104 matches found
EUVD-2016-9914
Malware in sbrugna...
Design/Logic Flaw
NVIDIA Tegra contains a vulnerability in BootRom where a user with kernel level privileges can write an arbitrary value to an arbitrary physical address...
CVE-2018-6240
CVE-2018-6240 affects NVIDIA Tegra BootRom. A local attacker with kernel privileges can write an arbitrary value to an arbitrary physical address, enabling escalation of privileges. Connected NVIDIA advisories confirm this vulnerability and map fixes to specific Jetson/Linux-for-Tegra releases: T...
CVE-2018-6240
NVIDIA Tegra contains a vulnerability in BootRom where a user with kernel level privileges can write an arbitrary value to an arbitrary physical address...
Security Bulletin: Vulnerability in Linux Kernel affects PowerKVM (CVE-2016-0728)
Summary A Linux Kernel privilege escalation vulnerability affects PowerKVM. Vulnerability Details CVEID: CVE-2016-0728 DESCRIPTION: Linux Kernel could allow a local attacker to gain elevated privileges on the system, caused by a use-after-free in the joinsessionkeyring function in...
CVE-2016-9093
A version of the SymEvent Driver that shipped with Symantec Endpoint Protection 12.1 RU6 MP6 and earlier fails to properly sanitize logged-in user input. SEP 14.0 and later are not impacted by this issue. A non-admin user would need to be able to save an executable file to disk and then be able t...
CVE-2016-9093
CVE-2016-9093 details (Symantec SEP): Affects the SymEvent Driver shipped with Symantec Endpoint Protection 12.1 RU6 MP6 and earlier. The issue arises from improper sanitization of logged-in user input, allowing a non-admin user who can save and run a crafted executable to access the driver inter...
Panda Kernel Memory Access Driver Code Execution Vulnerability
Panda Security products is prone to a code execution vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mac OS X Multiple Vulnerabilities (Security Updates 2016-003 / 2016-007)
The remote host is running a version of Mac OS X 10.10.5 or 10.11.6 that is missing a security update. It is therefore, affected by multiple vulnerabilities : - A denial of service vulnerability exists in the sslparseclienthellotlsext function within file ssl/t1lib.c when handling oversize OCSP...
AVG Internet Security 2013.x < 2013.3495 / 2015.x < 2015.5557 Local Privilege Escalation
The remote Windows host has a version of AVG Internet Security installed that is 2013.x prior to 2013.3495 or 2015.x prior to 2015.5557. It is, therefore, affected by a local privilege escalation vulnerability due to a flaw in the TDI driver avgtdix.sys that occurs when handling 0x830020f8 IOCTL...
Microsoft Windows GDI+ CVE-2015-1671 TrueType Font Handling Remote Code Execution Vulnerability
Description Microsoft Windows GDI+ is prone to a remote code-execution vulnerability. Successful exploits can allow attackers to execute arbitrary code with kernel-level privileges. Failed exploit attempts may result in a denial-of-service condition. Technologies Affected Avaya CallPilot 4.0 Avay...
BullGuard Internet Security 'BdAgent.sys' Driver Privilege Escalation Vulnerability
BullGuard Internet Security is prone to a local privilege escalation vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Microsoft Virtual Machine Manager Local Privilege Escalation Vulnerability
Virtual Machine Manager is a virtual manager from Microsoft. A local privilege escalation vulnerability exists in Microsoft Virtual Machine Manager, which can be exploited by a local attacker to execute arbitrary code with kernel-level privileges...
Microsoft Virtual Machine Manager CVE-2015-0012 Local Privilege Escalation Vulnerability
Description Microsoft Virtual Machine Manager is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Technologies Affected Microsoft System Center Virtual Machine Manager 2012 R2 UR4 VMM Server update...
Microsoft Windows 'Win32k.sys' CVE-2015-0059 Remote Code Execution Vulnerability
Description Microsoft Windows kernel is prone to a remote code-execution vulnerability. An attacker can exploit this issue by tricking an unsuspecting victim into opening a specially malformed TrueType font. Successful exploits can allow attackers to execute arbitrary code with kernel-level...
K7 Anti-Virus Plus Privilege Escalation Vulnerability (Feb 2015) - Windows
K7 Anti-Virus Plus is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
K7 Total Security Privilege Escalation Vulnerability (Feb 2015) - Windows
K7 Total Security is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
K7 Ultimate Security Privilege Escalation Vulnerabilities (Feb 2015) - Windows
K7 Ultimate Security is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Microsoft Windows 'Win32k.sys' TrueType Font Handling Remote Code Execution Vulnerability
Description Microsoft Windows kernel is prone to a remote code-execution vulnerability. An attacker can exploit this issue by tricking an unsuspecting victim into opening a specially malformed TrueType font. Successful exploits can allow attackers to execute arbitrary code with kernel-level...
Panda Internet Security Heap Based Buffer Overflow (Sep 2014)
Panda Internet Security is prone to heap based buffer overflow vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...