Lucene search
K

5121 matches found

0day.today
0day.today
added 2017/02/01 12:0 a.m.25 views

Google Android - Unprotected MSRs in EL1 RKP Privilege Escalation Exploit

Exploit for Android platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=980 As part of Samsung KNOX, Samsung phones include a security hypervisor called RKP Real-time Kernel Protection, running in EL2. This hypervisor is meant to ensure that the HLOS...

7AI score
Exploits0
Fedora
Fedora
added 2017/01/29 10:18 p.m.13 views

[SECURITY] Fedora 24 Update: mapserver-6.2.4-1.fc24

Mapserver is an internet mapping program that converts GIS data to map images in real time. With appropriate interface pages, Mapserver can provide an interactive internet map based on custom GIS data...

2.9AI score
Exploits0
Fedora
Fedora
added 2017/01/29 9:52 p.m.24 views

[SECURITY] Fedora 25 Update: mapserver-7.0.4-1.gitb4bc015.fc25

Mapserver is an internet mapping program that converts GIS data to map images in real time. With appropriate interface pages, Mapserver can provide an interactive internet map based on custom GIS data...

9.8CVSS2.9AI score0.04757EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2017/01/07 12:0 a.m.5 views

Network drives aren't mapped correctly from DFS namespace in Windows Server 2012 R2-based RDS server

Network drives aren't mapped correctly from DFS namespace in Windows Server 2012 R2-based RDS server This article describes an issue that occurs on a Windows Server 2012 R2-based computer that has the Remote Desktop Services RDS role installed. You can fix this issue by using the update in this...

6.7AI score
Exploits0
OSV
OSV
added 2016/12/29 10:59 p.m.1 views

DEBIAN-CVE-2015-8817

QEMU aka Quick Emulator built to use 'addressspacetranslate' to map an address to a MemoryRegionSection is vulnerable to an OOB r/w access issue. It could occur while doing pcidmaread/write calls. Affects QEMU versions = 1.6.0 and = 2.3.1. A privileged user inside guest could use this flaw to cra...

5.5CVSS6.8AI score0.00402EPSS
Exploits0References1
Fedora
Fedora
added 2016/12/20 6:19 p.m.25 views

[SECURITY] Fedora 24 Update: mapserver-6.2.3-1.fc24

Mapserver is an internet mapping program that converts GIS data to map images in real time. With appropriate interface pages, Mapserver can provide an interactive internet map based on custom GIS data...

7.5CVSS2.9AI score0.01501EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2016/12/15 10:11 p.m.4 views

mod_jk: Buffer overflow when concatenating virtual host name and URI

It was found that the length checks prior to writing to the target buffer for creating a virtual host mapping rule did not take account of the length of the virtual host name, creating the potential for a buffer overflow...

9.8CVSS6.2AI score0.18989EPSS
Exploits1References5
Debian CVE
Debian CVE
added 2016/11/10 9:0 p.m.55 views

CVE-2016-5195

Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write COW feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."...

7.2CVSS7.2AI score0.83524EPSS
Exploits81
OSV
OSV
added 2016/11/08 8:59 p.m.5 views

CVE-2016-7383

For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in a memory mapping API in the kernel mode layer nvlddmkm.sys handler, leading to denial of service or potential escalation of privileges...

7.8CVSS5.8AI score0.00405EPSS
Exploits0References3
NVD
NVD
added 2016/11/08 8:59 p.m.20 views

CVE-2016-7383

For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in a memory mapping API in the kernel mode layer nvlddmkm.sys handler, leading to denial of service or potential escalation of privileges...

7.8CVSS7.6AI score0.00405EPSS
Exploits0References3
Prion
Prion
added 2016/11/08 8:59 p.m.23 views

Design/Logic Flaw

For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in a memory mapping API in the kernel mode layer nvlddmkm.sys handler, leading to denial of service or potential escalation of privileges...

6.1CVSS7.3AI score0.00405EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/11/04 12:0 a.m.38 views

NVIDIA Linux GPU Display Driver 304.x < 304.132 / 340.x < 340.98 / 361.93.x < 361.93.03 / 367.x < 367.55 / 370.x < 370.28 Multiple Vulnerabilities

The version of the NVIDIA GPU display driver installed on the remote Linux host is 304.x prior to 304.132, 340.x prior to 340.98, 361.93.x prior to 361.93.03, 367.x prior to 367.55, or 370.x prior to 370.28. It is, therefore, affected by multiple vulnerabilities : - A flaw exists in the kernel-mo...

7.8CVSS7.5AI score0.00423EPSS
Exploits0References3
android
android
added 2016/11/01 12:0 a.m.65 views

CVE-2016-5195

Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write COW feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."...

7.2CVSS4.6AI score0.83524EPSS
Exploits81References4
myhack58
myhack58
added 2016/10/29 12:0 a.m.28 views

The Linux kernel through kill to mention the right vulnerability alerts-a vulnerability alert-the black bar safety net

The Linux kernel in the processing memory write copies Copy-on-Write when the existence conditions of competitive vulnerability, the result can be destruction of private read-only memory mapping. A low-privileged local user can exploit this vulnerability to obtain additional read-only memory-mapp...

0.6AI score
Exploits0
RedHat Linux
RedHat Linux
added 2016/10/26 6:43 p.m.7 views

kernel: mm: privilege escalation via MAP_PRIVATE COW breakage

A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write COW breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on...

7.2CVSS6.6AI score0.83524EPSS
Exploits81References6
OSV
OSV
added 2016/10/20 7:31 p.m.20 views

MGASA-2016-0347 Updated kernel packages fixes security vulnerabilities

This update is based on the upstream 4.4.26 kernel and fixes at least theese security issues: A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write COW breakage of private read-only memory mappings. An unprivileged local user could use this flaw to ga...

7.8CVSS7AI score0.83524EPSS
Exploits86References6
OSV
OSV
added 2016/10/19 12:0 a.m.2 views

UBUNTU-CVE-2016-5195

Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write COW feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."...

7.8CVSS6.9AI score0.83524EPSS
Exploits81References13
Tenable Nessus
Tenable Nessus
added 2016/10/13 12:0 a.m.96 views

UPnP Internet Gateway Device (IGD) Port Mapping Listing

According to its UPnP data, the remote device is a NAT router that supports the Internet Gateway Device IGD Standardized Device Control Protocol. Nessus was able to list 'port mappings' that redirect ports from the device's external interface to the scanner address. An unauthenticated, remote...

5.6AI score
Exploits0References3
CNVD
CNVD
added 2016/10/11 12:0 a.m.0 views

GraphicsMagick Heap Overflow Vulnerability

GraphicsMagick is the Swiss Army Knife of image processing. The short and compact code provides a robust and efficient collection of tools and libraries. GraphicsMagick WPG format reader fails to check if a color mapping table entry is greater than 256, leading to a potential heap overflow...

9.8CVSS9.6AI score0.03905EPSS
Exploits0References1
OSV
OSV
added 2016/10/10 10:59 a.m.2 views

DEBIAN-CVE-2015-8950

arch/arm64/mm/dma-mapping.c in the Linux kernel before 4.0.3, as used in the ION subsystem in Android and other products, does not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory by triggering a dmammap call...

5.5CVSS7.4AI score0.01457EPSS
Exploits0References1
Rows per page
Query Builder