Microsoft Windows Kernel KMD Security Feature CVE-2015-2454 Local Security Bypass Vulnerability

Description Microsoft Windows is prone to a local security-bypass vulnerability. Local attackers can exploit this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. Successful exploits may lead to other attacks...

My Contacts Backup Pro 2.0.1 Command Injection / XSS

Document Title: =============== My Contacts Backup Pro 2.0.1 IOS - Command Inject Vulnerability & Cross Site Scripting Credits & Authors: ================== TaurusOmar - @TaurusOmar [email protected] taurusomar.blogspot.com Release Date: ============= 2015-08-11 Product & Service Introductio...

Device Inspector v1.5 iOS - Command Inject Vulnerabilities

Document Title: =============== Device Inspector v1.5 iOS - Command Inject Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1558 Release Date: ============= 2015-08-07 Vulnerability Laboratory ID VL-ID: ====================================...

Linux kernel 'security/keys/keyring.c' local denial of service vulnerability

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A local denial of service vulnerability exists in Linux kernel. A local attacker could exploit this vulnerability to consume available memory and cause a denial of service...

Libuser Library - Multiple Vulnerabilities

Qualys Security Advisory CVE-2015-3245 userhelper chfn newline filtering CVE-2015-3246 libuser passwd file handling -- Summary ----------------------------------------------------------------- The libuser library implements a standardized interface for manipulating and administering user and grou...

Oracle Berkeley DB Local Arbitrary Code Execution Vulnerability (CNVD-2015-04781)

Oracle Berkeley DB is the industry's leading open source, embeddable storage engine that provides developers with a fast, reliable native database that requires no administration. A security vulnerability exists in the Oracle Berkeley DB Data Store component that can be exploited by a local...

Oracle Berkeley DB Local Arbitrary Code Execution Vulnerability (CNVD-2015-04769)

Oracle Berkeley DB is the industry-leading open source, embeddable storage engine that provides developers with a fast, reliable native database that requires no administration. A security vulnerability exists in the Oracle Berkeley DB Data Store component that can be exploited by a local attacke...

Oracle Berkeley DB Local Arbitrary Code Execution Vulnerability (CNVD-2015-04766)

Oracle Berkeley DB is the industry's leading open source, embeddable storage engine that provides developers with a fast, reliable native database that requires no administration. A security vulnerability exists in the Oracle Berkeley DB Data Store component that can be exploited by a local...

Oracle Berkeley DB Local Arbitrary Code Execution Vulnerability (CNVD-2015-04765)

Oracle Berkeley DB is the industry's leading open source, embeddable storage engine that provides developers with a fast, reliable native database that requires no administration. A security vulnerability exists in the Oracle Berkeley DB Data Store component that can be exploited by a local...

Blueberry Express 5.9.0.3678 - Local Buffer Overflow (SEH)

Blueberry Express 5.9.0.3678 - Local Buffer Overflow SEH Document Title: =============== Blueberry Express v5.9.x - SEH Buffer Overflow Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1535 Video:...

FCS Scanner 1.0 / 1.4 Command Injection

Document Title: =============== FCS Scanner v1.0 & v1.4 - Command Inject Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1538 Release Date: ============= 2015-06-30 Vulnerability Laboratory ID VL-ID: ==================================== 153...

CA Common Services Local Elevation of Privilege Vulnerability

CA is a leading global provider of IT management software and solutions, with products and technologies that span the full spectrum of IT environments, from mainframes to distributed systems, from virtualization to the cloud. CA Common Services has a security issue with the handling of environmen...

1 Click Extract Audio v2.3.6 - Activex Buffer Overflow

Document Title: =============== 1 Click Extract Audio v2.3.6 - Activex Buffer Overflow References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1506 Video: http://www.vulnerability-lab.com/getcontent.php?id=1507 Release Date: ============= 2015-06-05 Vulnerabilit...

Cisco Unified Communications Manager root Shell Access Local Privilege Escalation Vulnerability

A vulnerability in the local read file of the Cisco Unified Communications Manager could allow an authenticated, local attacker to execute commands and obtain an interactive Linux shell as the root user if the attacker has already obtained sensitive information from the system. The vulnerability ...

Ubuntu: Security Advisory (USN-2599-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Vulnerabilities in the Debian GNU/Linux operating system that allow a local malicious individual to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the nvidia-kernel-legacy-2.6-k7 package for the Debian GNU/Linux operating system may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited by malicious individuals locally...

Vulnerabilities in the Debian GNU/Linux operating system that allow a local malicious individual to compromise the confidentiality, integrity, and accessibility of protected information

The Linux-image-iop32x package of the Debian GNU/Linux operating system has multiple vulnerabilities. Exploitation of these vulnerabilities may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited by local malicious...

The vulnerability of the Red Hat Enterprise Linux operating system allows attackers to compromise the confidentiality and accessibility of protected information.

The vulnerability of the systemtap-testsuite-1.6 package of the Red Hat Enterprise Linux operating system can lead to a violation of the confidentiality and accessibility of protected information. This vulnerability can be exploited locally...

The vulnerability of the CentOS operating system allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the sblim-cmpi-fsvol-test-1.4.4 package of the CentOS operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. Exploiting this vulnerability can be carried out locally...

The vulnerability of the Red Hat Linux operating system, which allows a malicious individual to compromise the confidentiality of protected information

The vulnerability of the glibc-devel-2.2 package in the Red Hat Linux operating system can lead to a violation of the confidentiality of protected information. This vulnerability can be exploited locally...