The vulnerability of the Android operating system, allowing a hacker to execute arbitrary code

The vulnerability of the Qualcomm Android operating system’s audio driver is related to deficiencies in access control. Exploiting this vulnerability allows a remote attacker to execute arbitrary malicious code within the kernel context. This issue is considered “high” because it requires...

The vulnerability of the Android operating system, allowing a hacker to execute arbitrary code

The vulnerability of the Qualcomm Android operating system’s audio driver is related to deficiencies in access control. Exploiting this vulnerability allows a remote attacker to execute arbitrary malicious code within the kernel context. This issue is considered “high” because it requires...

The vulnerability of the Android operating system, allowing a hacker to execute arbitrary code

The vulnerability of MediaTek’s system interrupt driver for the Android operating system is related to deficiencies in access control. Exploiting this vulnerability allows a remote attacker to execute arbitrary malicious code within the kernel context. This issue is considered “high” because it...

httpd: DoS vulnerability in mod_auth_digest

It was discovered that the modauthdigest module of httpd did not properly check for memory allocation failures. A remote attacker could use this flaw to cause httpd child processes to repeatedly crash if the server used HTTP digest authentication...

Samba remote code execution vulnerability(CVE-2017-7494)analysis-vulnerability warning-the black bar safety net

Author: cyg07 && redrain Overview 2017 5 May 24, Samba released a 4. 6. 4 version, in the middle fix a serious remote code execution vulnerability, the vulnerability number CVE-2017-7494, the vulnerability affects Samba 3.5.0 and including 4. 6. 4/4. 5. 10/4. 4. 14 the intermediate version. 360...

The vulnerability of Synaptics’ sensor screen driver in the Android operating system allows a hacker to execute arbitrary code.

The vulnerability of Synaptics’ touchscreen display driver in the Android operating system is related to deficiencies in access control. Exploiting this vulnerability allows a remote attacker to execute arbitrary malicious applications on the touchscreen chipset. This issue is considered “highly...

The vulnerability of the Qualcomm Wi-Fi driver for the Android operating system allows a hacker to execute arbitrary code.

The vulnerability of Qualcomm Wi-Fi driver in the Android operating system is related to deficiencies in access control. Exploiting this vulnerability allows a remote attacker to execute arbitrary malicious code within the kernel context. This issue is considered “high” because it requires...

The vulnerability of the audio driver of Qualcomm’s Android operating system allows a hacker to execute arbitrary code.

The vulnerability of the Qualcomm Android operating system’s audio driver is related to deficiencies in access control. Exploiting this vulnerability allows a remote attacker to execute arbitrary malicious code within the kernel context. This issue is considered “high” because it requires...

The vulnerability of the Qualcomm Wi-Fi driver for the Android operating system allows a hacker to execute arbitrary code.

The vulnerability of Qualcomm Wi-Fi driver in the Android operating system is related to deficiencies in access control. Exploiting this vulnerability allows a remote attacker to execute arbitrary malicious code within the kernel context. This issue is considered “high” because it requires...

Heroku Dynos Explained

What are Heroku Dynos? If youve ever hosted an application on Heroku, the popular platform as a service, youre likely at least aware of the existence of "Dynos". But what exactly are Heroku Dynos and why are they important? As explained in Herokus docs, Dynos are simply lightweight Linux containe...

Microsoft Windows 7 Kernel - Uninitialized Memory in the Default dacl Descriptor of System Processes

Exploit for windows platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1145 We have observed on Windows 7 32-bit that for unclear reasons, the kernel-mode structure containing the default DACL of system processes' tokens lsass.exe, services.exe,...

Microsoft Windows 7 Kernel - Uninitialized Memory in the Default dacl Descriptor of System Processes Token

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1145 We have observed on Windows 7 32-bit that for unclear reasons, the kernel-mode structure containing the default DACL of system processes' tokens lsass.exe, services.exe, ... has 8 uninitialized bytes at the end, as the size ...

Microsoft Windows 7 Kernel - Uninitialized Memory in the Default dacl Descriptor of System Processes Token

Microsoft Windows 7 Kernel - Uninitialized Memory in the Default dacl Descriptor of System Processes Token / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1145 We have observed on Windows 7 32-bit that for unclear reasons, the kernel-mode structure containing the default DACL ...

[SECURITY] Fedora 24 Update: qemu-2.6.2-8.fc24

QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: Full system emulation. In this mode, QEMU emulates a full system for example a PC, including a processor and various peripherials. It can be used ...

EulerOS 2.0 SP1 : util-linux (EulerOS-SA-2017-1083)

According to the version of the util-linux packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill...

EulerOS 2.0 SP2 : util-linux (EulerOS-SA-2017-1084)

According to the version of the util-linux packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill...

Amazon Linux AMI : util-linux (ALAS-2017-823)

Sending SIGKILL to other processes with root privileges via su : A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions.CVE-2017-2616 C Tenable...

Medium: util-linux

Issue Overview: Sending SIGKILL to other processes with root privileges via su: A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions.CVE-2017-26...

Linksys Smart Wi-Fi Routers Authentication Bypass Vulnerability

Linksys Smart Wi-Fi Routers are smart Wi-Fi routers. An authentication bypass vulnerability exists in Linksys Smart Wi-Fi Routers. An attacker can bypass CGI scripts to collect sensitive information such as firmware version, Linux kernel version, runtime process list, connected USB devices, and P...

Microsoft Windows 10 - Runtime Broker ClipboardBroker Privilege Escalation

Microsoft Windows 10 - Runtime Broker ClipboardBroker Privilege Escalation Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1079 Windows: Runtime Broker ClipboardBroker EoP Platform: Windows 10 10586/14393 not tested 8.1 Update 2 Class: Elevation of Privilege Summary: The Runtime...