CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

674 matches found

BDU FSTEC•added 2020/02/11 12:0 a.m.•1 views

The vulnerability of the binder Transaction function (binder.c) in the Android operating system’s kernel allows a hacker to execute arbitrary code.

The vulnerability of the binder Transaction function in the Android operating system’s kernel is related to the execution of a transaction outside of the buffer in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code within the context of a privileged process...

7.8CVSS8.2AI score0.00333EPSS

Exploits0References4Affected Software1

Mageia•added 2020/02/09 7:13 p.m.•41 views

Updated sudo packages fix security vulnerability

The updated packages fix a security vulnerability: In Sudo before 1.8.31, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for...

7.8CVSS3.1AI score0.19426EPSS

Exploits13References4

OSV•added 2020/02/08 5:15 a.m.•3 views

CVE-2019-11483

Sander Bos discovered Apport mishandled crash dumps originating from containers. This could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user...

3.3CVSS5.8AI score

Exploits0References3

NVD•added 2020/02/08 5:15 a.m.•15 views

CVE-2019-11483

7CVSS6.6AI score0.0037EPSS

Exploits0References3

Prion•added 2020/02/08 5:15 a.m.•25 views

Code injection

2.1CVSS5.1AI score0.0037EPSS

Exploits0References2Affected Software1

Cvelist•added 2020/02/08 4:50 a.m.•26 views

CVE-2019-11483

7CVSS6.8AI score0.0037EPSS

Exploits0References2

ThreatPost•added 2020/02/04 6:51 p.m.•56 views

Two Critical Android Bugs Get Patched in February Update

Google has released a security update for a critical flaw in its Android operating system that allows hackers to execute remote code on affected handsets, potentially allowing an adversary to gain remote access to the device. Part of Google’s February Android Security Bulletin, released Monday,...

9.3CVSS1.3AI score0.05424EPSS

Exploits8References3

UbuntuCve•added 2020/01/31 12:0 a.m.•33 views

CVE-2019-18634

In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upstream and many other packages, and would exist on...

7.8CVSS7.4AI score0.19426EPSS

Exploits13References5

OSV•added 2020/01/31 12:0 a.m.•1 views

UBUNTU-CVE-2019-18634

7.8CVSS7.3AI score0.19426EPSS

Exploits13References6

OpenVAS•added 2019/11/06 12:0 a.m.•26 views

Ubuntu: Security Advisory (USN-4171-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS5.9AI score0.00484EPSS

Exploits2References3

Ubuntu•added 2019/11/04 12:30 p.m.•100 views

USN-4171-2: Apport vulnerabilities

USN-4171-1 fixed several vulnerabilities in apport. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Kevin Backhouse discovered Apport would read its user-controlled settings file as the root user. This could be used by a local attacker to possibly...

7.8CVSS5.7AI score0.00484EPSS

Exploits2

Symantec•added 2019/11/04 12:0 a.m.•12 views

Google Android Media Framework Multiple Local Privilege Escalation Vulnerabilities

Description Google Android is prone to multiple local privilege-escalation vulnerabilities. A local attacker can exploit these issues to execute arbitrary code with elevated privileges within the context of the privileged process. These issues are being tracked by Android Bug IDs A-137283376,...

3.1AI score

Exploits0References1Affected Software1

Ubuntu•added 2019/10/30 5:45 a.m.•112 views

USN-4171-1: Apport vulnerabilities

Kevin Backhouse discovered Apport would read its user-controlled settings file as the root user. This could be used by a local attacker to possibly crash Apport or have other unspecified consequences. CVE-2019-11481 Sander Bos discovered a race-condition in Apport during core dump creation. This...

7.8CVSS5.6AI score0.00484EPSS

Exploits2

OSV•added 2019/10/30 5:45 a.m.•2 views

USN-4171-1 apport vulnerabilities

7.8CVSS6.2AI score0.00484EPSS

Exploits2References6

OSV•added 2019/10/29 12:0 a.m.•0 views

UBUNTU-CVE-2019-11483

7CVSS5.8AI score0.0037EPSS

Exploits0References4

UbuntuCve•added 2019/10/29 12:0 a.m.•22 views

CVE-2019-11483

7CVSS5.9AI score0.0037EPSS

Exploits0References3

OSV•added 2019/10/29 12:0 a.m.•2 views

UBUNTU-CVE-2019-15790

Apport reads and writes information on a crashed process to /proc/pid with elevated privileges. Apport then determines which user the crashed process belongs to by reading /proc/pid through getpidinfo in data/apport. An unprivileged user could exploit this to read information about a privileged...

3.3CVSS5.8AI score0.00484EPSS

Exploits2References4

OSV•added 2019/09/05 10:15 p.m.•4 views

CVE-2019-2123

In execTransact of Binder.java in Android 7.1.1, 7.1.2, 8.0, 8.1, and 9, there is a possible local execution of arbitrary code in a privileged process due to a memory overwrite. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is no...

7.8CVSS7.3AI score

Exploits0References1

Prion•added 2019/09/05 10:15 p.m.•13 views

Code injection

4.6CVSS7.8AI score0.00163EPSS

Exploits0References1Affected Software1

Cvelist•added 2019/09/05 9:31 p.m.•20 views

CVE-2019-2123

7.8AI score0.00163EPSS

Exploits0References1

Rows per page