Lucene search
+L

35 matches found

OSV
OSV
added 2021/08/05 9:15 p.m.8 views

CVE-2021-21792

An information disclosure vulnerability exists in the the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O read requests. A specially crafted I/O request packet IRP can lead to privileged reads in the context of a driver which can result in sensitive information...

5.5CVSS5.8AI score0.0034EPSS
Exploits1References1
CVE
CVE
added 2021/08/05 8:5 p.m.74 views

CVE-2021-21792

The CVE-2021-21792 issue affects IOBit Advanced SystemCare Ultimate 14.2.0.220, where the driver mishandles Privileged I/O read requests via IRP_MJ_DEVICE_CONTROL, allowing a local attacker to perform privileged IN reads from the kernel. TALOS-2021-1255 documents a local exploit path where an att...

6.5CVSS5AI score0.0034EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/08/05 8:4 p.m.67 views

CVE-2021-21790

The CVE-2021-21790 issue affects IOBit Advanced SystemCare Ultimate 14.2.0.220: a flaw in the driver’s handling of Privileged I/O read requests allows a local attacker to trigger privileged reads from the kernel via crafted IRPs, potentially disclosing sensitive kernel data. TALOS details cover C...

6.5CVSS5AI score0.00336EPSS
Exploits1References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/07/16 12:0 a.m.155 views

openSUSE 15 Security Update : kernel (openSUSE-SU-2021:2352-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:2352-1 advisory. - In hidinputchangeresolutionmultipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This could...

7.8CVSS7.3AI score0.00922EPSS
Exploits5References54
Apple
Apple
added 2020/12/15 6:4 a.m.98 views

About the security content of watchOS 7.1 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...

9.3CVSS1.1AI score0.22178EPSS
Exploits2Affected Software1
CNVD
CNVD
added 2020/10/26 12:0 a.m.7 views

Apple macOS Catalina Kernel Information Disclosure Vulnerability

Apple macOS Catalina is an operating system from Apple on the Mac platform. A security vulnerability exists in the processing memory of Apple macOS Catalina, which can be exploited by a remote attacker to submit a special request that can be parsed by the user and can be used to obtain sensitive...

5.5CVSS6.5AI score0.00857EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.21 views

FreeBSD : FreeBSD -- Kernel stack disclosure in UFS/FFS (ff82610f-b309-11e9-a87f-a4badb2f4699)

A bug causes up to three bytes of kernel stack memory to be written to disk as uninitialized directory entry padding. This data can be viewed by any user with read access to the directory. Additionally, a malicious user with write access to a directory can cause up to 254 bytes of kernel stack...

6.5CVSS6.3AI score0.01567EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2019/07/26 12:9 a.m.39 views

CVE-2019-5605

Removed by vendor...

6.8CVSS6.5AI score0.02327EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/05/10 12:0 a.m.84 views

Symantec Endpoint Protection Client 12.1.x / 14.x < 14.2.3332.1000 Kernel Memory Disclosure (SYMSA1479)

The version of Symantec Endpoint Protection SEP Client installed on the remote host is 12.1.x or 14.0.x prior to 14.2.3332.1000. It is, therefore, affected by kernel memory disclosure vulnerability. A specially crafted IRP request can cause disclosure of uninitialized memory. Note that Nessus has...

6.5CVSS6.5AI score0.00386EPSS
Exploits0References3
Prion
Prion
added 2019/04/03 6:29 p.m.21 views

Input validation

An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue affected versions prior to macOS High Sierra 10.13.6...

4.9CVSS4.5AI score0.00316EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2018/09/13 12:29 a.m.11 views

CVE-2018-8442

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows...

5.5CVSS5.5AI score0.02782EPSS
Exploits0References4
Exploit DB
Exploit DB
added 2018/04/16 12:0 a.m.37 views

Microsoft Windows - &#039;nt!NtQueryVirtualMemory (MemoryImageInformation)&#039; Kernel 64-bit Stack Memory Disclosure

/ We have discovered that the nt!NtQueryVirtualMemory system call invoked with the MemoryImageInformation 0x6 information class discloses uninitialized kernel stack memory to user-mode clients. The vulnerability affects 64-bit versions of Windows 8 to 10. The layout of the corresponding output...

7AI score
Exploits0
OSV
OSV
added 2017/01/12 3:59 p.m.3 views

CVE-2016-8407

An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising ...

4.7CVSS7.3AI score0.01046EPSS
Exploits0References2
FreeBSD Advisory
FreeBSD Advisory
added 2014/11/04 12:0 a.m.14 views

FreeBSD-SA-14:25.setlogin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-14:25.setlogin Security Advisory The FreeBSD Project Topic: Kernel stack disclosure in setlogin2 / getlogin2 Category: core Module: kernel Announced: 2014-11-04...

2.1CVSS6AI score0.00392EPSS
Exploits0
The Hacker News
The Hacker News
added 2012/10/27 5:59 p.m.10 views

Hacker dump database from US Government and Military websites

Internet Activist and collective hacker group "NullCrew" released a huge dump of 7,000 names-passwords database from US Government websites and 2000 names-passwords database from Military websites. Hacker claimed to hack into five websites, including Montana's Official State Website, United...

6.9AI score
Exploits0
Rows per page
Query Builder