4288 matches found
MariaDB 10.3.0 < 10.3.26 Multiple Vulnerabilities
The version of MariaDB installed on the remote host is prior to 10.3.26. It is, therefore, affected by multiple vulnerabilities as referenced in the 10.3.26 advisory. - With MariaDB running on Windows, when local clients connect to the server over named pipes, it's possible for an unprivileged us...
MariaDB 10.1.0 < 10.1.48 Multiple Vulnerabilities
The version of MariaDB installed on the remote host is prior to 10.1.48. It is, therefore, affected by multiple vulnerabilities as referenced in the 10.1.48 advisory. - With MariaDB running on Windows, when local clients connect to the server over named pipes, it's possible for an unprivileged us...
CVE-2019-8829
A memory corruption vulnerability was addressed with improved locking. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6.1, tvOS 13.2, iOS 13.2 and iPadOS 13.2. An application may be able to execute arbitrary code with kernel privileg...
CVE-2019-8740
A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 13.1 and iPadOS 13.1, watchOS 6, tvOS 13. An application may be able to execute arbitrary code with kernel privileges...
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Locking). Supported versions that are affected are 5.6.49 and prior 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
...
Trend Micro Antivirus for Mac Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Antivirus for Mac. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...
Unspecified Vulnerability in Oracle MySQL Server (CNVD-2020-58241)
Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. A security vulnerability exists in the Server: Locking component of Oracle MySQL Server 5.6.49, 5.7.31, 8.0.21 and earlier versions. An attacker can...
DEBIAN-CVE-2020-14812
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Locking. Supported versions that are affected are 5.6.49 and prior, 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...
UBUNTU-CVE-2020-14812
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Locking. Supported versions that are affected are 5.6.49 and prior, 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...
CVE-2020-14812
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Locking. Supported versions that are affected are 5.6.49 and prior, 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...
CVE-2020-14812
CVE-2020-14812 affects Oracle MySQL Server (component: Server: Locking) with affected versions 5.6.49 and prior, 5.7.31 and prior, and 8.0.21 and prior. Exploitation can lead to a hang or frequent crashes (DoS) with network access. Remediation status varies by distribution; Debian LTS notes a fix...
Apple macOS process_token_SetFence Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AppleIntelKBLGraphic...
Apple macOS process_token_SetFence Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AppleIntelKBLGraphic...
CVE-2020-0423
In binderreleasework of binder.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...
DEBIAN-CVE-2020-0423
In binderreleasework of binder.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...
CVE-2020-0423
In binderreleasework of binder.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...
Input validation
In binderreleasework of binder.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...
UBUNTU-CVE-2020-0423
In binderreleasework of binder.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...
CVE-2020-0423
CVE-2020-0423 is a use-after-free in the Android/Linux binder driver (binder_release_work in binder.c) caused by improper locking. It enables local privilege escalation with no extra user interaction required. The description appears consistently across multiple connected sources (e.g., Astra Lin...
CVE-2020-0423
In binderreleasework of binder.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...