674 matches found
CVE-2016-6740
An elevation of privilege vulnerability in the Qualcomm camera driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Androi...
CVE-2016-6741
An elevation of privilege vulnerability in the Qualcomm camera driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Androi...
CVE-2016-6745
An elevation of privilege vulnerability in the Synaptics touchscreen driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process...
CVE-2016-6752
CVE-2016-6752: An information-disclosure vulnerability in Qualcomm components (GPU driver, power driver, SMSM Point-to-Point driver, and sound driver) in Android prior to 2016-11-05 can allow a local malicious app to access data outside its permissions after compromising a privileged process. Aff...
CVE-2016-6748
CVE-2016-6748 describes an information-disclosure vulnerability in Qualcomm components used in Android (GPU driver, power driver, SMSM Point-to-Point driver, and sound driver). The flaw could allow a local malicious app to access data outside its permissions, with impact described as information ...
CVE-2016-3851
The LG Electronics bootloader Android before 2016-08-05 on Nexus 5X devices allows attackers to gain privileges by leveraging access to a privileged process, aka internal bug 29189941...
CVE-2016-3851
The LG Electronics bootloader Android before 2016-08-05 on Nexus 5X devices allows attackers to gain privileges by leveraging access to a privileged process, aka internal bug 29189941...
kernel: net: insufficient permision checks of netlink messages
It was found that the permission checks performed by the Linux kernel when a netlink message was received were not sufficient. A local, unprivileged user could potentially bypass these restrictions by passing a netlink socket as stdout or stderr to a more privileged process and altering the outpu...
Linux Kernel 2.2.x/2.4.x Privileged Process Hijacking Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/7112/info A vulnerability has been discovered in the Linux kernel which can be exploited using the ptrace system call. By attaching to an incorrectly configured root process, during a specific time window, it may be...
Linux Kernel 2.2.x/2.4.x Privileged Process Hijacking Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/7112/info A vulnerability has been discovered in the Linux kernel which can be exploited using the ptrace system call. By attaching to an incorrectly configured root process, during a specific time window, it may be...
DEBIAN-CVE-2013-1064
apt-xapian-index before 0.45ubuntu2.1, 0.44ubuntu7.1, and 0.44ubuntu5.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a 1 setuid process or 2...
Linux Kernel 2.6.32 (Ubuntu 10.04) - proc Handling SUID Privilege Escalation
Linux Kernel 2.6.32 Ubuntu 10.04 - proc Handling SUID Privilege Escalation Source: http://www.halfdog.net/Security/2011/SuidBinariesAndProcInterface/ proc Handling of Already Opened Files: Subvert The Stack Base Address Randomization With Suid-Binaries Problem description: Latest ubuntu lucid sto...
NetBSD Security Advisory 2006-001: Kernfs kernel memory disclosure
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 NetBSD Security Advisory 2006-001 ================================= Topic: Kernfs kernel memory disclosure Version: NetBSD-current: source prior to November 23, 2005 NetBSD 3.0: not affected NetBSD 2.1: affected NetBSD 2.0.3: affected NetBSD 2.0:...
DEBIAN-CVE-2004-2069
sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly other versions, when using privilege separation, does not properly signal the non-privileged process when a session has been terminated after exceeding the LoginGraceTime setting, which leaves the connection open and allows remote attackers to...