Disk Sorter Enterprise 9.5.12 - Local Buffer Overflow

Disk Sorter Enterprise 9.5.12 - Local Buffer Overflow + Title: Disk Sorter Server v9.5.12 - Local Stack-based buffer overflow + Credits / Discovery: Nassim Asrir + Author Email: [email protected] || https://www.linkedin.com/in/nassim-asrir-b73a57122/ + Author Company: Henceforth + CVE: N/A Vendo...

EMC Replication Manager < 5.3 - Command Execution (Metasploit)

EMC Replication Manager 5.3 - Command Execution Metasploit. CVE-2011-0647. Local exploit for Windows platform...

kernel: Use after free in SCSI generic device interface (CVE-2016-9576 regression)

It was found that the fix for CVE-2016-9576 was incomplete: the Linux kernel's sg implementation did not properly restrict write operations in situations where the KERNELDS option is set. A local attacker to read or write to arbitrary kernel memory locations or cause a denial of service...

Netpbm Null Pointer Reference Local Denial of Service Vulnerability

netpbm is a tool for graphics conversion. Netpbm suffers from a local denial of service vulnerability. An attacker can exploit this vulnerability to cause a denial of service...

CVE-2017-0337

CVE-2017-0337 describes a local privilege-escalation in the NVIDIA GPU driver affecting Android on Kernel-3.18. The vulnerability could let a local malicious process execute code in kernel context, potentially enabling a permanent device compromise that might require a OS reflashing to repair. Th...

CVE-2017-0509

CVE-2017-0509 is an elevation-of-privilege in the Broadcom Wi‑Fi driver that could let a local malicious app execute arbitrary code in the kernel. Affected product: Android. Root cause: Broadcom Wi‑Fi driver vulnerability enabling local code execution with no privileges required and user interact...

CVE-2016-10151

CVE-2016-10151 is tied to the Hesiod 3.2.1 package. The vulnerability arises in the hesiod_init function in lib/hesiod.c, which compares the effective user ID (EUID) with the real UID to decide whether to load configurations from environment variables. This logic can enable local users to elevate...

CVE-2017-0507

An elevation of privilege vulnerability in the kernel ION subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing th...

The vulnerability of the AIX operating system, which allows a perpetrator to increase their privileges

The vulnerability of the AIX operating system is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious individual to enhance their privileges locally...

Linux Kernel 'drivers/infiniband/sw/rxe/rxe_mr.c' Local Integer Overflow Vulnerability

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. Linux Kernel suffers from a local integer overflow vulnerability. A local attacker can exploit this vulnerability to execute arbitrary code in the context of an affected...

CVE-2016-8481

An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions:...

UBUNTU-CVE-2017-0428

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...

UBUNTU-CVE-2017-0434

An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the touchscreen chipset. This issue is rated as High because it first requires compromising a privileged process. Product: Android...

Netgear Routers - Password Disclosure Vulnerabilities

Exploit for hardware platform in category web applications Trustwave SpiderLabs Security Advisory TWSL2017-003: Multiple Vulnerabilities in NETGEAR Routers Published: 01/30/2017 Version: 1.0 Vendor: NETGEAR http://www.netgear.com/ Product: Multiple products Finding 1: Remote and Local Password...

DEBIAN-CVE-2016-10013

Xen through 4.8.x allows local 64-bit x86 HVM guest OS users to gain privileges by leveraging mishandling of SYSCALL singlestep during emulation...

Design/Logic Flaw

Bash before 4.4 allows local users to execute arbitrary commands with root privileges via crafted SHELLOPTS and PS4 environment variables...

PT-2017-2021 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.9.7 Description: The issue is caused by an integer overflow in the vc4 get bcl function of the VideoCore DRM driver. This can be exploited by a local attacker using a specially crafted VC4 SUBMIT CL ioctl call...

CVE-2016-8426

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...

KLA11171 OSI vulnerability in Adobe Flash Player

Out-of-bounds read vulnerability in Adobe Flash Player can be exploited locally to obtain sensitive information. Technical details To update Adobe Flash Player ActiveX detected as Flash.ocx on Windows 8 and higher, install latest updates from Control Panel Original advisories APSB18-01 Exploitati...

KLA10947 Denial of service vulnerability in Kaspersky products

Vulnerability was found in window broadcast message handling functionality of Kaspersky products. By exploiting this vulnerability malicious users can cause a denial of service. This vulnerability can be exploited locally via a specially designed unhandled window messages, which cause termination...