CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6589 matches found

Kitploit•added 2014/02/04 7:7 p.m.•111 views

Exploit Linux 3.4+ Arbitrary write with CONFIG_X86_X32

CVE: 2014-0038 Author: saelo Published: 2014-02-02 / Local root exploit for CVE-2014-0038. https://raw.github.com/saelo/cve-2014-0038/master/timeoutpwn.c Bug: The X86X32 recvmmsg syscall does not properly sanitize the timeout pointer passed from userspace. Exploit primitive: Pass a pointer to a...

6.9CVSS6.3AI score0.51521EPSS

Exploits16

Cvelist•added 2014/02/04 7:0 p.m.•17 views

CVE-2012-0875

SystemTap 1.7, 1.6.7, and probably other versions, when unprivileged mode is enabled, allows local users to obtain sensitive information from kernel memory or cause a denial of service kernel panic and crash via vectors related to crafted DWARF data, which triggers a read of an invalid pointer...

5.7AI score0.00064EPSS

Exploits0References6

Debian CVE•added 2014/02/04 7:0 p.m.•22 views

CVE-2012-0875

5.4CVSS6.1AI score0.00064EPSS

Exploits0

CVE•added 2014/02/04 7:0 p.m.•67 views

CVE-2012-0875

Affected software: SystemTap (examples cited: 1.7, 1.6.7; other versions likely affected). Vulnerability cause: When unprivileged mode is enabled, crafted DWARF data can trigger an invalid pointer read, enabling local users to read kernel memory or cause a kernel panic/DoS. Impact: Local informat...

5.4CVSS5.8AI score0.00064EPSS

Exploits0References6Affected Software1

exploitpack•added 2014/02/02 12:0 a.m.•51 views

Linux Kernel 3.4 3.13.2 (Ubuntu 13.10) - CONFIG_X86_X32 Arbitrary Write (2)

Linux Kernel 3.4 3.13.2 Ubuntu 13.10 - CONFIGX86X32 Arbitrary Write 2 / Local root exploit for CVE-2014-0038. https://raw.github.com/saelo/cve-2014-0038/master/timeoutpwn.c Bug: The X86X32 recvmmsg syscall does not properly sanitize the timeout pointer passed from userspace. Exploit primitive: Pa...

6.9CVSS0.5AI score0.51521EPSS

Exploits16

0day.today•added 2014/02/02 12:0 a.m.•72 views

Linux kernel 3.4+ Arbitrary write with CONFIG_X86_X32

Exploit for linux platform in category local exploits / Local root exploit for CVE-2014-0038. https://raw.github.com/saelo/cve-2014-0038/master/timeoutpwn.c Bug: The X86X32 recvmmsg syscall does not properly sanitize the timeout pointer passed from userspace. Exploit primitive: Pass a pointer to ...

6.9CVSS0.2AI score0.51521EPSS

Exploits16

OSV•added 2014/01/18 10:55 p.m.•4 views

CVE-2014-1444

The fstgetiface function in drivers/net/wan/farsync.c in the Linux kernel before 3.11.7 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging the CAPNETADMIN capability for an SIOCWANDEV ioctl call...

6.5AI score

Exploits0References9

OSV•added 2014/01/18 10:55 p.m.•1 views

DEBIAN-CVE-2014-1444

1.7CVSS7.3AI score0.00071EPSS

Exploits1References1

NVD•added 2014/01/18 10:55 p.m.•17 views

CVE-2014-1444

1.7CVSS6.5AI score0.00071EPSS

Exploits1References9

OSV•added 2014/01/18 10:55 p.m.•1 views

DEBIAN-CVE-2014-1445

The wanxlioctl function in drivers/net/wan/wanxl.c in the Linux kernel before 3.11.7 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via an ioctl call...

2.1CVSS7.3AI score0.00035EPSS

Exploits1References1

UbuntuCve•added 2014/01/18 12:0 a.m.•16 views

CVE-2014-1444

1.7CVSS6.8AI score0.00071EPSS

Exploits1References11

OSV•added 2014/01/18 12:0 a.m.•0 views

UBUNTU-CVE-2014-1445

2.1CVSS6.7AI score0.00035EPSS

Exploits1References12

OSV•added 2014/01/08 12:0 a.m.•0 views

UBUNTU-CVE-2013-7281

The dgramrecvmsg function in net/ieee802154/dgram.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a 1 recvfrom, 2...

4.9CVSS6.6AI score0.00029EPSS

Exploits0References18

NVD•added 2014/01/06 4:55 p.m.•21 views

CVE-2013-7271

The x25recvmsg function in net/x25/afx25.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a 1 recvfrom, 2 recvmmsg, or 3 recvm...

4.9CVSS6.8AI score0.00046EPSS

Exploits0References20

OSV•added 2014/01/06 4:55 p.m.•1 views

DEBIAN-CVE-2013-7270

The packetrecvmsg function in net/packet/afpacket.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a 1 recvfrom, 2 recvmmsg, or...

4.9CVSS5.5AI score0.00046EPSS

Exploits0References1

NVD•added 2014/01/06 4:55 p.m.•14 views

CVE-2013-7270

4.9CVSS6.8AI score0.00046EPSS

Exploits0References20

OSV•added 2014/01/06 4:55 p.m.•1 views

DEBIAN-CVE-2013-7267

The atalkrecvmsg function in net/appletalk/ddp.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a 1 recvfrom, 2 recvmmsg, or 3...

4.9CVSS5.5AI score0.00035EPSS

Exploits0References1

OSV•added 2014/01/06 4:55 p.m.•0 views

DEBIAN-CVE-2013-7268

The ipxrecvmsg function in net/ipx/afipx.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a 1 recvfrom, 2 recvmmsg, or 3 recvm...

4.9CVSS7.4AI score0.00035EPSS

Exploits0References1

NVD•added 2014/01/06 4:55 p.m.•19 views

CVE-2013-7267

4.9CVSS6.8AI score0.00035EPSS

Exploits0References18

OSV•added 2014/01/06 4:55 p.m.•1 views

DEBIAN-CVE-2013-7271

4.9CVSS7.4AI score0.00046EPSS

Exploits0References1

Rows per page