CVE-2022-25477

Vulnerability in Realtek RtsPer driver for PCIe Card Reader RtsPer.sys before 10.0.22000.21355 and Realtek RtsUer driver for USB Card Reader RtsUer.sys before 10.0.22000.31274 leaks driver logs that contain addresses of kernel mode objects, weakening KASLR...

Randomizing the KUSER_SHARED_DATA Structure on Windows

Windows 10 made a lot of improvements in Kernel Address Space Layout Randomization KASLR that increases the cost of exploitation, particularly for remote code execution exploits. Many kernel virtual address space VAS locations including kernel stacks, pools, system PTEs etc. are randomized. A...

Randomizing the KUSER_SHARED_DATA Structure on Windows

Windows 10 made a lot of improvements in Kernel Address Space Layout Randomization KASLR that increases the cost of exploitation, particularly for remote code execution exploits. Many kernel virtual address space VAS locations including kernel stacks, pools, system PTEs etc. are randomized. A...

Randomizing the KUSER_SHARED_DATA Structure on Windows

Windows 10 made a lot of improvements in Kernel Address Space Layout Randomization KASLR that increases the cost of exploitation, particularly for remote code execution exploits. Many kernel virtual address space VAS locations including kernel stacks, pools, system PTEs etc. are randomized. A...

CVE-2018-21076

An issue was discovered on Samsung mobile devices with N7.x Exynos8890/8895 chipsets software. There is information disclosure a KASLR offset in the Secure Driver via a modified trustlet. The Samsung ID is SVE-2017-10987 April 2018...

Denial Of Service (DoS)

Kernel is vulnerable to denial of service DoS because kernel space address bits to derive IP ID may potentially break KASLR...

Kernel: net: using kernel space address bits to derive IP ID may potentially break KASLR

A flaw was found in the way the Linux kernel derived the IP ID field from a partial kernel space address returned by a nethashmix function. A remote user could observe this IP ID field to extract the kernel address bits used to derive its value, which may result in leaking the hash key and...

KB4471324: Windows 10 Version 1803 and Windows Server Version 1803 December 2018 Security Update

The remote Windows host is missing security update 4471324. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly. An attacker who successfully exploited this vulnerability could...

KB4093115: Windows 8.1 and Windows Server 2012 R2 April 2018 Security Update

The remote Windows host is missing security update 4093115 or cumulative update 4093114. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists when Windows improperly handles objects in memory and incorrectly maps kernel memory. CVE-2018-1009 - ...

Microsoft Windows Multiple Vulnerabilities (KB4088787)

This host is missing a critical security update according to Microsoft KB4088787 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

KB4088782: Windows 10 Version 1703 March 2018 Security Update

The remote Windows host is missing security update 4088782. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists in Windows when Desktop Bridge does not properly manage the virtual registry. An attacker who successfully exploited this...

Microsoft Windows Multiple Vulnerabilities (KB4056899)

This host is missing an important security update according to Microsoft KB4056899 OpenVAS Vulnerability Test $Id: gbmskb4056899.nasl 8364 2018-01-10 16:59:46Z gveerendra $ Microsoft Windows Multiple Vulnerabilities KB4056899 Authors: Shakeel Copyright: Copyright C 2018 Greenbone Networks GmbH,...

KB4056899: Windows Server 2012 January 2018 Security Update

The remote Windows host is missing security update 4056899 or cumulative update 4056896. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists in Windows Adobe Type Manager Font Driver ATMFD.dll when it fails to properly handle objects in memory...

KB4056890: Windows 10 Version 1607 and Windows Server 2016 January 2018 Security Update (Meltdown)(Spectre)

The remote Windows host is missing security update 4056890 or 4057142. It is, therefore, affected by multiple vulnerabilities : - An vulnerability exists within microprocessors utilizing speculative execution and indirect branch prediction, which may allow an attacker with local user access to...

KB4038783: Windows 10 Version 1511 September 2017 Cumulative Update

The remote Windows host is missing security update 4038783. It is, therefore, affected by multiple vulnerabilities : - A race condition that could lead to a remote code execution vulnerability exists in NetBT Session Services when NetBT fails to maintain certain sequencing requirements...

Windows Server 2012 September 2017 Security Updates

The remote Windows host is missing security update 4038786 or cumulative update 4038799. It is, therefore, affected by multiple vulnerabilities : - A race condition that could lead to a remote code execution vulnerability exists in NetBT Session Services when NetBT fails to maintain certain...

Microsoft Windows Server 2012 Multiple Vulnerabilities (KB4025331)

This host is missing a critical security update according to Microsoft KB4025331 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for the Windows Kernel information disclosure vulnerability in Windows Server 2008: August 8, 2017

Security update for the Windows Kernel information disclosure vulnerability in Windows Server 2008: August 8, 2017 Summary An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, allowing an attacker to retrieve information that could...

Kernel Address Space Layout Randomization Recovery Software

Kernel Address Space Layout Randomization Recovery Software KASLRfinder is a small utility that can be used to find where in memory the Windows 10 kernel and its drivers are loaded – despite the addresses being randomized by Kernel Address Space Layout Randomization KASLR. The utility can be run ...

OSX < 10.11.5 Multiple Vulnerabilities

Binary data 800143.prm...