CVE-2020-17402

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.4 47270. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...

CVE-2020-17396

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

Microsoft Windows PFB Font File Heap-based Buffer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the parsing of...

FreeBSD competitive conditions loophole (CNVD-2020-47966)

FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. A Competitive Condition Issue vulnerability exists in the handling of parameters in FreeBSD. An attacker could exploit this vulnerability to elevate privileges and execute code in the context of the kernel...

FreeBSD Kernel sendmsg System Call Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of FreeBSD Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

PT-2020-6679 · Apple · Ios +2

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 13.6 iPadOS versions prior to 13.6 tvOS versions prior to 13.4.8 Description: The issue is related to a memory corruption problem in the AVEVideoEncoder component, which can lead to a buffer overflow. This can potentiall...

Microsoft Windows PFB Font File Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the parsing of...

PT-2020-20789 · Apple · Ios +2

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 13.5 iPadOS versions prior to 13.5 macOS Catalina versions prior to 10.15.5 Description: A memory corruption issue was addressed with improved state management, allowing an application to potentially execute arbitrary co...

CVE-2020-10067

A malicious userspace application can cause a integer overflow and bypass security checks performed by system call handlers. The impact would depend on the underlying system call and can range from denial of service to information leak to memory corruption resulting in code execution within the...

CVE-2020-7452

In FreeBSD 12.1-STABLE before r357490, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r357489, and 11.3-RELEASE before 11.3-RELEASE-p7, incorrect use of a user-controlled pointer in the epair virtual network module allowed vnet jailed privileged users to panic the host system and...

CVE-2020-8876

This vulnerability allows local attackers to disclose information on affected installations of Parallels Desktop 15.1.2-47123. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

Parallels Desktop Buffer Overflow Vulnerability

Corel Parallels Desktop is a suite of virtual machine software for the macOS platform from Corel Canada. A buffer overflow vulnerability exists in the IOCTL processor in Parallels Desktop, which stems from the program failing to properly validate user-submitted data. An attacker could exploit the...

Google Android V4l2 cam_actuator_driver_cmd Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Google Android. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

The vulnerability of the DirectX component of the Windows operating system allows attackers to elevate their privileges and execute arbitrary code in kernel mode.

The vulnerability of the DirectX component of the Windows operating system is related to errors in object handling in memory. Exploiting this vulnerability can allow an attacker to enhance their privileges and execute arbitrary code in kernel mode using a specially created application...

Apple macOS SCSITaskUserClient Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the SCSITaskUserClient...

CUJO Smart Firewall threatd hostname reputation check code execution vulnerability

Summary An exploitable vulnerability exists in the safe browsing function of the CUJO Smart Firewall, version 7003. The flaw lies in the way the safe browsing function parses HTTP requests. The server hostname is extracted from captured HTTP/HTTPS requests and inserted as part of a Lua statement...

Google Android DTS Sound Driver Elevation of Privilege Vulnerability

Google Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA.Qualcomm Wi-Fi Driver is a wifi driver. An elevation of privilege vulnerability exists in Google Android DTS Sound Driver. An attacker can exploit this vulnerability to...

Google Android Qualcomm Shared Memory Driver Elevation of Privilege Vulnerability

Google Android is a Linux-based open source operating system developed by Google and the Open Handset Alliance OHA, and the Qualcomm Shared Memory Driver is a Qualcomm-developed shared memory driver that is used in the... The Qualcomm Shared Memory Driver is a Qualcomm-developed shared memory...

The vulnerability of NVIDIA’s Android operating system video driver allows a hacker to execute arbitrary code.

The vulnerability of NVIDIA’s Android operating system video driver is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code within the kernel context remotely...

CVE-2017-0606

An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions:...