PentestBox 2.0 - Portable Penetration Testing Distribution for Windows Environments

PentestBox provides all security tools as a software package, eliminating requirement of Virtual machines or dualboot environments on Windows Operating System. It is created because more than 50% of penetration testing distribution users uses windows. Source So it provides an efficient platform f...

Apple Mac OSX Kernel - Use-After-Free and Double Delete Due to Incorrect Locking in Intel GPU Driver

Apple Mac OSX Kernel - Use-After-Free and Double Delete Due to Incorrect Locking in Intel GPU Driver / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=708 The external methods IGAccelGLContext::unmapusermemory and IGAccelCLContext::unmapusermemory take an 8 byte struct input whi...

Apple Mac OSX - Kernel Use-After-Free and Double Delete Due to Incorrect Locking in Intel GPU Driver

Exploit for macOS platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=708 The external methods IGAccelGLContext::unmapusermemory and IGAccelCLContext::unmapusermemory take an 8 byte struct input which is a user-space pointer previously passed to the...

Apple Mac OSX - Kernel Unchecked Array Index Used to Read Object Pointer Then Call Virtual Method in

Exploit for macOS platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=709 nvDevice::ReleaseDeviceTexture is external method 0x10a of userclient 5 of the geforce IOAccelerator. It takes a single uint argument text:000000000001BCD2 mov r14d, esi...

Apple Mac OSX Kernel - Use-After-Free and Double Delete Due to Incorrect Locking in Intel GPU Driver

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=708 The external methods IGAccelGLContext::unmapusermemory and IGAccelCLContext::unmapusermemory take an 8 byte struct input which is a user-space pointer previously passed to the equivilent mapusermemory method. The Context...

Apple Mac OSX Kernel - Unchecked Array Index Used to Read Object Pointer Then Call Virtual Method in Nvidia Geforce Driver

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=709 nvDevice::ReleaseDeviceTexture is external method 0x10a of userclient 5 of the geforce IOAccelerator. It takes a single uint argument text:000000000001BCD2 mov r14d, esi ... text:000000000001BD08 and r14d, 7FFFFFFFh -- clear...

Qualcomm Adreno GPU MSM Driver - perfcounter Query Heap Overflow

Exploit for Android platform in category dos / poc / Source: https://code.google.com/p/google-security-research/issues/detail?id=734 The Adreno GPU driver for the MSM Linux kernel contains a heap overflow in the IOCTLKGSLPERFCOUNTERQUERY ioctl command. The bug results from an incorrect conversion...

Qualcomm Adreno GPU MSM Driver - perfcounter Query Heap Overflow

Qualcomm Adreno GPU MSM Driver - perfcounter Query Heap Overflow / Source: https://code.google.com/p/google-security-research/issues/detail?id=734 The Adreno GPU driver for the MSM Linux kernel contains a heap overflow in the IOCTLKGSLPERFCOUNTERQUERY ioctl command. The bug results from an...

Qualcomm Adreno GPU MSM Driver - perfcounter Query Heap Overflow

/ Source: https://code.google.com/p/google-security-research/issues/detail?id=734 The Adreno GPU driver for the MSM Linux kernel contains a heap overflow in the IOCTLKGSLPERFCOUNTERQUERY ioctl command. The bug results from an incorrect conversion to a signed type when calculating the minimum coun...

The vulnerability of the iOS operating system allows a hacker to execute arbitrary code in a privileged context.

The vulnerability of the Mobile Replayer component in the GPUTools Framework for the iOS operating system is related to errors in the code. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in a privileged context using an application that specifies a specially...

NVIDIA GPU was traced to vulnerabilities, you can view the porn browsing history-bug warning-the black bar safety net

! Chrome's incognito mode in some specific cases not necessarily be able to protect individual privacy, recently a gamer the exposure of the Nvidia GPU of the previous vulnerability, the use of the vulnerability can view Chrome incognito mode to browse porn sites picture. Evan Andersen once loade...

Vulnerability of NVIDIA GPU graphics processor software, which allows attackers to enhance their privileges or cause service failures

The vulnerability of NVIDIA GPU graphics processor software is related to access control deficiencies. Exploiting this vulnerability can allow a remote attacker to enhance their privileges or cause service interruptions...

The vulnerability of NVIDIA GPU graphics processor software allows a hacker to gain access to protected information, enhance their privileges, or cause service interruptions.

The vulnerability of NVIDIA GPU graphics processor software is related to a numerical overflow issue. Exploiting this vulnerability can allow an attacker who operates locally to gain access to protected information, enhance their privileges, or cause service interruptions...

oclHashcat v2.01 - Worlds Fastest Password Cracker

oclHashcat is the world's fastest and most advanced GPGPU-based password recovery utility, supporting five unique modes of attack for over 170 highly-optimized hashing algorithms. oclHashcat currently supports AMD OpenCL and Nvidia CUDA graphics processors on GNU/Linux and Windows 7/8/10, and has...

多款NVIDIA GPU显卡驱动非引用Windows搜索路径漏洞

安装了nvidia的显卡驱动包后，在控制面板会有nvidia的图标，点击该图标会运行 nvSmartMaxApp.exe，并显示显卡配置界面。该主程序在加载其它子程序时，调用createprocessa API时，第一个参数没有使用双引号来闭合包含有空格的子进程路径。造成攻击者可以在C盘根目录下 存放c:\program.exe的恶意程序，并会被nvSmartMaxApp.exe加载。 但是在WIN7中默认C盘根目录是不能写的。同时该漏洞需要用户交互。...

多款NVIDIA GPU显卡驱动整数溢出漏洞

No description provided by source...

Multiple NVIDIA GPU Graphics Card Driver Non-Referenced Windows Search Path Vulnerability

NVIDIA GPU graphics driver R340, R352 and R358 on Windows are graphics processor GPU drivers for the R340, R352 and R358 series from NVIDIA. A non-referenced Windows search path vulnerability exists in the Smart Maximize Helper nvSmartMaxApp.exe in the Control Panel of several NVIDIA GPU graphics...

CVE-2015-8328

Unspecified vulnerability in the NVAPI support layer in the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows allows local users to obtain sensitive information, cause a denial of service crash, or possibly gain privileges via unknown vectors...

CVE-2015-7869

Multiple integer overflows in the kernel mode driver for the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows and R304 before 304.131, R340 before 340.96, R352 before 352.63, and R358 before 358.16 on Linux allow local users to obtain sensitive...

CVE-2015-7869

Multiple integer overflows in the kernel mode driver for the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows and R304 before 304.131, R340 before 340.96, R352 before 352.63, and R358 before 358.16 on Linux allow local users to obtain sensitive...