782 matches found
CVE-2020-9909
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations...
CVE-2020-17393
This vulnerability allows local attackers to disclose information on affected installations of Parallels Desktop 15.1.3-47255. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...
Astra Linux - уязвимость в linux-5.10
The specific flaw exists within the DPT I2O Controller driver. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the...
Google ChromeOS Post-Release Usage Vulnerability
Google ChromeOS is an operating system based on the Linux kernel. Google ChromeOS suffers from a use-after-release vulnerability that stems from the presence of a competing conditional use-after-release reuse in the virtiotransportspaceupdate function, which can be exploited by an attacker to cau...
CVE-2025-1290
A race condition Use-After-Free vulnerability exists in the virtiotransportspaceupdate function within the Kernel 5.4 on ChromeOS. Concurrent allocation and freeing of the virtiovsocksock structure during an AFVSOCK connect syscall can occur before a worker thread accesses it resulting in a...
CVE-2025-1290
A race condition Use-After-Free vulnerability exists in the virtiotransportspaceupdate function within the Kernel 5.4 on ChromeOS. Concurrent allocation and freeing of the virtiovsocksock structure during an AFVSOCK connect syscall can occur before a worker thread accesses it resulting in a...
Google ChromeOS Kernel 安全漏洞
Google ChromeOS is an operating system based on the Linux kernel. Google ChromeOS suffers from a use-after-release vulnerability that stems from the presence of a competing conditional use-after-release reuse in the virtiotransportspaceupdate function, which can be exploited by an attacker to cau...
PT-2025-16016
Name of the Vulnerable Software and Affected Versions Arm Ltd Valhall GPU Kernel Driver versions r29p0 through r53p0 Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver versions r41p0 through r53p0 TP-Link Smart Hub versions prior to an unspecified fixed version Description A Use After Free issue ...
CVE-2025-0287
Various Paragon Software products contain a null pointer dereference vulnerability within biontdrv.sys that is caused by a lack of a valid MasterLrp structure in the input buffer, allowing an attacker to execute arbitrary code in the kernel, facilitating privilege escalation...
PT-2025-9249
Name of the Vulnerable Software and Affected Versions Paragon Partition Manager version 7.9.1 Description The issue is caused by a null pointer dereference vulnerability within biontdrv.sys, resulting from a lack of a valid MasterLrp structure in the input buffer. This allows an attacker to execu...
CVE-2025-0373 Buffer overflow in some filesystems via NFS
On 64-bit systems, the implementation of VOPVPTOFH in the cd9660, tarfs and ext2fs filesystems overflows the destination FID buffer by 4 bytes, a stack buffer overflow. A NFS server that exports a cd9660, tarfs, or ext2fs file system can be made to panic by mounting and accessing the export with ...
VulnCheck KEV: CVE-2023-3269
A vulnerability exists in the memory management subsystem of the Linux kernel. The lock handling for accessing and updating virtual memory areas VMAs is incorrect, leading to use-after-free problems. This issue can be successfully exploited to execute arbitrary kernel code, escalate containers,...
About the security content of macOS Ventura 13.6.8
About the security content of macOS Ventura 13.6.8 This document describes the security content of macOS Ventura 13.6.8. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...
CVE-2024-1305
tap-windows6 driver version 9.26 and earlier does not properly check the size data of incomming write operations which an attacker can use to overflow memory buffers, resulting in a bug check and potentially arbitrary code execution in kernel space...
Exploit for Improper Input Validation in Google Android
Exploit for CVE-2022-20186 The write up can be found here...
Linux Kernel USB Core Out-Of-Bounds Read Local Privilege Escalation Vulnerability
This vulnerability allows physically present attackers to escalate privileges on affected installations of Linux Kernel. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of USB descriptors. The issue results from the lack of proper...
CVE-2024-27840
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6.7, macOS Monterey 12.7.5, iOS 16.7.8 and iPadOS 16.7.8, tvOS 17.5, visionOS 1.2, iOS 17.5 and iPadOS 17.5, watchOS 10.5. An attacker that has already achieved kernel code execution may be able to bypa...
CVE-2024-27840
The issue was addressed with improved memory handling. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5, macOS Ventura 13.6.7, tvOS 17.5, visionOS 1.2, watchOS 10.5. An attacker that has already achieved kernel code execution may be able to bypa...
CVE-2024-27840
CVE-2024-27840 affects Apple platforms including macOS (Ventura 13.x, Monterey 12.x), iOS/iPadOS, tvOS, visionOS, and watchOS. The issue is described as a memory handling problem where an attacker who already has kernel code execution may bypass kernel memory protections. The vulnerability is fix...
CVE-2024-27828
The issue was addressed with improved memory handling. This issue is fixed in iOS 17.5 and iPadOS 17.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. An app may be able to execute arbitrary code with kernel privileges...