Privilege escalation

A flaw was found in pritunl-client before version 1.0.1116.6. Arbitrary write to user specified path may lead to privilege escalation...

CVE-2016-7063

A flaw was found in pritunl-client before version 1.0.1116.6. Arbitrary write to user specified path may lead to privilege escalation...

npm: Symlink reference outside of node_modules folder through the bin field upon installation

Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. It is possible for packages to create symlinks to files outside of thenodemodules folder through the bin field upon installation. A properly constructed entry in the package.json bin field would allow a package...

FarSite Communications FarLinX X25 Gateway Arbitrary Write Vulnerability

FarSite Communications FarLinX X25 Gateway is a gateway product from FarSite Communications, UK. It features a browser interface, online statistics set, connection logging, active session display and status change alerts. FarSite Communications FarLinX X25 Gateway An arbitrary write vulnerability...

CVE-2017-18657

An issue was discovered on Samsung mobile devices with M6.0 and N7.x software. There is an arbitrary write in a trustlet. The Samsung ID is SVE-2017-8893 August 2017...

CVE-2017-18657

An issue was discovered on Samsung mobile devices with M6.0 and N7.x software. There is an arbitrary write in a trustlet. The Samsung ID is SVE-2017-8893 August 2017...

CVE-2017-18648

An issue was discovered on Samsung mobile devices with KK4.4.x, L5.x, M6.x, and N7.x software. Arbitrary file read/write operations can occur in the locked state via a crafted MTP command. The Samsung ID is SVE-2017-10086 November 2017...

Code injection

An issue was discovered on Samsung mobile devices with M6.0 and N7.x software. There is an arbitrary write in a trustlet. The Samsung ID is SVE-2017-8893 August 2017...

CVE-2017-18657

CVE-2017-18657 concerns Samsung mobile devices running M(6.0)/N(7.x) software. The issue is an arbitrary write in a trustlet (Samsung ID SVE-2017-8893). Connected documents (Red Hat, NVD/NVD mirror, CVE lists) corroborate the same root cause description, with no publicly detailed exploit or affec...

CVE-2017-18657

An issue was discovered on Samsung mobile devices with M6.0 and N7.x software. There is an arbitrary write in a trustlet. The Samsung ID is SVE-2017-8893 August 2017...

Samsung Mobile Device Buffer Overflow Vulnerability (CNVD-2020-40835)

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. Samsung mobile devices have a security vulnerability that can be exploited by attackers to perform arbitrary read and write operations...

CVE-2019-20601

An issue was discovered on Samsung mobile devices with N7.x, O8.x, and P9.0 Exynos7570, 7580, 7870, 7880, and 8890 chipsets software. RKP memory corruption causes an arbitrary write to protected memory. The Samsung ID is SVE-2019-13921-2 May 2019...

CVE-2019-20601

An issue was discovered on Samsung mobile devices with N7.x, O8.x, and P9.0 Exynos7570, 7580, 7870, 7880, and 8890 chipsets software. RKP memory corruption causes an arbitrary write to protected memory. The Samsung ID is SVE-2019-13921-2 May 2019...

Unspecified Vulnerability in Rivet Killer Control Center (CNVD-2020-19859)

Rivet Killer Control Center is a computer performance optimization and control software. The program mainly supports application checking and setting priorities. Rivet Killer Control Center has a security vulnerability that was discovered in Rivet Killer Control Center prior to 2.1.1352.IOCTL...

CVE-2019-15665

An issue was discovered in Rivet Killer Control Center before 2.1.1352. IOCTL 0x120004 in KfeCo10X64.sys fails to validate an offset passed as a parameter during a memory operation, leading to an arbitrary write primitive that can lead to code execution or escalation of privileges...

CVE-2019-15665

An issue was discovered in Rivet Killer Control Center before 2.1.1352. IOCTL 0x120004 in KfeCo10X64.sys fails to validate an offset passed as a parameter during a memory operation, leading to an arbitrary write primitive that can lead to code execution or escalation of privileges...

CVE-2019-15665

The CVE-2019-15665 entry affects Rivet Killer Control Center

PT-2020-20230 · Trend Micro · Officescan Xg Server +1

Name of the Vulnerable Software and Affected Versions: Trend Micro Apex One versions 2019 Trend Micro OfficeScan XG server Description: The issue concerns a vulnerable EXE file in Trend Micro Apex One and OfficeScan XG server, allowing a remote attacker to write arbitrary data to any path on...

CVE-2020-10565

grub2-bhyve, as used in FreeBSD bhyve before revision 525916 2020-02-12, does not validate the address provided as part of a memrw command read or write by a guest through a grub2.cfg file. This allows an untrusted guest to perform arbitrary read or write operations in the context of the grub-bhy...

kernel_exploit_series

This repository is an exploit series for learning how to exploit kernel vulnerabilities, specifically targeting the Linux kernel. The repository contains various exploit modules and tools, including: 1. 1-heapsprayUAF: This directory contains exploit code for a use-after-free UAF vulnerability in...