CVE-2020-9813

A logic issue existed resulting in memory corruption. This was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application may be able to execute arbitrary code with kernel privileges...

About the security content of tvOS 13.4.6 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...

About the security content of watchOS 6.2.6 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...

CVE-2020-10027

An attacker who has obtained code execution within a user thread is able to elevate privileges to that of the kernel. See NCC-ZEP-001 This issue affects: zephyrproject-rtos zephyr version 1.14.0 and later versions. version 2.1.0 and later versions...

CVE-2020-10027

An attacker who has obtained code execution within a user thread is able to elevate privileges to that of the kernel. See NCC-ZEP-001 This issue affects: zephyrproject-rtos zephyr version 1.14.0 and later versions. version 2.1.0 and later versions...

CVE-2020-0030

In binderthreadrelease of binder.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

PT-2020-1243 · Google +5 · Android Kernel +5

Name of the Vulnerable Software and Affected Versions: Android kernel versions affected versions not specified Description: The issue is related to the uvc scan chain forward function in uvc driver.c, which could lead to linked list corruption due to an unusual root cause. This may result in loca...

Apple iOS and Apple macOS Mojave IOKit SCSI Component Memory Corruption Vulnerability

Apple iOS and Apple macOS Mojave are both products of Apple Inc. Apple iOS is an operating system developed for mobile devices. apple macOS Mojave is a specialized operating system developed for Mac computers. A security vulnerability exists in the IOKit SCSI component in Apple iOS versions prior...

UBUNTU-CVE-2019-18425

An issue was discovered in Xen through 4.12.x allowing 32-bit PV guest OS users to gain guest OS privileges by installing and using descriptors. There is missing descriptor table limit checking in x86 PV emulation. When emulating certain PV guest operations, descriptor table accesses are performe...

About the security content of tvOS 13.2

About the security content of tvOS 13.2 This document describes the security content of tvOS 13.2. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

Apple macOS Catalina AMD Component Memory Corruption Vulnerability

Apple macOS Catalina is a specialized operating system developed by Apple Inc. for Mac computers. A security vulnerability exists in the AMD component of Apple macOS Catalina versions prior to 10.15. The vulnerability can be exploited by an attacker to execute arbitrary code with kernel privilege...

About the security content of tvOS 12.1.2 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...

macOS 10.14.x < 10.14.6 Multiple Vulnerabilities

The remote host is running a version of macOS / Mac OS X that is 10.14.x prior to 10.14.6. It is, therefore, affected by multiple vulnerabilities : - An application may be able to read restricted memory CVE-2019-8691, CVE-2019-8692, CVE-2019-8693 - Extracting a zip file containing a symbolic link...

CVE-2019-1018

An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with...

About the security content of Xcode 10.2

About the security content of Xcode 10.2 This document describes the security content of Xcode 10.2. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

About the security content of watchOS 5.1.3

About the security content of watchOS 5.1.3 This document describes the security content of watchOS 5.1.3. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are...

Juniper Junos Space 18.4.x < 18.4R1 Multiple Vulnerabilities (JSA10917)

According to its self-reported version number, the remote Junos Space version is 18.4.x prior to 18.4R1. It is, therefore, affected by multiple vulnerabilities : - An integer overflow issue exists in procps-ng. This is related to CVE-2018-1124. CVE-2018-1126 - A directory traversal issue exits in...

EUVD-2018-10659

In the Linux kernel 4.15.x through 4.19.x before 4.19.2, mapwrite in kernel/usernamespace.c allows privilege escalation because it mishandles nested user namespaces with more than 5 UID or GID ranges. A user who has CAPSYSADMIN in an affected user namespace can bypass access controls on resources...

USN-3822-1: Linux kernel vulnerabilities

Jim Mattson discovered that the KVM implementation in the Linux kernel mismanages the BP and OF exceptions. A local attacker in a guest virtual machine could use this to cause a denial of service guest OS crash. CVE-2016-9588 It was discovered that the generic SCSI driver in the Linux kernel did...

Trend Micro Antivirus for Mac Privilege Vulnerability

Trend Micro Antivirus is a professional anti-virus application developed by Trend Micro, a globally recognized leader in computer security.Trend Micro Antivirus for Mac is the Mac version. A lifting vulnerability exists in the 'KERedirect kext' function in Trend Micro Antivirus for Mac, which can...