6589 matches found
Microsoft Windows Kernel 'Win32k.sys' CVE-2015-0057 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges and gain access to kernel memory. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 f...
CVE-2014-8612
Multiple array index errors in the Stream Control Transmission Protocol SCTP module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before p9, and 8.4 before p23 allow local users to 1 gain privileges via the stream id to the setsockopt function, when setting the SCTIPSSVALUE option, or 2 read...
CVE-2014-8612
Multiple array index errors in the Stream Control Transmission Protocol SCTP module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before p9, and 8.4 before p23 allow local users to 1 gain privileges via the stream id to the setsockopt function, when setting the SCTIPSSVALUE option, or 2 read...
CVE-2014-0998
Integer signedness error in the vt console driver formerly Newcons in FreeBSD 9.3 before p10 and 10.1 before p6 allows local users to cause a denial of service crash and possibly gain privileges via a negative value in a VTWAITACTIVE ioctl call, which triggers an array index error and out-of-boun...
Information disclosure
Multiple array index errors in the Stream Control Transmission Protocol SCTP module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before p9, and 8.4 before p23 allow local users to 1 gain privileges via the stream id to the setsockopt function, when setting the SCTIPSSVALUE option, or 2 read...
Integer overflow
Integer signedness error in the vt console driver formerly Newcons in FreeBSD 9.3 before p10 and 10.1 before p6 allows local users to cause a denial of service crash and possibly gain privileges via a negative value in a VTWAITACTIVE ioctl call, which triggers an array index error and out-of-boun...
CVE-2014-0998
Removed by vendor...
CVE-2014-0998
The CVE-2014-0998 entry concerns FreeBSD where the vt console driver (vt, formerly Newcons) contains a sign-conversion/array-bounds bug in VT_WAITACTIVE that a local unprivileged user can exploit to crash the kernel or gain privileges. The vulnerability stems from reading an input value as unsign...
CVE-2014-0998
Integer signedness error in the vt console driver formerly Newcons in FreeBSD 9.3 before p10 and 10.1 before p6 allows local users to cause a denial of service crash and possibly gain privileges via a negative value in a VTWAITACTIVE ioctl call, which triggers an array index error and out-of-boun...
CVE-2014-8612
Removed by vendor...
CVE-2014-8612
Multiple array index errors in the Stream Control Transmission Protocol SCTP module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before p9, and 8.4 before p23 allow local users to 1 gain privileges via the stream id to the setsockopt function, when setting the SCTIPSSVALUE option, or 2 read...
FreeBSD Security Advisory FreeBSD-SA-15:02.kmem
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-15:02.kmem Security Advisory The FreeBSD Project Topic: SCTP SCTPSSVALUE kernel memory corruption and disclosure Category: core Module: sctp Announced: 2015-01-...
CVE-2014-8823
The IOUSBControllerUserClient::ReadRegister function in the IOUSB controller in IOUSBFamily in Apple OS X before 10.10.2 allows local users to read data from arbitrary kernel-memory locations by leveraging root access and providing a crafted first argument...
Design/Logic Flaw
IOHIDFamily in Apple OS X before 10.10.2 allows attackers to execute arbitrary code in a kernel context or cause a denial of service write to kernel memory via a crafted app that calls an unspecified user-client method...
Memory corruption
The IOUSBControllerUserClient::ReadRegister function in the IOUSB controller in IOUSBFamily in Apple OS X before 10.10.2 allows local users to read data from arbitrary kernel-memory locations by leveraging root access and providing a crafted first argument...
Code injection
The Bluetooth driver in Apple OS X before 10.10.2 allows attackers to execute arbitrary code in a privileged context or cause a denial of service arbitrary-size bzero of kernel memory via a crafted app...
CVE-2014-8836
The Bluetooth driver in Apple OS X before 10.10.2 allows attackers to execute arbitrary code in a privileged context or cause a denial of service arbitrary-size bzero of kernel memory via a crafted app...
CVE-2014-8823
The IOUSBControllerUserClient::ReadRegister function in the IOUSB controller in IOUSBFamily in Apple OS X before 10.10.2 allows local users to read data from arbitrary kernel-memory locations by leveraging root access and providing a crafted first argument...
CVE-2014-8822
IOHIDFamily in Apple OS X before 10.10.2 allows attackers to execute arbitrary code in a kernel context or cause a denial of service write to kernel memory via a crafted app that calls an unspecified user-client method...
CVE-2014-8822
CVE-2014-8822 affects Apple OS X IOHIDFamily prior to 10.10.2. A crafted app calling an unspecified IOHID user-client method can cause a kernel-context code execution or a denial of service (kernel memory write). Root cause involves a bounds/validation issue in the IOHIDFamily user-client handlin...