CVE-2017-13829

An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "CFNetwork" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service memory corruption via a crafted app...

CVE-2017-13800

An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "APFS" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service memory corruption via a crafted app...

CVE-2017-13799

An issue was discovered in certain Apple products. iOS before 11.1 is affected. macOS before 10.13.1 is affected. tvOS before 11.1 is affected. watchOS before 4.1 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause...

CVE-2017-7077

An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "IOFireWireFamily" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service memory corruption via a crafted app...

VMware Workstation Shader Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the guest system in order to exploit this vulnerability. The specific flaw exists within the Shader...

The vulnerability of the ACL component of the NoviWare operating system allows a attacker to gain access to the network interface of the novi_process_manager_daemon service and execute arbitrary code in privileged mode on the switch.

The vulnerability of NoviWare’s operating system component stems from the improper handling of unserialized network packets, which leads to buffer overflows on the stack. Exploiting this vulnerability allows a malicious actor to execute arbitrary code during the application of ACL modifications,...

Command injection

The novish command-line interface, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, is prone to a buffer overflow in the "show log cli" command. This could be used by a read-only user monitor role to gain privileged root code execution on the...

NoviFlow NoviWare <= NW400.2.6 - Multiple Vulnerabilities

Exploit for hardware platform in category dos / poc NoviFlow NoviWare = NW400.2.6 multiple vulnerabilities Introduction ========== NoviWare is a high-performance OpenFlow 1.3, 1.4 and 1.5 compliant switch software developed by NoviFlow and available for license to network equipment manufacturers...

The vulnerability of the NVIDIA Graphics Drivers component for the Mac OS X operating system allows a hacker to trigger a service failure or execute arbitrary code in a privileged context.

The vulnerability of the NVIDIA Graphics Drivers component for the Mac OS X operating system arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in privileged context, or trigger a service...

Race condition

A vulnerability has been identified in some Lenovo products that use UEFI BIOS code developed by American Megatrends, Inc. AMI. With this vulnerability, conditions exist where an attacker with administrative privileges or physical access to a system may be able to run specially crafted code that...

Microsoft Edge XAML File Improper Access Control Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Microsoft Edge. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of XA...

Microsoft Windows Error Reporting Manager Improper Access Control Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute medium-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Windows...

Microsoft Windows CLFS Driver Buffer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Common Log...

Trend Micro InterScan Messaging Security Proxy Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro InterScan Messaging Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw...

The vulnerability of the Intel Graphics Driver component in the Mac OS X operating system allows a hacker to trigger a service failure or execute arbitrary code in a privileged context.

The vulnerability of the Intel Graphics Driver for the Mac OS X operating system arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in privileged context or cause a service failure memory...

The vulnerability of the Kernel component in iOS and Mac OS X operating systems allows a hacker to trigger a service failure or execute arbitrary code in a privileged context.

The vulnerability of the Kernel component in iOS and Mac OS X operating systems arises from the execution of an operation outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in a privileged context, or to cause a service failure memory...

The vulnerability of the Intel Graphics Driver component in the Mac OS X operating system allows a hacker to trigger a service failure or execute arbitrary code in a privileged context.

The vulnerability of the Intel Graphics Driver for the Mac OS X operating system arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in privileged context or cause a service failure memory...

The vulnerability of the AppleGraphicsPowerManagement component in the Mac OS X operating system allows a hacker to trigger a service failure or execute arbitrary code in a privileged context.

The vulnerability of the AppleGraphicsPowerManagement component in the Mac OS X operating system arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in privileged context, or cause a service...

CVE-2017-7054

An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service memory corruption via a crafted app...

CVE-2017-7032

An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "kext tools" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service memory corruption via a crafted app...