Intel Converged Security and Management Engine and Intel Server Platform Services Kernel subsystem authorization issue vulnerability

Intel Converged Security and Management Engine CSME and Intel Server Platform Services SPS are products of Intel Corporation.Intel Converged Security and Management Engine is a security management engine.Intel Server Platform Services is a server platform service program. Intel Converged Security...

CVE-2018-12192

Logic bug in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or IntelR Server Platform Services before version SPSE504.00.04.393.0 may allow an unauthenticated user to potentially bypass MEBx authentication via physical access...

CVE-2018-1009

An elevation of privilege vulnerability exists when Windows improperly handles objects in memory and incorrectly maps kernel memory, aka "Microsoft DirectX Graphics Kernel Subsystem Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012,...

Microsoft DirectX Graphics Kernel Subsystem Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when Windows improperly handles objects in memory and incorrectly maps kernel memory. In a local attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to take control over the affected system. An...

CVE-2017-0507

An elevation of privilege vulnerability in the kernel ION subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing th...

Privilege escalation

An elevation of privilege vulnerability in the kernel ION subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing th...

CVE-2017-0528

An elevation of privilege vulnerability in the kernel security subsystem could enable a local malicious application to to execute code in the context of a privileged process. This issue is rated as High because it is a general bypass for a kernel level defense in depth or exploit mitigation...

The vulnerability of the Android operating system, allowing a hacker to execute arbitrary code

The vulnerability of the Android operating system’s kernel performance management subsystem is related to deficiencies in access control. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

CVE-2017-0403

An elevation of privilege vulnerability in the kernel performance subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions:...

CVE-2016-6728

An elevation of privilege vulnerability in the kernel ION subsystem in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise,...

Advantech WebAccess datacore Service datacore.exe sprintf Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x7920 IOCTL in the Kernel subsystem. A stack-based buffer...

Advantech WebAccess datacore Service datacore.exe AlarmMessage strcpy Heap-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x5228 IOCTL in the Kernel subsystem. A heap-based buffer...

Advantech WebAccess datacore Service datacore.exe Username strcpy Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x523B IOCTL in the Kernel subsystem. A stack-based buffer...

Advantech WebAccess datacore Service datacore.exe Username strcpy Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x523A IOCTL in the Kernel subsystem. A stack-based buffer...

Advantech WebAccess datacore Service datacore.exe Username strcpy Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x523C IOCTL in the Kernel subsystem. A stack-based buffer...

Advantech WebAccess datacore Service datacore.exe strcpy Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x521D IOCTL in the Kernel subsystem. A stack-based buffer...

Advantech WebAccess datacore Service datacore.exe Username strcpy Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x5218 IOCTL in the Kernel subsystem. A stack-based buffer...

Advantech WebAccess datacore Service datacore.exe AlarmMessage strcpy Heap-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x5228 IOCTL in the Kernel subsystem. A heap-based buffer...

Advantech WebAccess datacore Service datacore.exe Username strcpy Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x5226 IOCTL in the Kernel subsystem. A stack-based buffer...

Advantech WebAccess datacore Service datacore.exe strcpy Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x521D IOCTL in the Kernel subsystem. A stack-based buffer...