Lucene search
K

128 matches found

ATTACKERKB
ATTACKERKB
added 2020/02/07 11:15 p.m.4 views

CVE-2020-8808

The CorsairLLAccess64.sys and CorsairLLAccess32.sys drivers in CORSAIR iCUE before 3.25.60 allow local non-privileged users including low-integrity level processes to read and write to arbitrary physical memory locations, and consequently gain NT AUTHORITY\SYSTEM privileges, via a function call...

7.8CVSS5.4AI score0.00585EPSS
Exploits0References3
CNVD
CNVD
added 2019/12/27 12:0 a.m.2 views

Multiple Apple Products Kernel Component Out-of-Bounds Read Vulnerability

Apple iOS is an operating system developed for mobile devices.Apple tvOS is a smart TV operating system.Apple watchOS is a smart watch operating system.Kernel is one of the kernel components. An out-of-bounds read vulnerability exists in the Kernel component in multiple Apple products. The...

7.1CVSS6.4AI score0.0033EPSS
Exploits0References1
NVD
NVD
added 2019/12/12 9:15 a.m.21 views

CVE-2019-2338

Crafted image that has a valid signature from a non-QC entity can be loaded which can read/write memory that belongs to the secure world in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired...

7.1CVSS7AI score0.0019EPSS
Exploits0References1
myhack58
myhack58
added 2019/09/17 12:0 a.m.209 views

In-depth exploration found in the wild iOS exploit chain VI-vulnerability warning-the black bar safety net

In this article, we will Analysis on your iOS device to get the normal permissions of the shell of the WebKit exploit method, where all the vulnerabilities are available on iOS's sandboxed renderer process WebContent implemented shellcode code execution. Although on iOS Chrome will also be affect...

6.8CVSS8.3AI score0.84564EPSS
Exploits15
OSV
OSV
added 2019/06/06 3:29 p.m.3 views

CVE-2019-5242

There is a code execution vulnerability in Huawei PCManager versions earlier than PCManager 9.0.1.50. The attacker can tricking a user to install and run a malicious application to exploit this vulnerability. Successful exploitation may cause the attacker to execute malicious code and read/write...

7.8CVSS7.5AI score0.01009EPSS
Exploits0References1
NVD
NVD
added 2019/06/06 3:29 p.m.16 views

CVE-2019-5242

There is a code execution vulnerability in Huawei PCManager versions earlier than PCManager 9.0.1.50. The attacker can tricking a user to install and run a malicious application to exploit this vulnerability. Successful exploitation may cause the attacker to execute malicious code and read/write...

9.3CVSS7.8AI score0.01009EPSS
Exploits0References1
OSV
OSV
added 2019/04/26 5:29 p.m.3 views

DEBIAN-CVE-2019-9813

Incorrect handling of proto mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write. This vulnerability affects Firefox 66.0.1, Firefox ESR 60.6.1, and Thunderbird 60.6.1...

8.8CVSS8AI score0.07387EPSS
Exploits4References1
Tenable Nessus
Tenable Nessus
added 2019/04/01 12:0 a.m.45 views

openSUSE Security Update : ovmf (openSUSE-2019-1083)

This update for ovmf fixes the following issues : Security issues fixed : - CVE-2018-12180: Fixed a buffer overflow in BlockIo service, which could lead to memory read/write overrun bsc1127820. - CVE-2018-12178: Fixed an improper DNS check upon receiving a new DNS packet bsc1127821. -...

9.1CVSS8.2AI score0.02271EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2019/03/27 9:49 a.m.8 views

Mozilla: Ionmonkey type confusion with __proto__ mutations

Incorrect handling of proto mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write. This vulnerability affects Firefox 66.0.1, Firefox ESR 60.6.1, and Thunderbird 60.6.1...

8.8CVSS7.4AI score0.07387EPSS
Exploits4References5
CNVD
CNVD
added 2019/03/26 12:0 a.m.1 views

Mozilla Firefox Buffer Overflow Vulnerability (CNVD-2019-08529)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox versions prior to 66.0.1. An attacker can exploit the vulnerability to arbitrarily read and write memory...

8.8CVSS8.7AI score0.07387EPSS
Exploits4References1
Positive Technologies
Positive Technologies
added 2018/12/21 12:0 a.m.7 views

PT-2018-3846 · Gigabyte · Gigabyte App Center +3

Name of the Vulnerable Software and Affected Versions: GIGABYTE APP Center versions 1.05.21 and earlier AORUS GRAPHICS ENGINE versions prior to 1.57 XTREME GAMING ENGINE versions prior to 1.26 OC GURU II version 2.08 and earlier Description: The issue is related to the GPCIDrv and GDrv low-level...

7.8CVSS6.7AI score0.03671EPSS
Exploits2References15
Prion
Prion
added 2018/10/30 6:29 p.m.22 views

Design/Logic Flaw

The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, and RestartToUEFI before v1.0.6.2 expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate...

7.2CVSS6.8AI score0.00982EPSS
Exploits5References2Affected Software4
OSV
OSV
added 2018/10/30 6:29 p.m.4 views

CVE-2018-10710

The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, and RestartToUEFI before v1.0.6.2 expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate...

7.1CVSS5.9AI score0.00982EPSS
Exploits5References2
OSV
OSV
added 2018/10/17 3:29 p.m.2 views

CVE-2017-17176

The hardware security module of Mate 9 and Mate 9 Pro Huawei smart phones with the versions earlier before MHA-AL00BC00B156, versions earlier before MHA-CL00BC00B156, versions earlier before MHA-DL00BC00B156, versions earlier before MHA-TL00BC00B156, versions earlier before LON-AL00BC00B156,...

6.7CVSS6.1AI score0.00309EPSS
Exploits0References1
NVD
NVD
added 2018/10/17 3:29 p.m.28 views

CVE-2017-17176

The hardware security module of Mate 9 and Mate 9 Pro Huawei smart phones with the versions earlier before MHA-AL00BC00B156, versions earlier before MHA-CL00BC00B156, versions earlier before MHA-DL00BC00B156, versions earlier before MHA-TL00BC00B156, versions earlier before LON-AL00BC00B156,...

7.2CVSS6.7AI score0.00309EPSS
Exploits0References1
OSV
OSV
added 2018/07/13 8:29 p.m.3 views

CVE-2016-6559

Improper bounds checking of the obuf variable in the linkntoa function in linkaddr.c of the BSD libc library may allow an attacker to read or write from memory. The full impact and severity depends on the method of exploit and how the library is used by applications. According to analysis by...

9.8CVSS7.3AI score0.03699EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2018/05/10 12:0 a.m.8 views

PT-2018-18413

Name of the Vulnerable Software and Affected Versions: HWiNFO AMD64 Kernel driver version 8.98 and lower Description: The issue allows an unprivileged user to send an IOCTL 0x85FE2608 to the device driver with the HWiNFO32 symbolic device name, resulting in direct physical memory read or write...

7.1CVSS7AI score0.00437EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2017/09/06 8:36 p.m.5 views

kernel: Use after free in SCSI generic device interface

It was found that the blkrqmapuseriov function in the Linux kernel's block device implementation did not properly restrict the type of iterator, which could allow a local attacker to read or write to arbitrary kernel memory locations or cause a denial of service use-after-free by leveraging write...

7.8CVSS6.9AI score0.00437EPSS
Exploits0References4
myhack58
myhack58
added 2017/05/08 12:0 a.m.73 views

MS16-145: Edge browser the TypedArray. sort UAF vulnerability analysis-vulnerability warning-the black bar safety net

In this article, we will provide the reader detailed analysis of how to use the MS Edge browser in the UAF vulnerability to remote code execution. This article will provide readers in-depth analysis of the impact of MS Edge CVE-2016-7288 UAF vulnerability root causes, and how to reliably trigger...

7.6CVSS0.70354EPSS
Exploits2
0day.today
0day.today
added 2017/03/19 12:0 a.m.55 views

Microsoft Edge Charkra Incorrect Jit Optimization Exploit

Exploit for windows platform in category dos / poc Microsoft Edge: Chakra incorrect jit optimization with TypedArray setter. CVE-2017-0071 PoC: "use strict"; function funca, b, c a0 = 1.2; b0 = c; a0 = ; ----------------------- 2 return 0; ; a0.toString; main; In the above code, Chakra assumes th...

7.6CVSS7.7AI score0.31893EPSS
Exploits2
Rows per page
Query Builder