CVE-2017-6459

The Windows installer for NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via vectors related to an argument with multiple null bytes...

Disk Sorter Enterprise 9.5.12 - Local Buffer Overflow

Disk Sorter Enterprise 9.5.12 - Local Buffer Overflow + Title: Disk Sorter Server v9.5.12 - Local Stack-based buffer overflow + Credits / Discovery: Nassim Asrir + Author Email: [email protected] || https://www.linkedin.com/in/nassim-asrir-b73a57122/ + Author Company: Henceforth + CVE: N/A Vendo...

EMC Replication Manager < 5.3 - Command Execution (Metasploit)

EMC Replication Manager 5.3 - Command Execution Metasploit. CVE-2011-0647. Local exploit for Windows platform...

kernel: Use after free in SCSI generic device interface (CVE-2016-9576 regression)

It was found that the fix for CVE-2016-9576 was incomplete: the Linux kernel's sg implementation did not properly restrict write operations in situations where the KERNELDS option is set. A local attacker to read or write to arbitrary kernel memory locations or cause a denial of service...

Netpbm Null Pointer Reference Local Denial of Service Vulnerability

netpbm is a tool for graphics conversion. Netpbm suffers from a local denial of service vulnerability. An attacker can exploit this vulnerability to cause a denial of service...

CVE-2017-0509

CVE-2017-0509 is an elevation-of-privilege in the Broadcom Wi‑Fi driver that could let a local malicious app execute arbitrary code in the kernel. Affected product: Android. Root cause: Broadcom Wi‑Fi driver vulnerability enabling local code execution with no privileges required and user interact...

CVE-2017-0337

CVE-2017-0337 describes a local privilege-escalation in the NVIDIA GPU driver affecting Android on Kernel-3.18. The vulnerability could let a local malicious process execute code in kernel context, potentially enabling a permanent device compromise that might require a OS reflashing to repair. Th...

CVE-2016-10151

CVE-2016-10151 is tied to the Hesiod 3.2.1 package. The vulnerability arises in the hesiod_init function in lib/hesiod.c, which compares the effective user ID (EUID) with the real UID to decide whether to load configurations from environment variables. This logic can enable local users to elevate...

CVE-2017-0507

An elevation of privilege vulnerability in the kernel ION subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing th...

Linux Kernel 'drivers/infiniband/sw/rxe/rxe_mr.c' Local Integer Overflow Vulnerability

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. Linux Kernel suffers from a local integer overflow vulnerability. A local attacker can exploit this vulnerability to execute arbitrary code in the context of an affected...

The vulnerability of the AIX operating system, which allows a perpetrator to increase their privileges

The vulnerability of the AIX operating system is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious individual to enhance their privileges locally...

CVE-2016-8481

An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions:...

UBUNTU-CVE-2017-0428

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...

UBUNTU-CVE-2017-0434

An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the touchscreen chipset. This issue is rated as High because it first requires compromising a privileged process. Product: Android...

Netgear Routers - Password Disclosure Vulnerabilities

Exploit for hardware platform in category web applications Trustwave SpiderLabs Security Advisory TWSL2017-003: Multiple Vulnerabilities in NETGEAR Routers Published: 01/30/2017 Version: 1.0 Vendor: NETGEAR http://www.netgear.com/ Product: Multiple products Finding 1: Remote and Local Password...

DEBIAN-CVE-2016-10013

Xen through 4.8.x allows local 64-bit x86 HVM guest OS users to gain privileges by leveraging mishandling of SYSCALL singlestep during emulation...

Design/Logic Flaw

Bash before 4.4 allows local users to execute arbitrary commands with root privileges via crafted SHELLOPTS and PS4 environment variables...

PT-2017-2021 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.9.7 Description: The issue is caused by an integer overflow in the vc4 get bcl function of the VideoCore DRM driver. This can be exploited by a local attacker using a specially crafted VC4 SUBMIT CL ioctl call...

CVE-2016-8426

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...

KLA11171 OSI vulnerability in Adobe Flash Player

Out-of-bounds read vulnerability in Adobe Flash Player can be exploited locally to obtain sensitive information. Technical details To update Adobe Flash Player ActiveX detected as Flash.ocx on Windows 8 and higher, install latest updates from Control Panel Original advisories APSB18-01 Exploitati...