Unspecified Vulnerability in AMD ATI Diagnostics Hardware Abstraction Sys/Overclocking Utility

AMD ATI Diagnostics Hardware Abstraction Sys/Overclocking Utility is a hardware diagnostics and overclocking utility from AMD. A security vulnerability in the atillk64.sys file in AMD ATI Diagnostics Hardware Abstraction Sys/Overclocking Utility version 5.11.9.0, which originates from not properl...

CVE-2020-10067

CVE-2020-10067 affects Zephyr Project RTOS. A malicious userspace application can trigger an integer overflow that bypasses security checks in system call handlers, with impacts ranging from denial of service to information leak and memory corruption potentially enabling kernel code execution. Af...

Null pointer dereference

In FreeBSD 12.1-STABLE before r357490, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r357489, and 11.3-RELEASE before 11.3-RELEASE-p7, incorrect use of a user-controlled pointer in the epair virtual network module allowed vnet jailed privileged users to panic the host system and...

CVE-2020-7452

Removed by vendor...

CVE-2020-8875

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.2-47123. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

CVE-2020-3831

A race condition was addressed with improved locking. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. An application may be able to execute arbitrary code with kernel privileges...

Microsoft Win32k Component Elevation of Privilege Vulnerability

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. A privilege extraction vulnerability exists in Microsoft Windows 10 version 1903, Windows ...

Multiple vendor based Broadcom cable modems buffer overflow vulnerability

Sagemcom F@st 5260, Sagemcom F@st 3890 etc. is a router.Technicolor TC7230 STEB is a wireless router. A buffer overflow vulnerability exists in Broadcom cable modems based on multiple vendors. A remote attacker could execute arbitrary code in the kernel via JavaScript running in the victim's...

CVE-2019-18568

Avira Free Antivirus 15.0.1907.1514 is prone to a local privilege escalation through the execution of kernel code from a restricted user...

Apple iOS IOKit Memory Corruption Vulnerability

Apple iOS is an operating system developed by Apple for mobile devices, and IOKit is one of the components that reads system information. A security vulnerability exists in the IOKit component in Apple iOS versions prior to 12.1.4. An attacker can exploit the vulnerability and may be able to...

Apple Opens Its Invite-Only Bug Bounty Program to All Researchers

As promised by Apple in August this year, the company today finally opened its bug bounty program to all security researchers, offering monetary rewards to anyone for reporting vulnerabilities in the iOS, macOS, watchOS, tvOS, iPadOS, and iCloud to the company. Since its launch three years ago,...

CVE-2019-8590

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Mojave 10.14.5. An application may be able to execute arbitrary code with kernel privileges...

CVE-2018-4031

An exploitable vulnerability exists in the safe browsing function of the CUJO Smart Firewall, version 7003. The flaw lies in the way the safe browsing function parses HTTP requests. The server hostname is extracted from captured HTTP/HTTPS requests and inserted as part of a Lua statement without...

The vulnerability of the Win32k component of the Windows operating system allows a hacker to increase their privileges and execute arbitrary code in kernel mode.

The vulnerability of the Win32k component of the Windows operating system is related to errors in memory object handling. Exploiting this vulnerability can allow an attacker to enhance their privileges and execute arbitrary code in kernel mode using a specially created application...

The vulnerability of the Windows operating system’s kernel allows a hacker to elevate their privileges and execute arbitrary code in kernel mode.

The vulnerability of the Windows operating system’s kernel is related to errors in memory object handling. Exploiting this vulnerability can allow an attacker to enhance their privileges and execute arbitrary code in kernel mode using a specially created application...

The vulnerability of the win32k component of the Windows operating system, which allows a hacker to elevate their privileges and execute arbitrary code in kernel mode.

The vulnerability of the win32k component of the Windows operating system is related to errors in memory object handling. Exploiting this vulnerability can allow an attacker to enhance their privileges and execute arbitrary code in kernel mode using a specially created application...

The vulnerability of the af_alg_release function in the Linux operating system allows a hacker to execute arbitrary code in kernel mode.

The vulnerability of the afalgrelease function crypto/afalg.c in the Linux kernel is related to the ignoring of setting the NULL value in certain fields of the sockfssetattr structure. Exploiting this vulnerability allows an attacker to execute arbitrary code in kernel mode...

The vulnerability of the Win32k component of the Windows operating system allows a hacker to increase their privileges and execute arbitrary code in kernel mode.

The vulnerability of the Win32k component of the Windows operating system is related to errors in memory object handling. Exploiting this vulnerability can allow an attacker to enhance their privileges and execute arbitrary code in kernel mode through a specially created application...

PT-2019-6076 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.2 Description: The issue is related to the use of memory after it has been freed in the block subsystem of the Linux kernel, specifically involving the blk mq free rqs and blk cleanup queue functions. This can...

The vulnerability of the Win32k component of the Windows operating system, which allows a hacker to execute arbitrary code in kernel mode

The vulnerability of the Win32k component of the Windows operating system is related to deficiencies in access control. Exploiting this vulnerability allows an attacker to execute arbitrary code in kernel mode using a specially created application...