6610 matches found
The vulnerability of the Android camera driver from the CAF repository, which allows a hacker to perform rewrites in the kernel memory.
The vulnerability of the Android camera driver in the CAF repository is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to perform overwriting operations in the kernel memory remotely...
Invincea-X SboxDrv.sys Version Number Query Local Privilege Escalation Vulnerability(CVE-2016-9038)
Summary An exploitable double fetch vulnerability exists in the SboxDrv.sys driver functionality of Invincea-X 6.1.3-24058. A specially crafted input buffer and race condition can result in kernel memory corruption, which could result in privilege escalation. An attacker needs to execute a specia...
CVE-2017-8685
Windows GDI+ on Microsoft Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows information disclosure by the way it discloses kernel memory addresses, aka "Windows GDI+ Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8684 and CVE-2017-8688...
CVE-2017-8684
Windows GDI+ on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT 8.1, allows information disclosure by the way it discloses kernel memory addresses, aka "Windows GDI+ Information Disclosure Vulnerability". This CVE ID is...
CVE-2017-8688
Windows GDI+ on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows information disclosure by the way it discloses kernel memory addresses, aka "Windows GD...
CVE-2017-8688
Windows GDI+ on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows information disclosure by the way it discloses kernel memory addresses, aka "Windows GD...
CVE-2017-8677
The Windows GDI+ component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it improperly discloses kerne...
Information disclosure
Windows GDI+ on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows information disclosure by the way it discloses kernel memory addresses, aka "Windows GD...
Information disclosure
Windows GDI+ on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT 8.1, allows information disclosure by the way it discloses kernel memory addresses, aka "Windows GDI+ Information Disclosure Vulnerability". This CVE ID is...
Information disclosure
Windows GDI+ on Microsoft Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows information disclosure by the way it discloses kernel memory addresses, aka "Windows GDI+ Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8684 and CVE-2017-8688...
CVE-2017-8688
CVE-2017-8688 is a Windows GDI+ information-disclosure issue that leaks kernel-memory addresses through GDI+ memory handling. Affected products include Windows 7 SP1, 8.1, Server 2008 SP2/R2 SP1, and Windows 10 variants up to 1703/Server 2016. Connected analysis documents reveal related kernel me...
CVE-2017-8677
The Windows GDI+ component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it improperly discloses kerne...
CVE-2017-8688
Windows GDI+ on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows information disclosure by the way it discloses kernel memory addresses, aka "Windows GD...
Microsoft Windows GDI+ Information Disclosure Vulnerability (CNVD-2017-33471)
Microsoft Windows Server 2008 SP2 and others are a series of operating systems released by Microsoft.GDI+ component is one of the graphics components. An information disclosure vulnerability exists in the GDI+ component of Microsoft Windows, which arises from a program's failure to properly publi...
Microsoft Windows GDI+ Information Disclosure Vulnerability (CNVD-2017-33472)
Microsoft Windows Server 2008 SP2 and others are a series of operating systems released by Microsoft.GDI+ component is one of the graphics components. An information disclosure vulnerability exists in the GDI+ component of Microsoft Windows, which arises from a program's failure to properly publi...
Windows GDI+ Information Disclosure Vulnerability
A information disclosure vulnerability exists when the Windows GDI+ component improperly discloses kernel memory addresses. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would...
Windows GDI+ Information Disclosure Vulnerability
A information disclosure vulnerability exists when the Windows GDI+ component improperly discloses kernel memory addresses. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would...
Google Android Qualcomm Linux kernel privilege acquisition vulnerability
Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA, and the Qualcomm Linux kernel is one of the Qualcomm Linux kernels. A security vulnerability exists in the Qualcomm Linux kernel in Android. An attacker can exploit the...
kernel: mm subsystem does not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism
The mm subsystem in the Linux kernel through 4.10.10 does not properly enforce the CONFIGSTRICTDEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte and bypass slab-allocation access restrictions via an application that opens the...
kernel: net: sctp_v6_create_accept_sk function mishandles inheritance
The sctpv6createacceptsk function in net/sctp/ipv6.c in the Linux kernel mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890. An unprivileged local user could use this fl...