Lucene search
+L

123 matches found

Cvelist
Cvelist
added 2024/02/13 7:32 p.m.42 views

CVE-2023-20579

Improper Access Control in the AMD SPI protection feature may allow a user with Ring0 kernel mode privileged access to bypass protections potentially resulting in loss of integrity and availability...

6.7AI score0.00164EPSS
Exploits0References1
NVD
NVD
added 2023/11/14 7:15 p.m.49 views

CVE-2023-20596

Improper input validation in the SMM Supervisor may allow an attacker with a compromised SMI handler to gain Ring0 access potentially leading to arbitrary code execution...

9.8CVSS0.00964EPSS
Exploits0References1
Prion
Prion
added 2023/11/14 7:15 p.m.30 views

Input validation

Improper input validation in the SMM Supervisor may allow an attacker with a compromised SMI handler to gain Ring0 access potentially leading to arbitrary code execution...

7.5CVSS8AI score0.00964EPSS
Exploits0References1Affected Software64
Cvelist
Cvelist
added 2023/11/14 6:55 p.m.49 views

CVE-2023-20596

Improper input validation in the SMM Supervisor may allow an attacker with a compromised SMI handler to gain Ring0 access potentially leading to arbitrary code execution...

9.9AI score0.00964EPSS
Exploits0References1
CVE
CVE
added 2023/11/14 6:55 p.m.74 views

CVE-2023-20596

CVE-2023-20596 involves improper input validation in the AMD SMM Supervisor. A compromised SMI handler could gain Ring0 and potentially execute arbitrary code. Documents show affected AMD platforms across Desktop, Mobile, and Embedded lines, with mitigations delivered via OEM firmware updates (e....

9.8CVSS9.6AI score0.00964EPSS
Exploits0References1Affected Software1
CISA KEV Catalog
CISA KEV Catalog
added 2023/03/30 12:0 a.m.43 views

Linux Kernel Use-After-Free Vulnerability

Linux kernel contains a use-after-free vulnerability that allows for privilege escalation to gain ring0 access from the system user...

7.9CVSS8AI score0.03702EPSS
In wildExploits0
Tenable Nessus
Tenable Nessus
added 2023/03/29 12:0 a.m.33 views

SUSE SLES15 Security Update : kernel (Live Patch 1 for SLE 15 SP4) (SUSE-SU-2023:1639-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:1639-1 advisory. - A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRVCTLIOCTLELEMREAD|WRITE32 is missing locks that can be...

7.9CVSS6.8AI score0.03702EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2023/03/29 12:0 a.m.43 views

SUSE SLES12 Security Update : kernel (Live Patch 39 for SLE 12 SP5) (SUSE-SU-2023:1640-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:1640-1 advisory. This update for the Linux Kernel 4.12.14-122147 fixes several issues. The following security issues were fixed: - CVE-2023-26545: Fixed double...

7.9CVSS7.2AI score0.03702EPSS
Exploits0References7
Veracode
Veracode
added 2023/03/06 8:47 p.m.38 views

Privilege Escalation

Linux kernel is vulnerable to Privilege Escalation. The vulnerability exists in the ALSA PCM package because of the missing locks in the SNDRVCTLIOCTLELEMREAD|WRITE32, which leads to use-after-free, resulting in gaining access to ring0 from the system user...

7.9CVSS7.6AI score0.03702EPSS
Exploits0References5Affected Software4
OSV
OSV
added 2023/01/30 2:15 p.m.13 views

AZL-13229 CVE-2023-0266 affecting package kernel for versions less than 5.15.92.1-1

A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRVCTLIOCTLELEMREAD|WRITE32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgrading past...

7.8CVSS6.9AI score0.03702EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/01/30 1:9 p.m.34 views

CVE-2023-0266 Use after free in SNDRV_CTL_IOCTL_ELEM in Linux Kernel

A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRVCTLIOCTLELEMREAD|WRITE32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgrading past...

7.9CVSS8.3AI score0.03702EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2023/01/30 12:0 a.m.34 views

CVE-2023-0266

A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRVCTLIOCTL ELEMREAD|WRITE32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgrading past commit...

7.9CVSS8.5AI score0.03702EPSS
In wildExploits0References5
Tenable Nessus
Tenable Nessus
added 2023/01/11 12:0 a.m.78 views

GIGABYTE XTREME GAMING ENGINE < 1.26 Multiple Vulnerabilities

The version of GIGABYTE XTREME GAMING ENGINE installed on the remote host is prior to 1.26. It is, therefore, affected by multiple vulnerabilities as referenced in GIGABYTE security advisory 1801: - The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE befor...

9.8CVSS7.8AI score0.08523EPSS
Exploits9References7
Tenable Nessus
Tenable Nessus
added 2023/01/11 12:0 a.m.90 views

GIGABYTE APP Center < 19.4.22.1 Multiple Vulnerabilities

The version of GIGABYTE APP Center installed on the remote host is prior to 19.4.22.1. It is, therefore, affected by multiple vulnerabilities as referenced in GIGABYTE security advisory 1801: - The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.5...

9.8CVSS7.8AI score0.08523EPSS
Exploits9References7
VulnCheck KEV
VulnCheck KEV
added 2020/02/10 12:0 a.m.2 views

VulnCheck KEV: CVE-2018-19320

The GDrv low-level driver in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU II exposes ring0 memcpy-like functionality that could allow a local attacker to take complete control of the affected system...

7.8CVSS7.1AI score0.03597EPSS
Exploits4References1
Prion
Prion
added 2018/12/21 11:29 p.m.30 views

Information disclosure

The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 exposes ring0 memcpy-like functionality that could allow a local attacker to take complete control of the affected system...

7.2CVSS7.5AI score0.03597EPSS
Exploits4References5Affected Software4
NVD
NVD
added 2018/12/21 11:29 p.m.20 views

CVE-2018-19320

The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 exposes ring0 memcpy-like functionality that could allow a local attacker to take complete control of the affected system...

7.8CVSS7.6AI score0.03597EPSS
Exploits4References6
0day.today
0day.today
added 2017/08/08 12:0 a.m.56 views

Microsoft Windows 7 SP1 x86 - GDI Palette Objects Local Privilege Escalation (MS17-017) Exploit

Exploit for windows platform in category local exploits E-DB Note: + Source: https://github.com/sensepost/gdi-palettes-exp + Binary: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42432.exe include include include include //From...

0.1AI score
Exploits0
myhack58
myhack58
added 2017/03/01 12:0 a.m.482 views

HEVD kernel vulnerability training-with Windows play-bug warning-the black bar safety net

For this training of the research study will kernel vulnerability principle, the use of the way, under Windows many common data structures have a preliminary understanding, from the open Ring0 gate. HEVD project address: https://github.com/hacksysteam/HackSysExtremeVulnerableDriver For the kernel...

7.2CVSS7.7AI score0.87042EPSS
Exploits23
myhack58
myhack58
added 2016/11/15 12:0 a.m.37 views

Classic kernel vulnerabilities debugging notes bis-vulnerability warning-the black bar safety net

Foreword The last time I sent an article yourself in a classic kernel Vulnerability CVE-2 0 1 4-4 1 1 3 struggling experience, and some debugging details of the share summary after feel the harvest a lot, and later an accidental opportunity, I saw the Baidu security Labs issued an article that is...

7.3AI score0.10929EPSS
Exploits1
Rows per page
Query Builder