Google Android 资源管理错误漏洞

Google Android is a Linux-based open source operating system of the Google Open Handheld Consortium Google. Google Android suffers from an elevation of privilege vulnerability. The vulnerability stems from a memory corruption in the memory management driver due to reuse after release. An attacker...

Google Android 缓冲区错误漏洞

Google Android is a Linux-based open source operating system from the Google Open Handheld Alliance Google. Google Android suffers from an elevation of privilege vulnerability. The vulnerability is caused due to an out-of-bounds write in the memory management driver due to a lack of boundary...

Google Android 安全漏洞

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. An elevation of privilege vulnerability exists in the Framework component of Google Android version 11, which can be exploited by an attacker to cause a local...

Google Android 安全漏洞

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. An elevation of privilege vulnerability exists in the System component of Google Android versions 8.1, 9, 10, and 11, which can be exploited by an attacker to cause...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from the Google Open Handheld Consortium Google. An elevation of privilege vulnerability exists in Google Android EmergencyCallbackModeExitDialog.java. An attacker can exploit this vulnerability to cause a local elevation of privilege...

CVE-2019-25034

Unbound before 1.9.5 allows an integer overflow in sldnsstr2wirednamebuforigin, leading to an out-of-bounds write. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited...

UBUNTU-CVE-2019-25036

Unbound before 1.9.5 allows an assertion failure and denial of service in synthcname. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited...

UBUNTU-CVE-2021-21147

Inappropriate implementation in Skia in Google Chrome prior to 88.0.4324.146 allowed a local attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...

DEBIAN-CVE-2021-26826

A stack overflow issue exists in Godot Engine up to v3.2 and is caused by improper boundary checks when loading .TGA image files. Depending on the context of the application, attack vector can be local or remote, and can lead to code execution and/or system crash...

Type confusion

In RT regmap driver, there is a possible memory corruption due to type confusion. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch ID: ALPS05453809...

Google Android 代码问题漏洞

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. An elevation of privilege vulnerability exists in the Framework component of Google Android 8.1, 9, and 10. An attacker could exploit this vulnerability to cause a...

Boxoft Convert Master 1.3.0 - (wav) SEH Local Exploit

Exploit Title: Boxoft Convert Master 1.3.0 - 'wav' SEH Local Exploit Vendor Homepage: http://www.boxoft.com/ Software Link: http://www.boxoft.com/convert-master/setupboxoft-conver=t-master.exe Exploit Author: Achilles Tested Version: 1.3.0 Tested on: Windows 7 x64 1.- Run python code...

Boxoft Convert Master 1.3.0 - 'wav' SEH Local Exploit

Exploit Title: Boxoft Convert Master 1.3.0 - 'wav' SEH Local Exploit Date: 17.09.2020 Vendor Homepage: http://www.boxoft.com/ Software Link: http://www.boxoft.com/convert-master/setupboxoft-conver=t-master.exe Exploit Author: Achilles Tested Version: 1.3.0 Tested on: Windows 7 x64 1.- Run python...

kernel: referencing inode of removed superblock in get_futex_key() causes UAF

A flaw was found in the Linux kernel’s futex implementation. This flaw allows a local attacker to corrupt system memory or escalate their privileges when creating a futex on a filesystem that is about to be unmounted. The highest threat from this vulnerability is to confidentiality, integrity, as...

ASB-A-159060474

In updateNotification of BeamTransferManager.java, there is a possible permission bypass due to a PendingIntent error. This could lead to local non-security issue with User execution privileges needed. User interaction is not needed for exploitation...

Google Android Resource Management Error Vulnerability (CNVD-2020-59732)

Android is a Linux-based open source operating system from Google and the Open Handheld Alliance OHA. Android Pixel suffers from a security vulnerability that stems from a memory error caused by the Catpipe library. An attacker can exploit the vulnerability to perform privilege escalation locally...

Blueman Injection Vulnerability

Blueman is a graphical Bluetooth management tool for the GNOME desktop environment from the Blueman team. The main functions are: sending files, browsing files on the device, viewing information about local or remote devices, configuring local devices, managing bindings, binding services, etc...

Guild Wars 2 - Insecure Folder Permissions

Exploit Title: Guild Wars 2 - Insecure Folder Permissions Date: 2020-10-09 Exploit Author: George Tsimpidas Software Link : https://account.arena.net/welcome Version Build : 106915 Tested on: Microsoft Windows 10 Home 10.0.18362 N/A Build 18362 Category: local Vulnerability Description: Guild War...

UBUNTU-CVE-2020-26880

Sympa through 6.2.57b.2 allows a local privilege escalation from the sympa user account to full root access by modifying the sympa.conf configuration file which is owned by sympa and parsing it through the setuid sympanewaliases-wrapper executable...

kernel: possible to send arbitrary signals to a privileged (suidroot) parent process

A flaw was found in the Linux kernel loose validation of child/parent process identification handling while filtering signal handlers. A local attacker is able to abuse this flaw to bypass checks to send any signal to a privileged process...