Panda Kernel Memory Access Driver Code Execution Vulnerability

Panda Security products is prone to a code execution vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

New GhostHook Attack Bypasses Windows 10 PatchGuard Protections

Vulnerabilities discovered in Microsoft PatchGuard kernel protection could allow hackers to plant rootkits on computers running the company's latest and secure operating system, Windows 10. Researchers at CyberArk Labs have developed a new attack technique which could allow hackers to completely...

Google Android MediaTek Camera Driver Elevation of Privilege Vulnerability

Google Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA.MediaTek is a MediaTek component used in one of MediaTek's devices. An elevation of privilege vulnerability exists in Google Android MediaTek Camera Driver. An attacker can...

Google Patches 6 Critical Android Mediaserver Bugs in May Security Update

In Brief Google has released its monthly security patches for Android this week, addressing 17 critical vulnerabilities, 6 of which affect Android Mediaserver component that could be used to execute malicious code remotely. Besides patches for Mediaserver, Google also fixed 4 critical...

The vulnerability of the Windows operating system, which allows a hacker to increase their privileges

The vulnerability of kernel-level drivers in the Windows operating system is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor, operating locally, to enhance their privileges through a specially crafted application...

Privilege escalation

An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions:...

The vulnerability of the Android operating system, allowing a hacker to execute arbitrary code

The vulnerability of Synaptics’ sensor screen driver in the Android operating system is related to deficiencies in access control. Exploiting this vulnerability allows a remote attacker to execute arbitrary local malware code within the kernel context. This issue is considered “high” because it...

The vulnerability of the Android operating system, allowing a hacker to execute arbitrary code

The vulnerability related to privilege escalation in the NVIDIA GPU operating system for Android is linked to access control deficiencies. Exploiting this vulnerability allows a remote attacker to execute arbitrary code of a local malicious application within the kernel context. This issue is...

Hardening Windows 10 with zero-day exploit mitigations

Cyberattacks involving zero-day exploits happen from time to time, affecting different platforms and applications. Over the years, Microsoft security teams have been working extremely hard to address these attacks. While delivering innovative solutions like Windows Defender Application Guard, whi...

CVE-2016-8447

An elevation of privilege vulnerability in MediaTek components, including the thermal driver and video driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged...

Mac OS X Multiple Vulnerabilities (Security Updates 2016-003 / 2016-007)

The remote host is running a version of Mac OS X 10.10.5 or 10.11.6 that is missing a security update. It is therefore, affected by multiple vulnerabilities : - A denial of service vulnerability exists in the sslparseclienthellotlsext function within file ssl/t1lib.c when handling oversize OCSP...

Microsoft Patches Publicly Disclosed IE, Edge Vulnerabilities

Microsoft today patched a half-dozen critical browser vulnerabilities that have been publicly disclosed, but apparently not used in attacks as of yet. The critical Internet Explorer and Microsoft Edge bulletins are among six released today, along with six others with a severity rating of importan...

Windows 10 Attack Surface Grows with Linux Support in Anniversary Update

Microsoft’s release of Windows Anniversary Update last week included an optional feature called Windows Subsystem for Linux that allows native support for Linux binaries. That has some security experts concerned the Windows 10 attack surface has been expanded. The threat, according to Alex Ionesc...

Little Snitch Bug Leaves Some Mac Systems Open to Attack

Trusted Mac OS X firewall Little Snitch is vulnerable to local privilege escalation attacks that could give criminals the ability plant rootkits and keyloggers on some El Capitan systems. The Little Snitch firewall vulnerability was found by Synack Director of Research and well-known OS X hacker...

April 2016 Google Android Nexus Security Bulletin

Google has patched a vulnerability being exploited in the wild to root Nexus 5 Android devices. The public exploit—a rooting application—was privately disclosed to Google on March 15 by Zimperium researchers, and a less than a month after CORE Team researchers reported that CVE-2015-1805, which w...

Microsoft Windows USB Mass Storage CVE-2016-0133 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Technologies Affected Microsoft...

German Government Audits TrueCrypt

TrueCrypt continues to fascinate even though it hasn’t been updated in more than a year and has been cleared of backdoors in more than one extensive audit. The German government’s Federal Office for Information Security BSI is the latest to inspect and analyze the security of the abandoned open...

AndroidVTS: Android cell phone vulnerabilities the defect detection App-vulnerability warning-the black bar safety net

Android users now have a light weight cell phone vulnerabilities the defect inspection tool to help users check their phone if there is a corresponding vulnerability. The tool is called Android VTS Vulnerability Test Suite, is Nownature released an app of the application tool. Android VTS is base...

Multiprotocol Network Emulator – Simulator: IMUNES

IMUNES GUI is a simple Tcl/Tk based management console, allowing for specification and management of virtual network topologies. The emulation execution engine itself operates within the operating system kernel. Univesity of Zagreb developed a realistic network topology emulation / simulation...

August 2015 Apple QuickTime Security Patches

Apple on Thursday pushed out a new version of QuickTime for Windows that patched nine vulnerabilities, including a handful reported Aug. 13 by Cisco Talos and Fortinet researchers. All five flaws, if exploited, could lead to a crash of the media player or code execution in some cases, Apple said ...