allows attackers to obtain sensitive TrustZone secure-storage information by leveraging kernel access, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 20860039...

5.3CVSS6.5AI score0.00486EPSS
Exploits0References2
OSV
OSV
added 2016/03/12 9:59 p.m.4 views

UBUNTU-CVE-2016-0825

The Widevine Trusted Application in Android 6.0.1 before 2016-03-01 allows attackers to obtain sensitive TrustZone secure-storage information by leveraging kernel access, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 20860039...

5.3CVSS7.3AI score0.00486EPSS
Exploits0References3
CVE
CVE
added 2016/03/12 9:0 p.m.73 views

CVE-2016-0825

The CVE-2016-0825 issue concerns the Widevine Trusted Application on Android 6.0.1 before 2016-03-01. According to the sources, an attacker with kernel access could disclose TrustZone secure-storage information, demonstrated by obtaining Signature or SignatureOrSystem permissions. The vulnerabili...

5.3CVSS5.4AI score0.00486EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2016/03/12 9:0 p.m.22 views

CVE-2016-0825

The Widevine Trusted Application in Android 6.0.1 before 2016-03-01 allows attackers to obtain sensitive TrustZone secure-storage information by leveraging kernel access, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 20860039...

5.2AI score0.00486EPSS
Exploits0References2
ThreatPost
ThreatPost
added 2016/03/09 2:7 p.m.40 views

Caution Urged over Patched Windows USB Driver Flaw

USB-related vulnerabilities make people nervous; you need look no further than Stuxnet and BadUSB to see the dangers associated with infected portable storage devices and peripherals. Yesterday, Microsoft patched a flaw in the Windows USB Mass Storage Class Driver that could put some people on...

9.3CVSS0.1AI score0.99945EPSS
Exploits33References6
BDU FSTEC
BDU FSTEC
added 2016/01/19 12:0 a.m.7 views

The vulnerability of the Android operating system allows a perpetrator to obtain confidential information and bypass security mechanisms.

The vulnerability of the Android operating system’s kernel is related to deficiencies in access control for certain functions. Exploiting this vulnerability can allow a malicious actor, operating remotely, to obtain confidential information or bypass security mechanisms...

7.8CVSS7.8AI score0.00715EPSS
Exploits0References2
CNVD
CNVD
added 2015/07/07 12:0 a.m.5 views

Apple iO Disk Image Processing Information Disclosure Vulnerability

Apple iOS is the latest operating system that runs on Apple's iPhone and iPod touch devices. Apple iOS suffers from a security vulnerability in the handling of disk files that allows attackers to build malicious applications and gain access to the kernel layout...

4.3CVSS6.6AI score0.01449EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2013/12/02 10:43 a.m.13 views

Windows XP Zero Day Tied To Reader Flaw, Exploited in Wild

If your organization needed more incentive to move off Windows XP, a new zero-day vulnerability made public recently may be it. The bug, which is being exploited in the wild, allows local privilege escalation and kernel access. But in the bigger picture, it’s another indicator that attackers migh...

0.6AI score
Exploits0References6
Positive Technologies
Positive Technologies
added 2013/10/09 12:0 a.m.7 views

PT-2013-4224 · Microsoft · Windows Xp +8

Name of the Vulnerable Software and Affected Versions: Microsoft Windows XP versions SP2 through SP3 Microsoft Windows Server 2003 version SP2 Microsoft Windows Vista version SP2 Microsoft Windows Server 2008 versions SP2 through R2 SP1 Microsoft Windows 7 version SP1 Microsoft Windows 8 Microsof...

7.2CVSS7.2AI score0.05441EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2012/04/17 6:54 p.m.5 views

kernel: sysctl: restrict write access to dmesg_restrict

The sysrqsysctlhandler function in kernel/sysctl.c in the Linux kernel before 2.6.39 does not require the CAPSYSADMIN capability to modify the dmesgrestrict value, which allows local users to bypass intended access restrictions and read the kernel ring buffer by leveraging root privileges, as...

4CVSS5.9AI score0.00349EPSS
Exploits0References4
Samba
Samba
added 2009/10/01 12:0 a.m.82 views

Information disclosure by setuid mount.cifs

Description The mount.cifs program allows a user to pass in the name of a credentials file or a file containing a password via several different means. When installed as a setuid program, it does not check to see whether the user would have had access to this file prior to gaining root privileges...

1.9CVSS0.5AI score0.0052EPSS
Exploits1
Cvelist
Cvelist
added 2005/07/14 4:0 a.m.17 views

CVE-2002-2016

User-mode Linux UML 2.4.17-8 does not restrict access to kernel address space, which allows local users to execute arbitrary code...

6.9AI score0.01144EPSS
Exploits1References3
Rows per page
Query Builder