CVE-2015-3625

The CVE-2015-3625 entry concerns the NVIDIA GPU driver for FreeBSD where local users with certain permissions can read or write arbitrary kernel memory via unspecified vectors that trigger an untrusted pointer dereference. Affected releases include multiple NVIDIA driver branches: R352 before 352...

Microsoft Windows Server Information Disclosure Vulnerability

Microsoft Windows Server is a series of servers based on the windows operating system launched by the United States Microsoft Microsoft. Microsoft Windows Server 2003 SP2 R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold...

Microsoft Windows Information Disclosure Vulnerability (CNVD-2015-04630)

Microsoft Windows is a series of operating systems designed for personal computer and server users from the American company Microsoft. An information disclosure vulnerability exists in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold R2,Windows RT Gold 8.1, which allows local users to...

CVE-2015-2367

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to obtain sensitive information from...

APPLE-SA-2015-06-30-2 OS X Yosemite v10.10.4 and Security Update 2015-005

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2015-06-30-2 OS X Yosemite v10.10.4 and Security Update 2015-005 OS X Yosemite v10.10.4 and Security Update 2015-005 are now available and address the following: Admin Framework Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10 to...

Apple MAC OS X NTFS Memory Layout Disclosure Vulnerability

Apple Mac OS X is a commercial operating system. A security vulnerability exists in Apple Mac OS X NTFS that allows local attackers to exploit the vulnerability to run malicious applications to obtain kernel memory layout...

SOL16881 - OZWPAN driver vulnerabilities CVE-2015-4001, CVE-2015-4002, CVE-2015-4003, CVE-2015-4004

CVE-2015-4001 Integer signedness error in the ozhcdgetdesccnf function in drivers/staging/ozwpan/ozhcd.c in the OZWPAN driver in the Linux kernel through 4.0.5 allows remote attackers to cause a denial of service system crash or possibly execute arbitrary code via a crafted packet. CVE-2015-4002...

RHEL 7 : kernel (RHSA-2015:1137)

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

kernel: isofs: unchecked printing of ER records

An information leak flaw was found in the way the Linux kernel's ISO9660 file system implementation accessed data on an ISO9660 image with RockRidge Extension Reference ER records. An attacker with physical access to the system could use this flaw to disclose up to 255 bytes of kernel memory...

Microsoft Windows Memory Misreference Vulnerability

Microsoft Windows is a popular operating system. A memory misreference vulnerability exists in the Microsoft Windows kernel processing object, which allows local attackers to exploit the vulnerability to execute arbitrary code with elevated privileges...

Microsoft Windows Kernel Use After Free CVE-2015-1724 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges and corrupt kernel memory. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for...

Microsoft Windows Station CVE-2015-1723 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges and corrupt kernel memory. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for...

CVE-2015-4004

The OZWPAN driver in the Linux kernel through 4.0.5 relies on an untrusted length field during packet parsing, which allows remote attackers to obtain sensitive information from kernel memory or cause a denial of service out-of-bounds read and system crash via a crafted packet...

APPLE-SA-2015-05-19-1 Watch OS 1.0.1

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2015-05-19-1 Watch OS 1.0.1 Watch OS 1.0.1 is now available and addresses the following: Certificate Trust Policy Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: Update to the certificate trust policy Descriptio...

Microsoft Windows Kernel Mode Driver Information Disclosure Vulnerability (CNVD-2015-03070)

Microsoft Windows is a popular operating system. An unspecified security vulnerability in Microsoft Windows Win32k.sys allows local attackers to exploit the vulnerability to build special applications that run on the system to obtain kernel memory information...

Microsoft Windows Kernel Mode Driver Information Disclosure Vulnerability (CNVD-2015-03069)

Microsoft Windows is a popular operating system. An unspecified security vulnerability in Microsoft Windows Win32k.sys allows local attackers to exploit the vulnerability to build special applications that run on the system to obtain kernel memory information...

Microsoft Windows Kernel Mode Driver Information Disclosure Vulnerability (CNVD-2015-03066)

Microsoft Windows is a popular operating system. An unspecified security vulnerability in Microsoft Windows Win32k.sys allows local attackers to exploit the vulnerability to build special applications that run on the system to obtain kernel memory information...

Microsoft Windows Kernel Mode Driver Information Disclosure Vulnerability (CNVD-2015-03062)

Microsoft Windows is a popular operating system. An unspecified security vulnerability in Microsoft Windows Win32k.sys allows local attackers to exploit the vulnerability to build special applications that run on the system to obtain kernel memory information...

Microsoft Windows Kernel Mode Driver Information Disclosure Vulnerability (CNVD-2015-03065)

Microsoft Windows is a popular operating system. An unspecified security vulnerability in Microsoft Windows Win32k.sys allows local attackers to exploit the vulnerability to build special applications that run on the system to obtain kernel memory information...

CVE-2015-1676

The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to bypass the ASLR protection mechanism via a crafted function...