169 matches found
CVE-2015-3691
The Monitor Control Command Set kernel extension in the Display Drivers subsystem in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context via a crafted app that leverages control of a function pointer...
CVE-2015-3691
The CVE-2015-3691 issue affects Apple OS X 10.10.x: the Monitor Control Command Set kernel extension in Display Drivers allows a crafted app to take control of a function pointer and execute arbitrary code in a privileged context. The root cause is within that kernel extension’s handling of funct...
CVE-2015-3720
The kernel in Apple OS X before 10.10.4 does not properly manage memory in kernel-extension APIs, which allows attackers to obtain sensitive memory-layout information via a crafted app...
Apple MAC OS X kextd Symbolic Link Arbitrary File Overwrite Vulnerability
Apple Mac OS X is a commercial operating system. Apple Mac OS X kextd suffers from a symbolic link vulnerability that allows attackers to run malicious applications and overwrite arbitrary files...
Apple MAC OS X Monitor Control Command Set Kernel Extension Arbitrary Code Execution Vulnerability
Apple Mac OS X is a commercial operating system. A security vulnerability in Apple Mac OS X's handling of the Monitor Control Command Set kernel extension allows an attacker to run a malicious application to control function pointers in the kernel and execute arbitrary code...
Apple TV < 7.0.3 Multiple Vulnerabilities
According to its banner, the remote Apple TV device is a version prior to 7.0.3. It is, therefore, affected by the following vulnerabilities : - Multiple memory corruption issues exist, related to the included version of WebKit, that allow application crashes or arbitrary code execution...
Apple TV and iOS API-related kernel extension information disclosure vulnerability
Apple iOS is the latest operating system for Apple's iPhone and iPod touch devices. Apple TV is Apple's way of allowing photos, videos and music from PCs and iPods to be transmitted wirelessly to a TV in high definition. An information disclosure vulnerability exists in the kernel extension relat...
Yosemite discovered a local privilege escalation vulnerability-vulnerability warning-the black bar safety net
Overview: following the previous research, we for Mac OS X the latest version of Yosemite 10.10.1 on IOBluetoothHCIController services were performed on more test results and found that in addition to 5 security vulnerabilities. We have the related issues submitted to the Apple Security, and, on...
CVE-2014-4380
The IOHIDFamily kernel extension in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking on write operations, which allows attackers to execute arbitrary code in the kernel's context via a crafted application...
Design/Logic Flaw
The IOHIDFamily kernel extension in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking on write operations, which allows attackers to execute arbitrary code in the kernel's context via a crafted application...
CVE-2014-4380
The IOHIDFamily kernel extension in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking on write operations, which allows attackers to execute arbitrary code in the kernel's context via a crafted application...
CVE-2014-4380
Concretely, CVE-2014-4380 is tied to IOHIDFamily in macOS (OS X Yosemite 10.10.x up to 10.10.2). The issue is a heap buffer overflow in IOHIDFamily's handling of key-mapping properties that could allow a local user to execute arbitrary code with system privileges. Mitigation in the connected doc ...
AIX 5.3 TL 12 : syscall (IV22694)
A kernel extension call is exported to user space without proper sanity checks causing a system crash. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text in the description was extracted from AIX Security Advisory syscalladvisory.asc. include'deprecatednasllevel.inc';...
AIX 7.1 TL 1 : syscall (IV22697)
A kernel extension call is exported to user space without proper sanity checks causing a system crash. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text in the description was extracted from AIX Security Advisory syscalladvisory.asc. include'deprecatednasllevel.inc';...
AIX 6.1 TL 7 : syscall (IV22695)
A kernel extension call is exported to user space without proper sanity checks causing a system crash. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text in the description was extracted from AIX Security Advisory syscalladvisory.asc. include'deprecatednasllevel.inc';...
Apple iOS < 6.0.1 Multiple Vulnerabilities
Binary data 6615.prm...
IBM AIX和Virtual I/O Server 'dupmsg'系统呼叫本地拒绝服务漏洞
BUGTRAQ ID: 54706 CVE ID: CVE-2012-0723 AIX是一个基于开放标准的UNIX操作系统,为用户提供企业信息技术基础架构。Virtual I/O Server 提供了命令行的管理方式,通过命令行可以管理VIOS。 IBM AIX和Virtual I/O Server在导出"dupmsg"内核扩展调用到用户空间时存在错误,在实现上存在本地拒绝服务漏洞,攻击者可利用此漏洞使受影响计算机崩溃。 0 IBM AIX 7.x IBM AIX 6.x IBM AIX 5.x IBM Virtual I/O Server VIOS 2.x 厂商补丁: IBM ---...
CVE-2010-1794
The webdavmount function in webdavvfsops.c in the WebDAV kernel extension aka webdavfs.kext for Mac OS X 10.6 allows local users to cause a denial of service panic via a mount request with a large integer in the pasocketnamelen field...
Design/Logic Flaw
The webdavmount function in webdavvfsops.c in the WebDAV kernel extension aka webdavfs.kext for Mac OS X 10.6 allows local users to cause a denial of service panic via a mount request with a large integer in the pasocketnamelen field...
CVE-2010-1794
CVE-2010-1794 affects Mac OS X WebDAV kernel extension (webdav_fs.kext) prior to or in 10.6.x. The vulnerability resides in webdav_mount() where user-supplied pa_socket_namelen is copied into MALLOC without bounds checking, allowing a local unprivileged user to trigger a kernel panic by issuing a...