CVE-2017-1000251

The native Bluetooth stack in the Linux Kernel BlueZ, starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space...

UBUNTU-CVE-2017-1000251

The native Bluetooth stack in the Linux Kernel BlueZ, starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space...

CVE-2016-5349

The high level operating systems HLOS was not providing sufficient memory address information to ensure that secure applications inside Qualcomm Secure Execution Environment QSEE only write to legitimate memory ranges related to the QSEE secure application's HLOS client. When secure applications...

Privilege escalation

The high level operating systems HLOS was not providing sufficient memory address information to ensure that secure applications inside Qualcomm Secure Execution Environment QSEE only write to legitimate memory ranges related to the QSEE secure application's HLOS client. When secure applications...

UBUNTU-CVE-2016-5349

The high level operating systems HLOS was not providing sufficient memory address information to ensure that secure applications inside Qualcomm Secure Execution Environment QSEE only write to legitimate memory ranges related to the QSEE secure application's HLOS client. When secure applications...

iPhone playing the video automatically shut down“wonderful”vulnerability cause analysis-vulnerability warning-the black bar safety net

A description of the No. 23 in the morning major Network Media issued a newsiOS also exposed new vulnerabilities, play a particular video led to the automatic shutdown with the demo video））, the main contents are: Apple iOS devices and is a burst of new vulnerabilities that play a particular MP4...

[SECURITY] Fedora 25 Update: mingw-nettle-3.3-1.fc25

Nettle is a cryptographic library that is designed to fit easily in more or less any context: In crypto toolkits for object-oriented languages C++, Python, Pike, ..., in applications like LSH or GNUPG, or even in kernel space...

Joyent SmartOS dtrace Information Disclosure Vulnerability

This vulnerability allows attackers to disclose sensitive information on vulnerable installations of Joyent SmartOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the dtrace...

Joyent SmartOS dtrace Information Disclosure Vulnerability

This vulnerability allows attackers to disclose sensitive information on vulnerable installations of Joyent SmartOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the dtrace...

Joyent SmartOS dtrace Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose information on vulnerable installations of Joyent SmartOS. User interaction is required to exploit this vulnerability in that the target must open a malicious file. The specific flaw exists within the dtrace implementation in SmartOS. A functi...

CVE-2014-9878

drivers/mmc/card/mmcblocktest.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not reject kernel-space buffer addresses, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28769208 and Qualcomm internal bug CR547479...

Apple Mac OSX Kernel - GeForce GPU Driver Stack Buffer Overflow

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=724 nvAPIClient::Escape is the sole external method of nvAcclerator userclient type 0x2a0. It implements its own method and parameter demuxing using the struct-in struct-out buffers. The second dword in the struct in buffer is...

Joyent SmartOS dtrace Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose information on vulnerable installations of Joyent SmartOS. User interaction is required to exploit this vulnerability in that the target must open a malicious file. The specific flaw exists within the dtrace implementation in SmartOS. A functi...

Microsoft Windows Kernel - ATMFD.dll OTF Font Processing Pool-Based Buffer Overflow (MS16-026)

Microsoft Windows Kernel - ATMFD.dll OTF Font Processing Pool-Based Buffer Overflow MS16-026 Source: https://code.google.com/p/google-security-research/issues/detail?id=683 We have encountered a Windows kernel crash in the ATMFD.DLL OpenType driver while processing a corrupted OTF font file: ---...

[SECURITY] Fedora 22 Update: nettle-2.7.1-6.fc22

Nettle is a cryptographic library that is designed to fit easily in more or less any context: In crypto toolkits for object-oriented languages C++, Python, Pike, ..., in applications like LSH or GNUPG, or even in kernel space...

Joyent SmartOS dtrace Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose information on vulnerable installations of Joyent SmartOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the dtrace...

[SECURITY] Fedora 23 Update: nettle-3.2-1.fc23

Nettle is a cryptographic library that is designed to fit easily in more or less any context: In crypto toolkits for object-oriented languages C++, Python, Pike, ..., in applications like LSH or GNUPG, or even in kernel space...

Intel Network Adapter Diagnostic Driver Remote Code Execution Vulnerability

Intel Network Adapter Diagnostic Driver is a set of network adapter diagnostic tools from Intel USA. A remote code execution vulnerability exists in Intel Network Adapter Diagnostic Driver. An attacker could use this vulnerability to execute arbitrary code in the context of the kernel space, whic...

Windows win32k.sys TTF Font Processing win32k!fsc_RemoveDups Out-of-Bounds Pool Memory Access

Source: https://code.google.com/p/google-security-research/issues/detail?id=401&can=1 We have encountered a Windows kernel crash in the win32k!fscRemoveDups function while processing corrupted TTF font files, such as: --- PAGEFAULTINNONPAGEDAREA 50 Invalid system memory was referenced. This canno...

Intel Network Adapter Diagnostic Driver - IOCTL Handling Vulnerability

Exploit for windows platform in category dos / poc / Intel Network Adapter Diagnostic Driver IOCTL Handling Vulnerability Vendor: Intel Product webpage: http://www.intel.com Affected products: Network Adapter Driver for Windows XP Network Adapter Driver for Windows 7 Network Adapter Driver for...