CVE-2018-21042

An issue was discovered on Samsung mobile devices with N7.x, O8.x, and P9.0 software. Dual Messenger allows installation of an arbitrary APK with resultant privileged code execution. The Samsung ID is SVE-2018-13299 December 2018...

CVE-2018-21042

An issue was discovered on Samsung mobile devices with N7.x, O8.x, and P9.0 software. Dual Messenger allows installation of an arbitrary APK with resultant privileged code execution. The Samsung ID is SVE-2018-13299 December 2018...

CVE-2018-21042

CVE-2018-21042 concerns Samsung mobile devices running N(7.x), O(8.x), and P(9.0). The issue is that Dual Messenger can install an arbitrary APK, leading to privileged code execution. Affected component/feature: Dual Messenger on Samsung devices. Root cause: exploitation arises from ability to in...

infinispan: invokeAccessibly method from ReflectionUtil class allows to invoke private methods

A vulnerability was found in Infinispan such that the invokeAccessibly method from the public class ReflectionUtil allows any application class to invoke private methods in any class with Infinispan's privileges. The attacker can use reflection to introduce new, malicious behavior into the...

The vulnerability of the Intel Smart Sound Technology driver, related to a overflow in the unloaded pool in the operating memory, allows a hacker to execute arbitrary code.

The vulnerability of the Intel Smart Sound Technology driver is related to a overflow in the unloaded pool in the operating memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code with elevated privileges...

CVE-2018-12199

Buffer overflow in an OS component in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel TXE version before 3.1.60 or 4.0.10 may allow a privileged user to potentially execute arbitrary code via physical access...

Microsoft HID Driver Numeric Truncation Information Disclosure Vulnerability

This vulnerability allows attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists in the hidparse.sy...

Apple macOS High Sierra Kernel Out-of-Bounds Read Vulnerability (CNVD-2019-01542)

Apple macOS High Sierra is a specialized operating system developed by Apple for Mac computers.Kernel is one of the kernel components. An out-of-bounds read vulnerability exists in the Kernel component of Apple macOS High Sierra version 10.13.2. An attacker could exploit this vulnerability to...

The vulnerability of the getvolattrlist function in the kernel of operating systems such as Mac OS X, iOS, tvOS, and watchOS allows a malicious actor to execute arbitrary code in a privileged context.

The vulnerability of the getvolattrlist function in the kernel of operating systems such as Mac OS X, iOS, tvOS, and watchOS arises from an overflow in the “bucket” buffer. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in a privileged context using a specially...

CVE-2018-4230

An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "NVIDIA Graphics Drivers" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app that triggers a SetAppSupportBits use-after-free because of a ra...

CVE-2018-4193

An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Windows Server" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service memory corruption via a crafted app...

Multiple Apple Products Quick Look Competitive Conditions Vulnerability

Apple iOS, macOS High Sierra, tvOS, and watchOS are products of Apple Inc. Apple iOS is an operating system for mobile devices; macOS High Sierra is a specialized operating system for Mac computers; tvOS is a smart TV operating system; and watchOS is a smart watch operating system. tvOS is a smar...

CVE-2018-4158

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. watchOS before 4.3 is affected. The issue involves the "CoreFoundation" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted ap...

CVE-2018-4156

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "PluginKit" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app...

CVE-2018-4143

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause...

CVE-2018-4136

An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service out-of-bounds read via a crafted app...

CVE-2018-4132

An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service memory corruption via a crafted app...

CVE-2018-4098

An issue was discovered in certain Apple products. macOS before 10.13.3 is affected. The issue involves the "IOHIDFamily" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service memory corruption via a crafted app...

CVE-2018-9143

On Samsung mobile devices with M6.0 and N7.x software, a heap overflow in the sensorhub binder service leads to code execution in a privileged process, aka SVE-2017-10991...

CVE-2017-7155

An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service memory corruption via a crafted app...