Lucene search
K

137 matches found

CNVD
CNVD
added 2019/03/28 12:0 a.m.1 views

Apple macOS Mojave Kernel Buffer Overflow Vulnerability (CNVD-2019-14423)

Apple macOS Mojave is a specialized operating system developed by Apple for Mac computers.Kernel is one of the kernel components. A buffer overflow vulnerability exists in the Kernel component of Apple macOS Mojave versions prior to 10.14.4. An attacker could exploit this vulnerability to execute...

7.8CVSS7.8AI score0.00422EPSS
Exploits0References1
Exploit DB
Exploit DB
added 2019/01/31 12:0 a.m.53 views

macOS < 10.14.3 / iOS < 12.1.3 - Kernel Heap Overflow in PF_KEY due to Lack of Bounds Checking when Retrieving Statistics

/ Inspired by Ned Williamsons's fuzzer I took a look at the netkey code. keygetsastat handles SADBGETSASTAT messages: It allocates a buffer based on the number of SAs there currently are: bufsize = ipsecsavcount + 1 sizeofsastatssav; KMALLOCWAITsastatssav, typeofsastatssav, bufsize; It the...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2019/01/31 12:0 a.m.36 views

macOS 10.14.3 iOS 12.1.3 - Kernel Heap Overflow in PF_KEY due to Lack of Bounds Checking when Retrieving Statistics

macOS 10.14.3 iOS 12.1.3 - Kernel Heap Overflow in PFKEY due to Lack of Bounds Checking when Retrieving Statistics / Inspired by Ned Williamsons's fuzzer I took a look at the netkey code. keygetsastat handles SADBGETSASTAT messages: It allocates a buffer based on the number of SAs there currently...

0.9AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2018/12/25 12:0 a.m.7 views

The vulnerability of the ICMP packet processing module in the XNU kernel of iOS and macOS operating systems allows attackers to execute arbitrary code.

The vulnerability of the ICMP packet processing module in the XNU kernel of iOS and macOS operating systems is caused by an overflow in the buffer in the “stack”. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using specially crafted ICMP packets...

9.6CVSS8.4AI score0.2201EPSS
Exploits11References3Affected Software2
GithubExploit
GithubExploit
added 2018/11/02 10:0 p.m.8 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Apple Iphone_Os

node-cve-2018-4407 Node.js PoC exploit code for CVE-2018-4407...

8.8CVSS7.3AI score0.2201EPSS
Exploits11
OSV
OSV
added 2018/09/25 9:29 p.m.1 views

DEBIAN-CVE-2018-14634

An integer overflow flaw was found in the Linux kernel's createelftables function. An unprivileged local user with access to SUID or otherwise privileged binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable...

7.8CVSS7.6AI score0.14806EPSS
Exploits6References1
seebug.org
seebug.org
added 2018/06/08 12:0 a.m.61 views

MacOS/iOS kernel heap overflow due to lack of lower size check in getvolattrlist(CVE-2018-4243)

getvolattrlist takes a user controlled bufferSize argument via the fgetattrlist syscall. When allocating a kernel buffer to serialize the attr list to there's the following comment: / Allocate a target buffer for attribute results. Note that since we won't ever copy out more than the caller...

8.2AI score0.18765EPSS
Exploits6
OSV
OSV
added 2017/12/20 12:0 a.m.3 views

UBUNTU-CVE-2017-17806

The HMAC implementation crypto/hmac.c in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AFALG-based hash interface CONFIGCRYPTOUSERAPIHASH and the SHA-3 hash algorithm CONFIGCRYPTOSHA3 to caus...

7.8CVSS6.9AI score0.00561EPSS
Exploits0References13
RedHat Linux
RedHat Linux
added 2017/10/19 1:24 p.m.5 views

kernel: Integer overflow in ip6_find_1stfragopt() causes infinite loop

An integer overflow vulnerability in ip6find1stfragopt function was found. A local attacker that has privileges of CAPNETRAW to open raw socket can cause an infinite loop inside the ip6find1stfragopt function...

5.5CVSS6.8AI score0.00457EPSS
Exploits0References4
Exploit DB
Exploit DB
added 2017/09/06 12:0 a.m.62 views

Jungo DriverWizard WinDriver < 12.4.0 - Kernel Pool Overflow / Local Privilege Escalation (1)

-- coding: utf-8 -- """ Jungo DriverWizard WinDriver Kernel Pool Overflow Vulnerability Download: http://www.jungo.com/st/products/windriver/ File: WD1240.EXE Sha1: 3527cc974ec885166f0d96f6aedc8e542bb66cba Driver: windrvr1240.sys Sha1: 0f212075d86ef7e859c1941f8e5b9e7a6f2558ad CVE: CVE-2017-14153...

7.8CVSS7.7AI score0.01821EPSS
Exploits6
BDU FSTEC
BDU FSTEC
added 2017/04/13 12:0 a.m.9 views

The vulnerabilities of operating systems Mac OS X and iOS allow attackers to execute arbitrary code in a privileged context.

The vulnerability of the Kernel component in Mac OS X and iOS systems is related to a numerical overflow condition. Exploiting this vulnerability allows an attacker to execute arbitrary code in a privileged context using a specially created application...

9.3CVSS7.9AI score0.04756EPSS
Exploits2References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2017/04/13 12:0 a.m.6 views

The vulnerability of the Mac OS X operating system and the iOS operating system allows a perpetrator to trigger a service failure or execute arbitrary code in a privileged context.

The vulnerability of the Kernel component in the Mac OS X and iOS operating systems is caused by a numerical overflow. Exploiting this vulnerability allows an attacker to execute arbitrary code in privileged contexts or cause a service failure using a specially created application...

9.3CVSS8AI score0.01476EPSS
Exploits0References6Affected Software2
RedHat Linux
RedHat Linux
added 2017/03/02 5:6 p.m.8 views

kernel: Integer overflow when using kzalloc in vfio driver

The use of a kzalloc with an integer multiplication allowed an integer overflow condition to be reached in vfiopciintrs.c. This combined with CVE-2016-9083 may allow an attacker to craft an attack and use unallocated memory, potentially crashing the machine...

7.8CVSS7.1AI score0.00375EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2016/06/09 12:0 a.m.6 views

The vulnerability of the Mac OS X operating system allows a hacker to execute arbitrary code in a privileged context.

The vulnerability of the dtrace dynamic tracing framework in the Mac OS X operating system’s kernel is caused by a numerical overflow. Exploiting this vulnerability allows an attacker to execute arbitrary code in a privileged context using a specially created application...

9.3CVSS7.9AI score0.0216EPSS
Exploits0References3Affected Software1
seebug.org
seebug.org
added 2016/03/23 12:0 a.m.39 views

FreeBSD 10.2 64位内核堆溢出漏洞(CVE-2016-1885)

FreeBSD简介 FreeBSD是一种类UNIX的开源操作系统,为不同架构的计算机系统提供了不同程度的支持。FreeBSD提供先进的网络、性能、安全以及兼容性,这些特性在其他现代操作系统上仍有所缺失,即使是一些最好的商业操作系统。 在网络方面,FreeBSD的性能也是相当优异的。在很重的负载之下,FreeBSD仍然可以稳定的运行,这也是很多网络服务器采用 FreeBSD 的原因之一。 漏洞描述 在FreeBSD...

4.9CVSS6.9AI score0.01263EPSS
Exploits6
CNVD
CNVD
added 2016/01/21 12:0 a.m.6 views

Advantech WebAccess Integer Overflow Vulnerability

WebAccess HMI/SCADA software provides remote control and management, allowing users to easily view and configure automation devices in facility management systems, power stations and building automation systems. An integer overflow vulnerability exists in the Kernel service of Advantech WebAccess...

10CVSS7.9AI score0.07571EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2015/10/01 12:0 a.m.7 views

The vulnerability of the iOS operating system allows a perpetrator to execute arbitrary code with elevated privileges or cause a service failure.

The vulnerability of the IOKit component in the iOS operating system’s kernel is caused by a buffer overflow. Exploiting this vulnerability allows an attacker to execute arbitrary code with elevated privileges or cause a service failure using a specially crafted application...

9.3CVSS6.5AI score0.02695EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/08/28 12:0 a.m.7 views

Vulnerabilities of iOS and Mac OS X operating systems, allowing attackers to execute arbitrary code in a privileged context

The vulnerability of the kernel in iOS and Mac OS X operating systems is related to a numerical overflow condition. Exploiting this vulnerability allows an attacker to execute arbitrary code in a privileged context remotely...

9.3CVSS7.6AI score0.02832EPSS
Exploits0References5Affected Software2
RedHat Linux
RedHat Linux
added 2015/01/27 7:44 p.m.5 views

Kernel: ALSA: control: integer overflow in id.index & id.numid

An integer overflow flaw was found in the way the Linux kernel's Advanced Linux Sound Architecture ALSA implementation handled user controls. A local, privileged user could use this flaw to crash the system...

4.6CVSS6.7AI score0.005EPSS
Exploits0References4
myhack58
myhack58
added 2014/12/07 12:0 a.m.26 views

MS14-0 6 3(CVE-2 0 1 4-4 1 1 5)FAT32 drive kernel overflow analysis-vulnerability warning-the black bar safety net

Background Recently, the ICEWALL on the blog the release of CVE-2 0 1 4-4 1 1 5 discussion: http://www.icewall.pl/?p=680&lang=en Describes this vulnerability in detail, a malicious fat32 format U-disk, can cause the windows kernel to crash. We look at what is going on. BSOD First, let's look at t...

1.3AI score
Exploits0
Rows per page
Query Builder