4827 matches found
X.org Privilege Escalation / Use-After-Free / Weak Entropy Vulnerabilities
Exploit for windows platform in category local exploits Multiple Vulnerabilities in X.org ================================= Overview -------- Vendor: X.org/Freedesktop.org Vendor URL: https://www.x.org/wiki/ Credit: X41 D-Sec GmbH, Eric Sesterhenn Advisory-URL:...
X.org Privilege Escalation / Use-After-Free / Weak Entropy
X41 D-Sec GmbH Security Advisory: X41-2017-001 Multiple Vulnerabilities in X.org ================================= Overview -------- Vendor: X.org/Freedesktop.org Vendor URL: https://www.x.org/wiki/ Credit: X41 D-Sec GmbH, Eric Sesterhenn Advisory-URL:...
SUSE-SU-2017:0495-1 Security update for openssl1
This update for openssl1 fixes the following issues contained in the OpenSSL Security Advisory 26 Jan 2017 bsc1021641 Security issues fixed: - CVE-2016-7056: A local ECSDA P-256 timing attack that might have allowed key recovery was fixed bsc1019334 - CVE-2016-8610: A remote denial of service in...
Oracle GlassFish Server 2.1.1.x < 2.1.1.30 / 3.0.1.x < 3.0.1.15 / 3.1.2.x < 3.1.2.16 Multiple Vulnerabilities (January 2017 CPU)
Binary data 9947.prm...
CVE-2017-0428
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...
CVE-2017-0417
An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally...
CVE-2017-0414
An information disclosure vulnerability in AOSP Messaging could enable a local malicious application to bypass operating system protections that isolate application data from other applications. This issue is rated as High because it could be used to gain access to data that the application does...
CVE-2017-0410
An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally...
UBUNTU-CVE-2017-0432
An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10...
DEBIAN-CVE-2017-5546
The freelist-randomization feature in mm/slab.c in the Linux kernel 4.8.x and 4.9.x before 4.9.5 allows local users to cause a denial of service duplicate freelist entries and system crash or possibly have unspecified other impact in opportunistic circumstances by leveraging the selection of a...
EMC Data Domain OS Local Command Injection Vulnerability (ESA-2016-160)
EMC Data Domain OS is prone to a local command injection vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2017-0395
An elevation of privilege vulnerability in Contacts could enable a local malicious application to silently create contact information. This issue is rated as Moderate because it is a local bypass of user interaction requirements access to functionality that would normally require either user...
CVE-2016-8449
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10...
CVE-2016-8450
An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions:...
CVE-2016-8464
An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current...
CVE-2016-8407
An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising ...
PT-2017-1211
Name of the Vulnerable Software and Affected Versions MediaTek driver versions affected versions not specified Description The issue is related to insufficient access control in the MT6573FDVT SetRegHW function of the camera fdvt.c driver for the MediaTek application in the Android operating...
UBUNTU-CVE-2016-8399
An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and current compiler...
Boxoft Wav v1.1.0.0 - Buffer Overflow Vulnerability
Document Title: =============== Boxoft Wav v1.1.0.0 - Buffer Overflow Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2027 Release Date: ============= 2017-01-09 Vulnerability Laboratory ID VL-ID: ==================================== 2027...
UBUNTU-CVE-2016-10010
sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c...