Unspecified Vulnerability in Samsung Mobile Devices (CNVD-2020-40816)

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. Samsung mobile devices have a security vulnerability that can be exploited by attackers to bypass the ko i.e. kernel module signature by modifying the number of...

CVE-2019-11487

A flaw was found in the Linux kernel's implementation of the FUSE filesystem, where it allows a page reference counter overflow. If a page reference counter overflows into a negative value, it can be placed back into the "free" list for reuse by other applications. This flaw allows a local attack...

CVE-2017-18689

An issue was discovered on Samsung mobile devices with M6.0 and N7.0 Exynos5433, Exynos7420, or Exynos7870 chipsets software. An attacker can bypass a ko aka Kernel Module signature by modifying the count of kernel modules. The Samsung ID is SVE-2016-7466 January 2017...

CVE-2017-18689

An issue was discovered on Samsung mobile devices with M6.0 and N7.0 Exynos5433, Exynos7420, or Exynos7870 chipsets software. An attacker can bypass a ko aka Kernel Module signature by modifying the count of kernel modules. The Samsung ID is SVE-2016-7466 January 2017...

CVE-2017-18689

The CVE-2017-18689 issue affects Samsung mobile devices running M(6.0) and N(7.0) on Exynos5433/7420/7870 chipsets. A attacker can bypass the Kernel Module (ko) signature by modifying the count of kernel modules, enabling loading unsigned modules. This is described across Red Hat/Samsung CNVD and...

The vulnerability of the `ieee802154_create` function in the `net/ieee802154/socket.c` module of the AF_IEEE802154 kernel of the Linux operating system, related to default access rights settings, allows an attacker to compromise data integrity.

The vulnerability of the ieee802154create function in the net/ieee802154/socket.c module of the AFIEEE802154 module in the Linux kernel is related to a lack of mechanisms for standard permissions. Exploiting this vulnerability could allow unauthorized access to data integrity...

CVE-2020-7053

A use-after-free flaw was found in the Linux kernel’s GPU driver functionality when destroying GEM context. A local user could use this flaw to crash the system or potentially escalate their privileges. Mitigation In case of dedicated graphic card presence and i915 GPU is not being used, you can...

CVE-2019-14615

An information disclosure flaw was found in the Linux kernel. The i915 graphics driver lacks control of flow for data structures which may allow a local, authenticated user to disclose information when using ioctl commands with an attached i915 device. The highest threat from this vulnerability i...

CVE-2019-15219

A NULL pointer dereference flaw was found in the way the USB2VGA dongles driver in the Linux kernel handled failed initialization. This flaw allows an attacker able to insert USB2VGA dongles into the system to crash the system. Mitigation To mitigate this issue, prevent module sisusbvga from bein...

Parallels Desktop OS X Host Kernel Module Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose information on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the IOCTL handler...

Parallels Desktop OS X Host Kernel Module Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the IOCTL handler...

CVE-2020-5960

NVIDIA Virtual GPU Manager contains a vulnerability in the kernel module nvidia.ko, where a null pointer dereference may occur, which may lead to denial of service...

Null pointer dereference

NVIDIA Virtual GPU Manager contains a vulnerability in the kernel module nvidia.ko, where a null pointer dereference may occur, which may lead to denial of service...

CVE-2020-5960

NVIDIA Virtual GPU Manager contains a vulnerability in the kernel module nvidia.ko, where a null pointer dereference may occur, which may lead to denial of service...

CVE-2020-5960

CVE-2020-5960 affects NVIDIA Virtual GPU Manager, specifically the kernel module nvidia.ko, where a null pointer dereference can lead to a denial of service. The connected sources confirm this as a local-risk issue in vGPU software, with the vulnerability impacting the kernel‑mode driver. NVIDIA’...

NVIDIA Virtual GPU Manager Denial of Service Vulnerability

NVIDIA Virtual GPU Manager is an NVIDIA virtual GPU management software from NVIDIA. A security vulnerability exists in the kernel module nvidia.ko in NVIDIA Virtual GPU Manager. An attacker could exploit this vulnerability to cause a denial of service...

DEBIAN-CVE-2013-4088

Kernel/Modules/AgentTicketWatcher.pm in Open Ticket Request System OTRS 3.0.x before 3.0.21, 3.1.x before 3.1.17, and 3.2.x before 3.2.8 does not properly restrict tickets, which allows remote attackers with a valid agent login to read restricted tickets via a crafted URL involving the ticket spl...

CVE-2019-19077

A memory leak flaw was found in the Broadcom NetXtreme HCA driver in the Linux kernel, in the way it handled resource cleanup on the copy to userspace error. This flaw allows a local attacker to trigger this error and crash the system. Mitigation In order to mitigate this issue it is possible to...

CVE-2019-19966

A use-after-free flaw was found in the Linux kernel module, cpia2, in how it handled camera connections. This flaw allows an attacker with physical access to crash the system. Mitigation To mitigate this issue, prevent module cpia2 from being loaded. Please see for how to blacklist a kernel modul...

Reliable Datagram Sockets (RDS) rds_atomic_free_op Privilege Escalation Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Reliable Datagram Sockets RDS rdsatomicfreeop NULL pointer dereference Privilege Escalation', 'Description' = %q This module attempts to gain roo...