6589 matches found
APPLE-SA-2015-04-08-4 Apple TV 7.2
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2015-04-08-4 Apple TV 7.2 Apple TV 7.2 is now available and addresses the following: Apple TV Available for: Apple TV 3rd generation and later Impact: A malicious application may be able to execute arbitrary code with system privileges...
Apple iOS IOAcceleratorFamily Kernel Memory Leak Vulnerability
Apple iOS is the latest operating system that runs on Apple's iPhone and iPod touch devices. Apple iOS IOAcceleratorFamily has a sensitive kernel memory leak that allows local attackers to exploit the vulnerability to obtain sensitive information...
Apple iOS Memory Out-of-Bounds Access Vulnerability
Apple iOS is the latest operating system that runs on Apple's iPhone and iPod touch devices. A memory out-of-bounds access vulnerability exists in the Apple iOS kernel, allowing malicious applications to read kernel memory or crash the system...
Debian DLA-103-1 : linux-2.6 security update
This security upload has been prepared in cooperation of the Debian Kernel, Security and LTS Teams and features the upstream stable release 2.6.32.64 see https://lkml.org/lkml/2014/11/23/181 for more information for that. It fixes the CVEs described below. Note: if you are using the openvz flavor...
Microsoft windows kernel mode driver null pointer reference vulnerability
Microsoft Windows is a popular operating system. A null pointer reference vulnerability exists in the Microsoft Windows kernel mode driver that can disclose the contents of kernel memory. The vulnerability allows attackers to obtain sensitive information and bypass ASLR protection...
Null pointer dereference
The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to cause a denial of service NULL pointer dereference and blue...
Design/Logic Flaw
The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not properly initialize function buffers, which allows local users to obtain...
Information disclosure
Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to obtain sensitive information from kernel memory, and possib...
Information disclosure
Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to obtain sensitive information from kernel memory, and possib...
CVE-2015-0077
The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not properly initialize function buffers, which allows local users to obtain...
CVE-2015-0087
CVE-2015-0087 is a memory-disclosure vulnerability in the Adobe Font Driver stack (notably ATMFD.DLL) and related font engines. Exploitation would leak uninitialized memory from the host process or kernel, potentially aiding KASLR bypass and information disclosure. Google Project Zero detailed a ...
CVE-2015-0087
Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to obtain sensitive information from kernel memory, and possib...
Microsoft Windows Kernel Mode Driver CVE-2015-0077 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information such as kernel memory contents. This may aid in launching further attacks. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1...
Ubuntu 10.04 LTS : linux vulnerabilities (USN-2511-1)
A race condition was discovered in the Linux kernel's key ring. A local user could cause a denial of service memory corruption or panic or possibly have unspecified impact via the keyctl commands. CVE-2014-9529 A memory leak was discovered in the ISO 9660 CDROM file system when parsing rock ridge...
CVE-2015-2041
net/llc/sysctlnetllc.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry...
CVE-2015-2042
net/rds/sysctl.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry...
UBUNTU-CVE-2015-2042
net/rds/sysctl.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry...
Updated kernel-rt packages fix security vulnerabilities
This kernel-rt update provides as upgrade to upstream 3.14 longterm branch, currently based on 3.14.32 and fixes the following security issues: The microcode on AMD 16h 00h through 0Fh processors does not properly handle the interaction between locked instructions and write-combined memory types,...
[SECURITY] [DLA 155-1] linux-2.6 security update
Package : linux-2.6 Version : 2.6.32-48squeeze11 CVE ID : CVE-2013-6885 CVE-2014-7822 CVE-2014-8133 CVE-2014-8134 CVE-2014-8160 CVE-2014-9420 CVE-2014-9584 CVE-2014-9585 CVE-2015-1421 CVE-2015-1593 This update fixes the CVEs described below. A further issue, CVE-2014-9419, was considered, but...
Microsoft Windows Kernel 'Win32k.sys' CVE-2015-0058 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges and gain access to kernel memory. Technologies Affected Microsoft Windows 8 for 32-bit Systems Microsoft Windows 8 for...