147 matches found
xorg-server buffer error vulnerability
xorg-x11-server is an X Window System display server from the X.org Foundation. A security vulnerability exists in xorg-server versions prior to 21.1.10, xwayland versions prior to 23.2.3, which stems from a memory read/write overrun that may be caused by querying or changing an XKB button...
PT-2023-6642
Name of the Vulnerable Software and Affected Versions xorg-x11-server affected versions not specified Description A use-after-free flaw was found in the xorg-x11-server, which can cause an X server crash in a very specific and legacy configuration, known as Zaphod mode, where a multi-screen setup...
ASB-A-274058082
In androidviewInputDevicecreate of androidviewInputDevice.cpp, there is a possible way to execute arbitrary code due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2022-41949 Semi-blind Server-Side Request Forgery in dhis2-core
DHIS 2 is an open source information system for data capture, management, validation, analytics and visualization. In affected versions an authenticated DHIS2 user can craft a request to DHIS2 to instruct the server to make requests to external resources like third party servers. This could allow...
CVE-2022-43945
The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call RPC into a single array of pages. A client can force the send...
xorg-x11-server: SProcScreenSaverSuspend out-of-bounds access
A flaw was found in xorg-x11-server where an out-of-bounds access can occur in the SProcScreenSaverSuspend function...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google Inc. in the United States. A security vulnerability in the vold incremental-fs APIs of Google Android could cause systemserver to trigger a mount on a directory that should not be under the control of systemserver...
The vulnerability of the DNS Server component of the Windows operating system, related to improper code generation, allows a hacker to trigger a service failure.
The vulnerability of the DNS Server component of the Windows operating system is related to improper code generation. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
Exploit for Improper Input Validation in Microsoft
This is a PoC Proof of Concept exploit for CVE-2020-1350, also known as SigRed. The exploit is designed to target DNS servers and allows for remote code execution. The exploit is written in Python and consists of several files: configure.py: This script is used to set up the payload and Apache HT...
CVE-2020-0136
In multiple locations of Parcel.cpp, there is a possible out-of-bounds write due to an integer overflow. This could lead to local escalation of privilege in the system server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
Integer overflow
In multiple locations of Parcel.cpp, there is a possible out-of-bounds write due to an integer overflow. This could lead to local escalation of privilege in the system server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2020-0136
In multiple locations of Parcel.cpp, there is a possible out-of-bounds write due to an integer overflow. This could lead to local escalation of privilege in the system server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2020-0082
In ExternalVibration of ExternalVibration.java, there is a possible activation of an arbitrary intent due to unsafe deserialization. This could lead to local escalation of privilege to systemserver with no additional execution privileges needed. User interaction is not needed for...
Privilege Escalation
kernel is vulnerable to privilege escalation. The vulnerability exists when an application has a stack overflow, the stack could silently overwrite another memory mapped area instead of a segmentation fault occurring, which could cause an application to execute arbitrary code, possibly leading to...
CVE-2017-18663
An issue was discovered on Samsung mobile devices with N7.x software. Because of missing Intent exception handling, systemserver can have a NullPointerException with a crash of a system process. The Samsung IDs are SVE-2017-9122, SVE-2017-9123, SVE-2017-9124, and SVE-2017-9126 July 2017...
CVE-2016-11031
An issue was discovered on Samsung mobile devices with KK4.4, L5.0/5.1, and M6.0 software. AntService allows a systemserver crash and reboot. The Samsung ID is SVE-2016-7044 November 2016...
Code injection
The BIRT Engine servlet in the AR System Mid Tier component before 9.0 SP1 for BMC Remedy AR System Server allows remote authenticated users to "navigate" to arbitrary local files via the imageid parameter...
Code injection
AR System Mid Tier in the AR System Mid Tier component before 9.0 SP1 for BMC Remedy AR System Server allows remote authenticated users to "navigate" to arbitrary files via the report parameter of the BIRT viewer servlet...
CVE-2019-9386
In NFC server, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the system server with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID:...
CVE-2019-1988
In sample6 of SkSwizzler.cpp, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution in systemserver with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-8.0...