The vulnerability of the Linux operating system, which allows a perpetrator to trigger a service failure or cause other effects.

The vulnerability in the driver drivers/media/usb/dvb-usb-v2/dvbusbcore.c of the Linux operating system arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor, operating locally, to improperly interact with the...

Intel Management Engine Insecure Read / Write Operations RCE (INTEL-SA-00075) (remote check)

The Intel Management Engine on the remote host has Active Management Technology AMT enabled, and according to its self-reported version in the banner, it is running Intel manageability firmware version 6.x prior to 6.2.61.3535, 7.x prior to 7.1.91.3272, 8.x prior to 8.1.71.3608, 9.0.x or 9.1.x...

CVE-2017-8418

CVE-2017-8418 : RuboCop 0.48.1 and earlier fails to use /tmp safely, allowing local users to tamper with other users’ cache files. Affects RuboCop versions up to and including 0.48.1; impact is local, privilege-impacting to the cache. The provided documents describe the vulnerability but do not i...

CVE-2014-9680

CVE-2014-9680 : sudo before 1.8.12 fails to sanitize the TZ environment variable, allowing a local attacker to bypass restrictions and potentially cause a denial of service or read/open unauthorized files via a sudo session. Connected advisories/docs corroborate local-execution impact and recomme...

CVE-2017-0563

An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing...

Privilege escalation

An elevation of privilege vulnerability in the kernel ION subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing th...

The vulnerability of the Linux operating system, which allows a hacker to trigger a service failure

The vulnerability of the keyringsearchaux function in the Linux operating system’s security/keys/keyring.c file is related to pointer dereferencing errors. Exploiting this vulnerability could allow an attacker, operating locally, to trigger a service failure dereferencing the null pointer through...

NixOS Local Elevation of Privilege Vulnerability

NixOS is a distribution of the Linux system. A security vulnerability exists in version 17.03 of NixOS prior to 17.03.887. A local attacker can exploit the vulnerability to gain privileges by executing the docker command...

The vulnerability of the Windows operating system, which allows a hacker to increase their privileges

The vulnerability of Windows operating system’s kernel mode drivers is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor, operating locally, to enhance their privileges through a specially created application...

The vulnerability of the Windows operating system, which allows a hacker to increase their privileges

The vulnerability of Windows operating system’s kernel mode drivers is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor, operating locally, to enhance their privileges through a specially created application...

CVE-2017-6459

The Windows installer for NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via vectors related to an argument with multiple null bytes...

Disk Sorter Enterprise 9.5.12 - Local Buffer Overflow

Disk Sorter Enterprise 9.5.12 - Local Buffer Overflow + Title: Disk Sorter Server v9.5.12 - Local Stack-based buffer overflow + Credits / Discovery: Nassim Asrir + Author Email: [email protected] || https://www.linkedin.com/in/nassim-asrir-b73a57122/ + Author Company: Henceforth + CVE: N/A Vendo...

EMC Replication Manager < 5.3 - Command Execution (Metasploit)

EMC Replication Manager 5.3 - Command Execution Metasploit. CVE-2011-0647. Local exploit for Windows platform...

kernel: Use after free in SCSI generic device interface (CVE-2016-9576 regression)

It was found that the fix for CVE-2016-9576 was incomplete: the Linux kernel's sg implementation did not properly restrict write operations in situations where the KERNELDS option is set. A local attacker to read or write to arbitrary kernel memory locations or cause a denial of service...

Netpbm Null Pointer Reference Local Denial of Service Vulnerability

netpbm is a tool for graphics conversion. Netpbm suffers from a local denial of service vulnerability. An attacker can exploit this vulnerability to cause a denial of service...

CVE-2017-0337

CVE-2017-0337 describes a local privilege-escalation in the NVIDIA GPU driver affecting Android on Kernel-3.18. The vulnerability could let a local malicious process execute code in kernel context, potentially enabling a permanent device compromise that might require a OS reflashing to repair. Th...

CVE-2017-0509

CVE-2017-0509 is an elevation-of-privilege in the Broadcom Wi‑Fi driver that could let a local malicious app execute arbitrary code in the kernel. Affected product: Android. Root cause: Broadcom Wi‑Fi driver vulnerability enabling local code execution with no privileges required and user interact...

CVE-2016-10151

CVE-2016-10151 is tied to the Hesiod 3.2.1 package. The vulnerability arises in the hesiod_init function in lib/hesiod.c, which compares the effective user ID (EUID) with the real UID to decide whether to load configurations from environment variables. This logic can enable local users to elevate...

CVE-2017-0507

An elevation of privilege vulnerability in the kernel ION subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing th...

Linux Kernel 'drivers/infiniband/sw/rxe/rxe_mr.c' Local Integer Overflow Vulnerability

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. Linux Kernel suffers from a local integer overflow vulnerability. A local attacker can exploit this vulnerability to execute arbitrary code in the context of an affected...