H2 Database 1.4.199 - JNI Code Execution Vulnerability

Exploit Title: H2 Database 1.4.199 - JNI Code Execution Exploit Author: 1F98D Original Author: Markus Wulftange Vendor Hompage: https://www.h2database.com/ Tested on: Windows 10 x64, Java 1.8, H2 1.4.199 References:...

JDK: buffer overflow in jio_snprintf() and jio_vsnprintf()

In Eclipse OpenJ9, prior to the 0.12.0 release, the jiosnprintf and jiovsnprintf native methods ignored the length parameter. This affects existing APIs that called the functions to exceed the allocated buffer. This functions were not directly callable by non-native user code...

CVE-2016-4305

A denial of service vulnerability exists in the syscall filtering functionality of Kaspersky Internet Security KLIF driver. A specially crafted native api call can cause a access violation in KLIF kernel driver resulting in local denial of service. An attacker can run program from user-mode to...

CVE-2016-4305

A denial of service vulnerability exists in the syscall filtering functionality of Kaspersky Internet Security KLIF driver. A specially crafted native api call can cause a access violation in KLIF kernel driver resulting in local denial of service. An attacker can run program from user-mode to...

Design/Logic Flaw

libs/binder/IMemory.cpp in the IMemory Native Interface in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not properly consider the heap size, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining...

CVE-2016-0846

libs/binder/IMemory.cpp in the IMemory Native Interface in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not properly consider the heap size, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining...

CVE-2016-0846

CVE-2016-0846 affects the IMemory Native Interface (libs/binder/IMemory.cpp) in Android, where the heap size is not properly accounted for, enabling a local attacker to gain privileged execution (Signature or SignatureOrSystem) via a crafted app. The issue affects Android 4.x up to 4.4.3/4.4.4, 5...

Android IMemory Native Interface Elevation of Privilege Vulnerability

Android is a Linux-based open source operating system developed by Google and the Open Handheld Alliance OHA, and the IMemory Native Interface is a memory-sharing interface that uses Ashmem Anonymous Shared Memory Driver. A boost vulnerability exists in Android's IMemory Native Interface. A local...

[SECURITY] Fedora 20 Update: xerces-j2-2.11.0-17.fc20

Welcome to the future! Xerces2 is the next generation of high performance, fully compliant XML parsers in the Apache Xerces family. This new version of Xerces introduces the Xerces Native Interface XNI, a complete framework f or building parser components and configurations that is extremely...