EulerOS 2.0 SP1 : kernel (EulerOS-SA-2017-1245)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The iscsiifrx function in drivers/scsi/scsitransportiscsi.c in the Linux kernel through 4.13.2 allows local users to cause a denial of service...

Information disclosure

Microsoft GDI Component in Windows 7 SP1 and Windows Server 2008 SP2 and R2 SP1 allows an attacker to log on to an affected system and run a specially crafted application to compromise the user's system, due improperly disclosing kernel memory addresses, aka "Windows GDI Information Disclosure...

CVE-2017-11852

Microsoft GDI Component in Windows 7 SP1 and Windows Server 2008 SP2 and R2 SP1 allows an attacker to log on to an affected system and run a specially crafted application to compromise the user's system, due improperly disclosing kernel memory addresses, aka "Windows GDI Information Disclosure...

Windows GDI Information Disclosure Vulnerability

A Win32k information disclosure vulnerability exists when the Windows GDI component improperly discloses kernel memory addresses. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker...

KB4048952: Windows 10 Version 1511 November 2017 Cumulative Update

The remote Windows host is missing security update 4048952. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an...

KB4048955: Windows 10 Version 1709 and Windows Server Version 1709 November 2017 Cumulative Update

The remote Windows host is missing security update 4048955. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an...

Microsoft Edge browser’s vulnerability, related to improper processing of JavaScript object instances in memory, allows attackers to execute arbitrary code.

The vulnerability of Microsoft Edge relates to the improper handling of JavaScript objects in memory by the kernel. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user, using a specially crafted web page...

Linux Kernel 4.13 (Ubuntu 17.10) - waitid() SMEPSMAPChrome Sandbox Privilege Escalation

Linux Kernel 4.13 Ubuntu 17.10 - waitid SMEPSMAPChrome Sandbox Privilege Escalation // Proof of concept exploit for waitid bug introduced in Linux Kernel 4.13 // By Chris Salls twitter.com/chrissalls // This exploit can be used to break out out of sandboxes such as that in google chrome // In thi...

Linux Kernel 4.13 (Ubuntu 17.10) - 'waitid()' SMEP/SMAP/Chrome Sandbox Privilege Escalation

// Proof of concept exploit for waitid bug introduced in Linux Kernel 4.13 // By Chris Salls twitter.com/chrissalls // This exploit can be used to break out out of sandboxes such as that in google chrome // In this proof of concept we install the seccomp filter from chrome as well as a chroot, //...

F5 Networks BIG-IP : Linux kernel vulnerability (K05513373)

The blkrqmapuseriov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service use-after-free by leveraging access to a /dev/sg device...

DEBIAN-CVE-2017-1000255

On Linux running on PowerPC hardware Power8 or later a user process can craft a signal frame and then do a sigreturn so that the kernel will take an exception interrupt, and use the r1 value from the signal frame as the kernel stack pointer. As part of the exception entry the content of the signa...

CVE-2017-1000255

On Linux running on PowerPC hardware Power8 or later a user process can craft a signal frame and then do a sigreturn so that the kernel will take an exception interrupt, and use the r1 value from the signal frame as the kernel stack pointer. As part of the exception entry the content of the signa...

CVE-2017-13682

In Symantec Encryption Desktop before SED 10.4.1 MP2HF1, a kernel memory leak is a type of resource leak that can occur when a computer program incorrectly manages memory allocations in such a way that memory which is no longer needed is not released. In object-oriented programming, a memory leak...

CVE-2017-13682

In Symantec Encryption Desktop before SED 10.4.1 MP2HF1, a kernel memory leak is a type of resource leak that can occur when a computer program incorrectly manages memory allocations in such a way that memory which is no longer needed is not released. In object-oriented programming, a memory leak...

CVE-2017-13683

In Symantec Endpoint Encryption before SEE 11.1.3HF3, a kernel memory leak is a type of resource leak that can occur when a computer program incorrectly manages memory allocations in such a way that memory which is no longer needed is not released. In object-oriented programming, a memory leak ma...

CVE-2017-13683

Symantec Endpoint Encryption (SEE) prior to 11.1.3HF3 contains a kernel memory leak vulnerability (memory resource leak). The issue is addressed in SEE 11.1.3HF3 and in Symantec Encryption Desktop (SED) 10.4.1 MP2HF1; updating to these versions mitigates the vulnerability. CNVD/SEC sources descri...

CVE-2017-7116

An issue was discovered in certain Apple products. iOS before 11 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Wi-Fi" component. It might allow remote attackers to read data from kernel memory locations via crafted Wi-Fi traffic...

Memory corruption

An issue was discovered in certain Apple products. iOS before 11 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Wi-Fi" component. It might allow remote attackers to read data from kernel memory locations via crafted Wi-Fi traffic...

CVE-2017-7116

An issue was discovered in certain Apple products. iOS before 11 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Wi-Fi" component. It might allow remote attackers to read data from kernel memory locations via crafted Wi-Fi traffic...

CVE-2017-7116

CVE-2017-7116 affects Apple devices (iOS < 11, tvOS < 11, watchOS