Microsoft Windows Kernel-Mode Driver Privilege Elevation Vulnerability (3045171)

This host is missing an important security update according to Microsoft Bulletin MS15-051. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft Windows Kernel Mode Driver CVE-2015-1679 Local Information Disclosure Vulnerability

Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information such as kernel memory contents. This may aid in launching further attacks. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP...

Microsoft Windows Kernel Mode Driver CVE-2015-1676 Local Information Disclosure Vulnerability

Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information such as kernel memory contents. This may aid in launching further attacks. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP...

CVE-2015-2042

net/rds/sysctl.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry...

DEBIAN-CVE-2015-2041

net/llc/sysctlnetllc.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry...

CVE-2015-2041

net/llc/sysctlnetllc.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry...

Code injection

net/llc/sysctlnetllc.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry...

Code injection

net/rds/sysctl.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry...

CVE-2015-2042

net/rds/sysctl.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry...

Active DoS Exploits for MS15-034 Under Way

UPDATE – Microsoft’s characterization of MS15-034 as a remote code execution vulnerability certainly has a lot of Windows server admins on edge waiting for the other shoe to drop. In the three days since the bulletin was released warning of a critical vulnerability in the HTTP protocol stack,...

CVE-2015-1097

IOMobileFramebuffer in Apple iOS before 8.3 and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app...

CVE-2015-1094

IOAcceleratorFamily in Apple iOS before 8.3 and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app...

Design/Logic Flaw

IOAcceleratorFamily in Apple iOS before 8.3 and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app...

Design/Logic Flaw

IOHIDFamily in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app...

CVE-2015-1096

IOHIDFamily in Apple iOS before 8.3, OS X before 10.10.3, and Apple TV before 7.2 contains a memory‑disclosure issue that allows a crafted app to obtain kernel memory information. The vulnerability is attributed to IOHIDFamily and is described as a memory corruption/memory disclosure risk; Apple’...

CVE-2015-1097

IOMobileFramebuffer in Apple iOS before 8.3 and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app...

CVE-2015-1094

The connected WatchOS advisory (APPLE-SA-2015-05-19-1) confirms CVE-2015-1094 affects IOAcceleratorFamily and could allow a malicious app to disclose kernel memory. Description: the issue caused kernel memory disclosure and was mitigated by removing unneeded code in IOAcceleratorFamily; the fix i...

CVE-2015-1097

CVE-2015-1097 affects IOMobileFramebuffer in Apple iOS (before 8.3) and Apple TV (before 7.2). The issue allows a crafted app to disclose sensitive information from kernel memory due to a memory-disclosure vulnerability in MobileFrameBuffer, as described in the CVE entry. The Apple iOS 8.3 and Ap...

CVE-2015-1096

IOHIDFamily in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 allows attackers to obtain sensitive information about kernel memory via a crafted app...

Apple TV < 7.2 Multiple Vulnerabilities

According to its banner, the remote Apple TV device is a version prior to 7.2. It is, therefore, affected by the following vulnerabilities : - Multiple memory corruption vulnerabilities exist in WebKit due to improperly validated user-supplied input. A remote attacker, using a specially crafted...