788 matches found
UBUNTU-CVE-2020-8131
Arbitrary filesystem write vulnerability in Yarn before 1.22.0 allows attackers to write to any path on the filesystem and potentially lead to arbitrary code execution by forcing the user to install a malicious package...
CVE-2020-0009
In calcvmmayflags of ashmem.c, there is a possible arbitrary write to shared memory due to a permissions bypass. This could lead to local escalation of privilege by corrupting memory shared between processes, with no additional execution privileges needed. User interaction is not needed for...
CVE-2020-0009
In calcvmmayflags of ashmem.c, there is a possible arbitrary write to shared memory due to a permissions bypass. This could lead to local escalation of privilege by corrupting memory shared between processes, with no additional execution privileges needed. User interaction is not needed for...
CVE-2020-0009
In calcvmmayflags of ashmem.c, there is a possible arbitrary write to shared memory due to a permissions bypass. This could lead to local escalation of privilege by corrupting memory shared between processes, with no additional execution privileges needed. User interaction is not needed for...
UBUNTU-CVE-2020-0009
In calcvmmayflags of ashmem.c, there is a possible arbitrary write to shared memory due to a permissions bypass. This could lead to local escalation of privilege by corrupting memory shared between processes, with no additional execution privileges needed. User interaction is not needed for...
CVE-2020-0009
In calcvmmayflags of ashmem.c, there is a possible arbitrary write to shared memory due to a permissions bypass. This could lead to local escalation of privilege by corrupting memory shared between processes, with no additional execution privileges needed. User interaction is not needed for...
CVE-2020-0009
In calcvmmayflags of ashmem.c, there is a possible arbitrary write to shared memory due to a permissions bypass. This could lead to local escalation of privilege by corrupting memory shared between processes, with no additional execution privileges needed. User interaction is not needed for...
PT-2020-11378 · Google · Android Kernel
Name of the Vulnerable Software and Affected Versions: Android kernel versions affected versions not specified Description: The issue is related to a permissions bypass in the calc vm may flags function of ashmem.c, which could allow for an arbitrary write to shared memory. This could lead to a...
Sony Playstation 4 (PS4) 6.72 - WebKit Code Execution (PoC)
Sony Playstation 4 PS4 6.72 - WebKit Code Execution PoC / badhoist ============ Exploit implementation of CVE-2018-4386. Obtains addrof/fakeobj and arbitrary read/write primitives. Supports PS4 consoles on 6.XX. May also work on older firmware versions, but I am not sure. Bug was fixed in firmwar...
kernel: Out-of-bounds heap access in xfrm
Out-of-bounds kernel heap access vulnerability was found in xfrm, kernel's IP framework for transforming packets. An error dealing with netlink messages from an unprivileged user leads to arbitrary read/write and privilege escalation...
CVE-2019-19647
radare2 through 4.0.0 lacks validation of the content variable in the function rasmpseudoincbin at libr/asm/asm.c, ultimately leading to an arbitrary write. This allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via crafted input...
CVE-2019-19647
radare2 through 4.0.0 lacks validation of the content variable in the function rasmpseudoincbin at libr/asm/asm.c, ultimately leading to an arbitrary write. This allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via crafted input...
CVE-2019-19647
radare2 through 4.0.0 lacks validation of the content variable in the function rasmpseudoincbin at libr/asm/asm.c, ultimately leading to an arbitrary write. This allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via crafted input...
Input validation
radare2 through 4.0.0 lacks validation of the content variable in the function rasmpseudoincbin at libr/asm/asm.c, ultimately leading to an arbitrary write. This allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via crafted input...
CVE-2019-19647
radare2 through 4.0.0 lacks validation of the content variable in the function rasmpseudoincbin at libr/asm/asm.c, ultimately leading to an arbitrary write. This allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via crafted input...
CVE-2019-19647
radare2 through 4.0.0 lacks validation of the content variable in the function rasmpseudoincbin at libr/asm/asm.c, ultimately leading to an arbitrary write. This allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via crafted input...
grub2-bhyve -- multiple privilege escalations
Reno Robert reports: FreeBSD uses a two-process model for running a VM. For booting non-FreeBSD guests, a modified grub-emu is used grub-bhyve. Grub-bhyve executes command from guest grub.cfg file. This is a security problem because grub was never written to handle inputs from OS as untrusted. In...
CVE-2018-6240
CVE-2018-6240 affects NVIDIA Tegra BootRom. A local attacker with kernel privileges can write an arbitrary value to an arbitrary physical address, enabling escalation of privileges. Connected NVIDIA advisories confirm this vulnerability and map fixes to specific Jetson/Linux-for-Tegra releases: T...
jenkins: Arbitrary file write vulnerability using file parameter definitions (SECURITY-1424)
A path traversal vulnerability in Jenkins 2.185 and earlier, LTS 2.176.1 and earlier in core/src/main/java/hudson/model/FileParameterValue.java allowed attackers with Job/Configure permission to define a file parameter with a file name outside the intended directory, resulting in an arbitrary fil...
CVE-2018-15738
An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains an Arbitrary Write vulnerability due to not validating the output buffer address value from IOCtl 0x8000205F...