4827 matches found
Multiple Apple products libarchive component rewrite vulnerability
Apple iOS, watchOS, macOS, and tvOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices; watchOS is a smartwatch operating system. libarchive is a multi-format archive and compression library component. A security vulnerability exists in the libarchive compone...
Huawei Smart Phone P9 Wi-FI Driver Local Buffer Overflow Vulnerability
Huawei Smart Phone P9 is a smartphone from Chinese company Huawei.Wifi Driver is its wireless card driver. A local buffer overflow vulnerability exists in versions prior to Huawei Smart Phone P9 EVA-AL10C00B352. A local attacker can exploit this vulnerability to run arbitrary code, elevate...
Viscosity OpenVPN 2.3 Privilege Escalation Vulnerability
Viscosity Open VPN version 2.3 suffers from an unquoted service path local privilege escalation vulnerability. Title : Viscosity Open VPN 2.3 Privilege Escalation Author : Ajay Gowtham aka AJOXR Tested on : Windows 10 Latest version x64 bit Software :...
CVE-2016-6720
An information disclosure vulnerability in libstagefright in Mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could enable a local malicious application to access data outside of its permission levels. This issue is...
Viscosity Open VPN 2.3 Privilege Escalation
Title : Viscosity Open VPN 2.3 Privilege Escalation Date : 28/11/2016 Author : Ajay Gowtham aka AJOXR Tested on : Windows 10 Latest version x64 bit Software : https://www.sparklabs.com/downloads/Viscosity%20Installer.exe Vulnerability Description: When the Viscosity VPN software is installed a...
SA134 : Linux Kernel Vulnerabilities Oct/Nov 2016
SUMMARY Blue Coat products that include a vulnerable version of the Linux kernel are susceptible to several vulnerabilities. A remote attacker, with access to the management interface, can exploit these vulnerabilities to cause denial of service through system crashes or have unspecified other...
CVE-2016-3904
An elevation of privilege vulnerability in the Qualcomm bus driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Android I...
UBUNTU-CVE-2016-3907
An information disclosure vulnerability in Qualcomm components including the GPU driver, power driver, SMSM Point-to-Point driver, and sound driver in Android before 2016-11-05 could enable a local malicious application to access data outside of its permission levels. This issue is rated as...
UBUNTU-CVE-2016-6745
An elevation of privilege vulnerability in the Synaptics touchscreen driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process...
UBUNTU-CVE-2016-6736
An elevation of privilege vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which...
Koken 0.22.7 / 0.22.11 Cross Site Scripting
| \ | | / | | | | | | | | | | | | ' \ / \ \ / / | | | | || | | | | | | / |/ ,|| ||// || Document Title: =============== Koken 0.22.7 & 0.22.11 Multiple Web Vulnerabilities Credits & Authors: ================== TaurusOmar - @TaurusOmar [email protected] taurusomar.buhosec.com Release...
SUSE-SU-2016:2872-1 Security update for bash
This update for bash fixes the following issues: - CVE-2016-7543: Local attackers could have executed arbitrary commands via specially crafted SHELLOPTS+PS4 variables bsc1001299 - CVE-2016-0634: Malicious hostnames could have allowed arbitrary command execution when $HOSTNAME was expanded in the...
DEBIAN-CVE-2015-8962
Double free vulnerability in the sgcommonwrite function in drivers/scsi/sg.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service memory corruption and system crash by detaching a device during an SGIO ioctl call...
Reason Core Security 1.1.2 Privilege Escalation Vulnerability
Reason Core Security version 1.1.2 suffers from an unquoted service path privilege escalation vulnerability. ===================================================== Exploit Title : Reason Core Security - Unquoted Service Path Privilege Escalation Affected Products: Reason Core Security v1.1.2 -...
Microsoft VHD Driver Elevation of Privilege Vulnerability (CNVD-2016-11025)
Microsoft Windows is a family of operating systems released by Microsoft Corporation in the U.S. Windows VHD is a virtual hard disk driver. An elevation of privilege vulnerability exists in the Microsoft VHD driver. When the Windows Virtual Hard Disk Driver fails to properly handle user access to...
MS16-134: Description of the security update for common log file system driver: November 8, 2016
MS16-134: Description of the security update for common log file system driver: November 8, 2016 Summary This security update resolves vulnerabilities in Microsoft Windows. The vulnerability could allow elevation of privilege when the Windows Common Log File System CLFS driver improperly handles...
Oracle MySQL 5.6.x < 5.6.34 Multiple Vulnerabilities
Binary data 9748.prm...
Oracle MySQL 5.7.x < 5.7.16 Multiple Vulnerabilities
Binary data 9749.prm...
NVIDIA Windows GPU Display Driver Local Elevation of Privilege Vulnerability (CNVD-2016-10535)
NVIDIA NVIDIA Corporation, NASDAQ: NVDA, official Chinese name NVIDIA is a fabless IC semiconductor company that designs smart-core chipsets.The NVIDIA GPU Display Driver is a driver developed by the company for its GPUs. A local elevation of privilege vulnerability exists in NVIDIA GPU Display...
Windows Kernel Local Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when the Windows Kernel API improperly allows a user to access sensitive registry information. An attacker who successfully exploited the vulnerability could gain access to user account information that is not intended for the user. A locally...