Lucene search
K

5121 matches found

Prion
Prion
added 2016/10/10 10:59 a.m.19 views

Information disclosure

arch/arm64/mm/dma-mapping.c in the Linux kernel before 4.0.3, as used in the ION subsystem in Android and other products, does not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory by triggering a dmammap call...

4.3CVSS6AI score0.01457EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2016/10/10 10:59 a.m.3 views

UBUNTU-CVE-2015-8950

arch/arm64/mm/dma-mapping.c in the Linux kernel before 4.0.3, as used in the ION subsystem in Android and other products, does not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory by triggering a dmammap call...

5.5CVSS6.7AI score0.01457EPSS
Exploits0References6
Cvelist
Cvelist
added 2016/10/10 10:0 a.m.26 views

CVE-2015-8950

arch/arm64/mm/dma-mapping.c in the Linux kernel before 4.0.3, as used in the ION subsystem in Android and other products, does not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory by triggering a dmammap call...

5.1AI score0.01457EPSS
Exploits0References6
CVE
CVE
added 2016/10/10 10:0 a.m.65 views

CVE-2015-8950

CVE-2015-8950 affects the Linux kernel (arch/arm64/mm/dma-mapping.c) prior to 4.0.3, where uninitialized data structures in the ION memory-management path can be exposed via dma_mmap. This local-access vulnerability could allow a non-privileged user to read kernel memory. The public references in...

5.5CVSS4.9AI score0.01457EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2016/10/10 10:0 a.m.33 views

CVE-2015-8950

arch/arm64/mm/dma-mapping.c in the Linux kernel before 4.0.3, as used in the ION subsystem in Android and other products, does not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory by triggering a dmammap call...

5.5CVSS5.1AI score0.01457EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2016/10/06 1:17 p.m.35 views

CVE-2016-6808

It was found that the length checks prior to writing to the target buffer for creating a virtual host mapping rule did not take account of the length of the virtual host name, creating the potential for a buffer overflow...

9.8CVSS9AI score0.18989EPSS
Exploits1References2
Hacker One
Hacker One
added 2016/10/03 4:17 p.m.29 views

Enter: [CRITICAL]-Taking over entire subdomain of romit.io

Hi, During recon, I found out that blog.romit.io was not mapped with wordpress.com and the domain was returning back error like this domain has not been mapped with wordpress.com, to map it please login into wordpres.com. So, I quickly created an account on wordpress.com and mapped blog.romit.io ...

6.9AI score
Exploits0
exploitpack
exploitpack
added 2016/09/23 12:0 a.m.18 views

Linux SELinux - W+X Protection Bypass via AIO

Linux SELinux - W+X Protection Bypass via AIO / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=854 SELinux has a set of permissions that can be used to prevent processes from creating executable memory mappings that contain data controlled by the process PROCESSEXECMEM,...

0.6AI score
Exploits0
0day.today
0day.today
added 2016/09/23 12:0 a.m.30 views

SELinux W+X Protection Bypass via AIO

Exploit for linux platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=854 SELinux has a set of permissions that can be used to prevent processes from creating executable memory mappings that contain data controlled by the process PROCESSEXECMEM,...

7AI score
Exploits0
Veeam
Veeam
added 2016/08/26 12:0 a.m.15 views

How to Map Replicas in Cloud Connect

Purpose This KB article documents the procedure for mapping a replication job to a replica that was not created by a tenant's replication job. Cause Use case examples: The tenant has sent backup files to the Service Provider, and the Service Provider restores the VMs from the backup files to crea...

6.8AI score
Exploits0Affected Software1
NVD
NVD
added 2016/08/06 10:59 a.m.15 views

CVE-2014-9888

arch/arm/mm/dma-mapping.c in the Linux kernel before 3.13 on ARM platforms, as used in Android before 2016-08-05 on Nexus 5 and 7 2013 devices, does not prevent executable DMA mappings, which might allow local users to gain privileges via a crafted application, aka Android internal bug 28803642 a...

7.8CVSS7.2AI score0.00395EPSS
Exploits0References5
OSV
OSV
added 2016/08/06 10:59 a.m.3 views

UBUNTU-CVE-2015-8943

drivers/video/msm/mdss/mdssmdputil.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not verify that a mapping exists before proceeding with an unmap operation, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28815158 a...

7.8CVSS7.2AI score0.00454EPSS
Exploits0References4
Kitploit
Kitploit
added 2016/07/31 3:30 p.m.70 views

Xerosploit - Efficient And Advanced Man In The Middle Framework

Xerosploit is a penetration testing toolkit whose goal is to perform man in the middle attacks for testing purposes. It brings various modules that allow to realise efficient attacks, and also allows to carry out denial of service attacks and port scanning. Powered by bettercap and nmap...

7.7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2016/07/27 12:0 a.m.31 views

Scientific Linux Security Update : samba on SL7.x x86_64 (20160726)

Security Fixes : - A flaw was found in the way Samba initiated signed DCE/RPC connections. A man-in-the-middle attacker could use this flaw to downgrade the connection to not use signing and therefore impersonate the server. CVE-2016-2119 Bug Fixes : - Previously, the 'net' command in some cases...

7.5CVSS6.9AI score0.03122EPSS
Exploits0References2
Cent OS
Cent OS
added 2016/07/26 11:26 a.m.65 views

ctdb, libsmbclient, libwbclient, samba security update

CentOS Errata and Security Advisory CESA-2016:1486 An update for samba is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

7.5CVSS6.8AI score0.03122EPSS
Exploits0References7
myhack58
myhack58
added 2016/07/21 12:0 a.m.22 views

Security Bulletin: ASN. 1 coding in the presence of a heap memory corruption vulnerability-vulnerability warning-the black bar safety net

! ! 1. Security Bulletin information Title: Objective system integrated Co., Ltd. The design of the ASN. 1 coding specification in the presence of one can lead to heap memory corruption vulnerabilities. Vulnerability CVE number: CVE-2 0 1 6-5 0 8 0 Announcement of the URL address:...

Exploits0
RedhatCVE
RedhatCVE
added 2016/07/11 4:48 a.m.37 views

CVE-2016-5007

It was found that differences in the strictness of Spring Security, and Spring Framework request mapping could lead to resources not being secured. An attacker could use this flaw to bypass authentication...

7.5CVSS2.9AI score0.02837EPSS
Exploits0References2
Hacker One
Hacker One
added 2016/07/05 5:37 a.m.85 views

ExpressionEngine: Filename and directory enumeration

Hello, The "Import File Converter" can be abused by an admin to map the server directories and files, because the "File location" field doesn't sanitize the user input and allows access to root directories and files. Steps to reproduce: 1- Go to...

1.4AI score
Exploits0
Hacker One
Hacker One
added 2016/06/17 7:27 p.m.49 views

Nextcloud: Server side request forgery (SSRF) on nextcloud implementation.

An admin of nextcloud server can add other trusted nextcloud server in his own installation. The following request passes when a new add request is processed: http POST /nextcloud/index.php/apps/federation/trusted-servers HTTP/1.1 Host: myown.nextcloudserver.com User-Agent: Mozilla/5.0 Macintosh;...

7AI score
Exploits0
myhack58
myhack58
added 2016/06/14 12:0 a.m.29 views

HITB16 issues resolution: Java applications ORM injection the development of new methods-vulnerability warning-the black bar safety net

! “Hack In The Box”conference is in Europe in Amsterdam, organized by the global well-known Security Summit. This year's conference very interesting, one by a security researcher Mikhail Egorov and Sergey Soldatov presented the topic“Java application ORM injection the development of new...

0.1AI score
Exploits0
Rows per page
Query Builder