Lucene search
K

1339 matches found

OSV
OSV
added 2018/04/03 6:29 a.m.4 views

CVE-2018-4156

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "PluginKit" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app...

7CVSS7.6AI score0.01154EPSS
Exploits0References5
OSV
OSV
added 2018/04/03 6:29 a.m.1 views

CVE-2018-4167

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "File System Events" component. A race condition allows attackers to execute arbitrary code in a...

7CVSS7.6AI score0.01154EPSS
Exploits0References6
OSV
OSV
added 2018/04/03 6:29 a.m.3 views

CVE-2018-4136

An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service out-of-bounds read via a crafted app...

7.8CVSS7.6AI score
Exploits0References3
OSV
OSV
added 2018/04/03 6:29 a.m.2 views

CVE-2018-4143

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause...

7.8CVSS7.6AI score0.01454EPSS
Exploits0References6
OSV
OSV
added 2018/04/03 6:29 a.m.2 views

CVE-2018-4151

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "iCloud Drive" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app...

7CVSS7.6AI score0.01144EPSS
Exploits0References5
OSV
OSV
added 2018/04/03 6:29 a.m.3 views

CVE-2018-4139

An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "kext tools" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service memory corruption via a crafted app...

7.8CVSS7.6AI score0.04436EPSS
Exploits4References4
OSV
OSV
added 2018/04/03 6:29 a.m.2 views

CVE-2018-4132

An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service memory corruption via a crafted app...

7.8CVSS6.1AI score0.01335EPSS
Exploits0References3
OSV
OSV
added 2018/04/03 6:29 a.m.2 views

CVE-2018-4098

An issue was discovered in certain Apple products. macOS before 10.13.3 is affected. The issue involves the "IOHIDFamily" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service memory corruption via a crafted app...

7.8CVSS7.6AI score0.01335EPSS
Exploits0References3
OSV
OSV
added 2018/04/03 6:29 a.m.2 views

CVE-2017-13827

An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "kext tools" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app that performs kext loading...

7.8CVSS6.1AI score0.01186EPSS
Exploits0References1
OSV
OSV
added 2018/03/30 8:29 a.m.3 views

CVE-2018-9143

On Samsung mobile devices with M6.0 and N7.x software, a heap overflow in the sensorhub binder service leads to code execution in a privileged process, aka SVE-2017-10991...

9.8CVSS6.1AI score0.02365EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2018/03/19 12:0 a.m.29 views

Microsoft Windows Palette Object Race Condition Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32k.sys...

7.2CVSS4AI score0.01352EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2018/03/19 12:0 a.m.34 views

Microsoft Windows Palette Object Race Condition Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32k.sys...

7.2CVSS5AI score0.01352EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2018/01/18 12:0 a.m.6 views

The vulnerability of the Remote Management component of the Mac OS X operating system allows a hacker to trigger a maintenance failure or execute arbitrary code in a privileged context.

The vulnerability of the Remote Management component of the Mac OS X operating system arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in privileged context, or trigger a service failure...

9.3CVSS8.4AI score0.01162EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2018/01/08 12:0 a.m.64 views

Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2018-002)

According to the versions of the parallels-server-bm-release / vzkernel / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the...

5.6CVSS7.3AI score0.93838EPSS
Exploits12References5
RedHat Linux
RedHat Linux
added 2018/01/04 5:49 a.m.3 views

hw: cpu: speculative execution branch target injection

An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions a commonly used performance optimization. There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant...

5.6CVSS6.6AI score0.74041EPSS
Exploits8References8
OSV
OSV
added 2017/12/27 5:8 p.m.1 views

CVE-2017-7155

An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service memory corruption via a crafted app...

7.8CVSS7.4AI score
Exploits0References1
OSV
OSV
added 2017/12/27 5:8 p.m.2 views

CVE-2017-7163

An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service memory corruption via a crafted app...

7.8CVSS6.1AI score0.01211EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2017/12/25 12:0 a.m.7 views

PT-2017-13147

Name of the Vulnerable Software and Affected Versions iOS versions prior to 11.2 macOS versions prior to 10.13.2 Description The issue involves the IOKit component and allows attackers to execute arbitrary code in a privileged context or cause a denial of service memory corruption via a crafted...

9.3CVSS6.2AI score0.05028EPSS
Exploits2References9
Zero Day Initiative
Zero Day Initiative
added 2017/11/20 12:0 a.m.29 views

ThinPrint TPView JPEG2000 Parsing Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of ThinPrint. An attacker must first obtain the ability to execute low-privileged code on the guest system in order to exploit this vulnerability. The specific flaw exists within JPEG2000 parsing. The...

6.2CVSS2.2AI score0.00393EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2017/11/20 12:0 a.m.38 views

Microsoft Windows EngLockSurface Time-Of-Check Time-Of-Use Race Condition Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

5.4CVSS4.7AI score0.02091EPSS
Exploits0References1
Rows per page
Query Builder