4382 matches found
Apport 2.x (Ubuntu Desktop 12.10 < 16.04) - Local Code Execution Exploit
Exploit for linux platform in category local exploits Both of these issues were reported to the Apport maintainers and a fix was released on 2016-12-14. The CrashDB code injection issue can be tracked with CVE-2016-9949 and the path traversal bug with CVE-2016-9950. An additional problem where...
CVE-2016-6848
An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. API requests can be used to inject, generate and download executable files to the client "Reflected File Download". Malicious platform specific e.g. Microsoft Windows batch file can be created via a trusted domain without...
CVE-2016-6848
An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. API requests can be used to inject, generate and download executable files to the client "Reflected File Download". Malicious platform specific e.g. Microsoft Windows batch file can be created via a trusted domain without...
Design/Logic Flaw
An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. API requests can be used to inject, generate and download executable files to the client "Reflected File Download". Malicious platform specific e.g. Microsoft Windows batch file can be created via a trusted domain without...
CVE-2016-6706
An elevation of privilege vulnerability in libstagefright in Mediaserver in Android 7.0 before 2016-11-01 could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to...
UBUNTU-CVE-2016-6706
An elevation of privilege vulnerability in libstagefright in Mediaserver in Android 7.0 before 2016-11-01 could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to...
Symantec VIP Access Desktop Local Code Execution Vulnerability
Symantec VIP Access Desktop is a set of online account security protection software from Symantec Symantec. A local code execution vulnerability exists in Symantec VIP Access Desktop versions prior to 2.2.3, which arises from the program failing to filter user-submitted input. A local attacker...
CVE-2016-6737
An elevation of privilege vulnerability in the kernel ION subsystem in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise,...
CVE-2016-6736
An elevation of privilege vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which...
CVE-2016-6707
An elevation of privilege vulnerability in System Server in Android 6.x before 2016-11-01 and 7.0 before 2016-11-01 could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local...
CVE-2016-6700
An elevation of privilege vulnerability in libzipfile in Android 4.x before 4.4.4, 5.0.x before 5.0.2, and 5.1.x before 5.1.1 could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as Critical due to the possibility of ...
UBUNTU-CVE-2016-6737
An elevation of privilege vulnerability in the kernel ION subsystem in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise,...
UBUNTU-CVE-2016-6700
An elevation of privilege vulnerability in libzipfile in Android 4.x before 4.4.4, 5.0.x before 5.0.2, and 5.1.x before 5.1.1 could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as Critical due to the possibility of ...
UBUNTU-CVE-2016-6705
An elevation of privilege vulnerability in Mediaserver in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High...
UBUNTU-CVE-2016-6735
An elevation of privilege vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which...
HP Network Node Manager i Local Code Execution Vulnerability
HP NNMI is a solution for network services. A local code execution vulnerability exists in HP Network Node Manager i. Exploitation of the vulnerability by a local attacker could affect the execution of arbitrary code in the context of the application, failure of which could result in a denial of...
Apple iOS/macOS Local Code Execution Vulnerability
Apple iOS/macOS is a set of operating systems developed for mobile devices. A local code execution vulnerability exists in Apple iOS/macOS, which can be exploited by an attacker to execute arbitrary code with root privileges...
Oracle VM VirtualBox Component Local Arbitrary Code Execution Vulnerability (CNVD-2016-09791)
Oracle Virtualization VirtualBox Oracle Oracle a virtualization product suite. Oracle VM VirtualBox is one of the virtual machine components. A local arbitrary code execution vulnerability exists in the Core subcomponent of the Oracle VM VirtualBox component of Oracle Virtualization, versions pri...
Oracle VM VirtualBox Component Local Arbitrary Code Execution Vulnerability
Oracle Virtualization VirtualBox Oracle Oracle a virtualization product suite. Oracle VM VirtualBox is one of the virtual machine components. A localized arbitrary code execution vulnerability exists in the Core subcomponent of the Oracle VM VirtualBox component of Oracle Virtualization, versions...
Microsoft Windows 'Capcom.sys' DLL Documents Local Code Execution Vulnerability
Microsoft Windows is a series of operating systems released by Microsoft Corporation in the United States. kernel is one of the kernels. A local code execution vulnerability exists in Microsoft Windows due to a failure to adequately filter user input. An attacker could exploit this vulnerability ...