14 matches found
Exploit for CVE-2016-2610
This is a PoC exploit for CVE-2016-2610, a vulnerability in the PlayStation 4's kernel. The exploit targets the 4.55 firmware version and allows for arbitrary code execution as kernel. The exploit includes a loader that listens for payloads on port 9020 and executes them upon reception. The loade...
Exploit for Improper Input Validation in Google Android
Exploit for CVE-2022-20186 The write up can be found here...
CVE-2023-25527
NVIDIA DGX H100 BMC contains a vulnerability in the host KVM daemon, where an authenticated local attacker may cause corruption of kernel memory. A successful exploit of this vulnerability may lead to arbitrary kernel code execution, denial of service, escalation of privileges, information...
Exploit for Use After Free in Arm Avalon_Gpu_Kernel_Driver
Exploit for CVE-2022-46395 to run on FireTV 3rd gen Cube Thi...
CVE-2022-42845
The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. An app with root privileges may be able to execute arbitrary code with kernel privileges...
CVE-2022-22640
A memory corruption issue was addressed with improved validation. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3, watchOS 8.5. An application may be able to execute arbitrary code with kernel privileges...
UBUNTU-CVE-2017-0572
An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions:...
Apple Mac OSX - IOBluetoothHCIUserClient Arbitrary Kernel Code Execution
Apple Mac OSX - IOBluetoothHCIUserClient Arbitrary Kernel Code Execution / Source: https://code.google.com/p/google-security-research/issues/detail?id=569 IOBluetoothHCIUserClient uses an IOCommandGate to dispatch external methods; it passes a pointer to the structInput of the external method as...
Apple Mac OSX - 'IOBluetoothHCIUserClient' Arbitrary Kernel Code Execution
/ Source: https://code.google.com/p/google-security-research/issues/detail?id=569 IOBluetoothHCIUserClient uses an IOCommandGate to dispatch external methods; it passes a pointer to the structInput of the external method as arg0 and ::SimpleDispatchWL as the Action. It neither passes nor checks t...
Microsoft Windows KTM Invalid Free with Reused Transaction GUID (MS10-047)
No description provided by source. Microsoft Windows KTM Invalid Free with reused transaction GUID ---------------------------------------------------------------------------- CVE-2010-1889 The Kernel Transaction Manager ktm was introduced in Windows Vista and has been included in subsequent...
Microsoft Windows win32k!GreStretchBltInternal() Does Not Handle src == dest
No description provided by source. Microsoft Windows win32k!GreStretchBltInternal does not handle src == dest ---------------------------------------------------------------------------- A bitblt bit block transfer is used to copy one rectangular region of screen to another, often performing a...
Micro-point active Defense software privilege escalation-vulnerability warning-the black bar safety net
Brief description: Micro-point active Defense software could allow elevation of Privilege, leading to execute arbitrary kernel code Detailed description: Micro-point active Defense software mp110012. sys file fails to properly check user of the incoming parameters, can lead to execute arbitrary...
Linux Kernel CAP_SYS_ADMIN to root Exploit
No description provided by source. / Linux Kernel CAPSYSADMIN to root exploit by Dan Rosenberg @djrbliss on twitter Usage: gcc -w caps-to-root.c -o caps-to-root sudo setcap capsysadmin+ep caps-to-root ./caps-to-root This exploit is NOT stable: It only works on 32-bit x86 machines It only works on...
Linux Kernel 2.6.34 (Ubuntu 10.10 x86) - CAP_SYS_ADMIN Local Privilege Escalation (1)
Linux Kernel 2.6.34 Ubuntu 10.10 x86 - CAPSYSADMIN Local Privilege Escalation 1 / Linux Kernel CAPSYSADMIN to root exploit by Dan Rosenberg @djrbliss on twitter Usage: gcc -w caps-to-root.c -o caps-to-root sudo setcap capsysadmin+ep caps-to-root ./caps-to-root This exploit is NOT stable: It only...