23 matches found
CVE-2026-40572
NovumOS is a custom 32-bit operating system written in Zig and x86 Assembly. In versions prior to 0.24, Syscall 15 MemoryMapRange allows Ring 3 user-mode processes to map arbitrary virtual address ranges into their address space without validating against forbidden regions, including critical...
CVE-2026-40572 NovumOS has Arbitrary Memory Mapping via Syscall 15 (MemoryMapRange)
NovumOS is a custom 32-bit operating system written in Zig and x86 Assembly. In versions prior to 0.24, Syscall 15 MemoryMapRange allows Ring 3 user-mode processes to map arbitrary virtual address ranges into their address space without validating against forbidden regions, including critical...
CVE-2026-40572 NovumOS has Arbitrary Memory Mapping via Syscall 15 (MemoryMapRange)
NovumOS is a custom 32-bit operating system written in Zig and x86 Assembly. In versions prior to 0.24, Syscall 15 MemoryMapRange allows Ring 3 user-mode processes to map arbitrary virtual address ranges into their address space without validating against forbidden regions, including critical...
CVE-2026-40572
NovumOS vulnerability CVE-2026-40572: In versions prior to 0.24, Syscall 15 (MemoryMapRange) lets Ring-3 user processes map arbitrary virtual ranges into their address space without validating against forbidden regions, including kernel structures (IDT, GDT, TSS, page tables). This can allow a lo...
PT-2026-33549
Name of the Vulnerable Software and Affected Versions NovumOS versions prior to 0.24 Description Syscall 15 'MemoryMapRange' allows Ring 3 user-mode processes to map arbitrary virtual address ranges into their address space without validating against forbidden regions. This includes critical kern...
CVE-2026-29923
The pstrip64.sys driver in EnTech Taiwan PowerStrip =3.90.736 allows local users to escalate privileges to SYSTEM via a crafted IOCTL request enabling unprivileged users to map arbitrary physical memory into their address space and modify critical kernel structures...
CVE-2026-29923
The pstrip64.sys driver in EnTech Taiwan PowerStrip =3.90.736 allows local users to escalate privileges to SYSTEM via a crafted IOCTL request enabling unprivileged users to map arbitrary physical memory into their address space and modify critical kernel structures...
CVE-2026-29923
The pstrip64.sys driver in EnTech Taiwan PowerStrip =3.90.736 allows local users to escalate privileges to SYSTEM via a crafted IOCTL request enabling unprivileged users to map arbitrary physical memory into their address space and modify critical kernel structures...
PT-2026-31701
Name of the Vulnerable Software and Affected Versions EnTech Taiwan PowerStrip versions up to and including 3.90.736 Description The pstrip64.sys driver in EnTech Taiwan PowerStrip allows local users to escalate privileges to SYSTEM via a crafted IOCTL request. This enables unprivileged users to...
CVE-2026-29923
The CVE relates to EnTech Taiwan PowerStrip ≤ 3.90.736 where the pstrip64.sys kernel driver exposes IOCTL 0x80002008 that, without proper checks, maps arbitrary physical memory into an unprivileged process via \Device\PhysicalMemory/ZwMapViewOfSection. This creates an unrestricted physical memory...
FreeBSD ktrace 安全漏洞
FreeBSD ktrace is a tool from the FreeBSD Foundation for tracing system calls. An information disclosure vulnerability exists in FreeBSD ktrace due to a flaw in the ktrace facility. An attacker can exploit the vulnerability to obtain the contents of kernel structure information...
Linux Kernel 2.6.34+ - CAP_SYS_ADMIN x86 & x64 Local Privilege Escalation Exploit (2)
No description provided by source. / Linux Kernel CAPSYSADMIN to Root Exploit 2 32 and 64-bit by Joe Sylve @jtsylve on twitter Released: Jan 7, 2011 Based on the bug found by Dan Rosenberg @djrbliss only loosly based on his exploit http://www.exploit-db.com/exploits/15916/ Usage: gcc -w...
APPLE-SA-2013-03-19-2 Apple TV 5.2.1
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-03-19-2 Apple TV 5.2.1 Apple TV 5.2.1 is now available and addresses the following: Apple TV Available for: Apple TV 2nd generation and later Impact: A local user may be able to execute unsigned code Description: A state management issue...
Linux Kernel 2.6.34 (Ubuntu 10.10 x86x64) - CAP_SYS_ADMIN Local Privilege Escalation (2)
Linux Kernel 2.6.34 Ubuntu 10.10 x86x64 - CAPSYSADMIN Local Privilege Escalation 2 / Linux Kernel CAPSYSADMIN to Root Exploit 2 32 and 64-bit by Joe Sylve @jtsylve on twitter Released: Jan 7, 2011 Based on the bug found by Dan Rosenberg @djrbliss only loosly based on his exploit...
Windows GDI Privilege Elevation
Added: 05/25/2009 CVE: CVE-2006-5758 BID: 20940 OSVDB: 30214 Background The Graphics Rendering Engine in Microsoft Windows 2000 and Windows XP maps GDI Kernel structures on a global shared memory section that is created with insecure permissions. Problem Users with local access can remap the shar...
Windows GDI Privilege Elevation
Added: 05/25/2009 CVE: CVE-2006-5758 BID: 20940 OSVDB: 30214 Background The Graphics Rendering Engine in Microsoft Windows 2000 and Windows XP maps GDI Kernel structures on a global shared memory section that is created with insecure permissions. Problem Users with local access can remap the shar...
Windows GDI Privilege Elevation
Added: 05/25/2009 CVE: CVE-2006-5758 BID: 20940 OSVDB: 30214 Background The Graphics Rendering Engine in Microsoft Windows 2000 and Windows XP maps GDI Kernel structures on a global shared memory section that is created with insecure permissions. Problem Users with local access can remap the shar...
CVE-2007-0686
The Intel 2200BG 802.11 Wireless Mini-PCI driver 9.0.3.9 w29n51.sys allows remote attackers to cause a denial of service system crash via crafted disassociation packets, which triggers memory corruption of "internal kernel structures," a different vulnerability than CVE-2006-6651. NOTE: this issu...
Memory corruption
The Intel 2200BG 802.11 Wireless Mini-PCI driver 9.0.3.9 w29n51.sys allows remote attackers to cause a denial of service system crash via crafted disassociation packets, which triggers memory corruption of "internal kernel structures," a different vulnerability than CVE-2006-6651. NOTE: this issu...
CVE-2007-0686
The CVE-2007-0686 entry concerns the Intel 2200BG wireless driver (W29N51.SYS) version 9.0.3.9. It describes a vulnerability where remote attackers can trigger memory corruption in internal kernel structures by sending crafted disassociation packets, causing a denial of service (system crash). Th...