6346 matches found
CVE-2017-0399
An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in the Qualcomm audio post processor could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitiv...
Information disclosure
An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in the Qualcomm audio post processor could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitiv...
Information disclosure
An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in the Qualcomm audio post processor could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitiv...
CVE-2017-0399
An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in the Qualcomm audio post processor could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitiv...
CVE-2017-0399
CVE-2017-0399 describes an information-disclosure vulnerability in the Qualcomm audio post processor path: libeffects at lvm/wrapper/Bundle/EffectBundle.cpp. It could allow a local malicious Android app to access data outside its permission level. Affected Android versions are 5.0.2, 5.1.1, 6.0, ...
CVE-2017-0401
An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in the Qualcomm audio post processor could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitiv...
CVE-2017-0401
CVE-2017-0401 is an information-disclosure vulnerability in the Qualcomm audio post-processor path (lvm/wrapper/Bundle/EffectBundle.cpp in libeffects). A locally running malicious application could access data outside its permissions on Android versions 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, and 7.1.1. T...
PXE client computers freeze during multithread network transfers in Windows Server 2012 R2
PXE client computers freeze during multithread network transfers in Windows Server 2012 R2 Symptoms When you deploy Windows Server 2012 R2 through Windows Deployment Services WDS Pre-Boot Execution Environment PXE, the server CPU usage spikes to 100%. In this situation, client computers may freez...
Fixed in Apache Tomcat 6.0.50
Note: The issue below was fixed in Apache Tomcat 6.0.49 but the release vote for the 6.0.49 release candidate did not pass. Therefore, although users must download 6.0.50 to obtain a version that includes the fix for this issue, version 6.0.49 is not included in the list of affected versions...
MGASA-2016-0428 Updated game-music-emu packages fix security vulnerabilities
Chris Evans discovered that incorrect emulation of the SPC700 audio co-processor of the Super Nintendo Entertainment System allows the execution of arbitrary code if a malformed SPC music file is opened CVE-2016-9957, CVE-2016-9958, CVE-2016-9959, CVE-2016-9960, CVE-2016-9961...
Updated game-music-emu packages fix security vulnerabilities
Chris Evans discovered that incorrect emulation of the SPC700 audio co-processor of the Super Nintendo Entertainment System allows the execution of arbitrary code if a malformed SPC music file is opened CVE-2016-9957, CVE-2016-9958, CVE-2016-9959, CVE-2016-9960, CVE-2016-9961...
DSA-3735-1 game-music-emu - security update
Bulletin has no description...
Fixed in Apache Tomcat 9.0.0.M15
Note: The issue below was fixed in Apache Tomcat 9.0.0.M14 but the release vote for the 9.0.0.M14 release candidate did not pass. Therefore, although users must download 9.0.0.M15 to obtain a version that includes the fix for this issue, version 9.0.0.M14 is not included in the list of affected...
HS-110 Smart Plug Account Takeover / Insecure Design
Content Table 1. Introduction 2. The Firmware 3. The Android Application 4. The Problems 5. Conclusion 6. Appendix 6.1. Excursion Dalvik 6.2 Control script 1. Introduction The HS-110 is a Smart Plug meaning it is capable of being controlled with commands via a network. TP-Link released a mobile...
Microsoft Windows Kernel - win32k.sys NtSetWindowLongPtr Local Privilege Escalation (MS16-135) (1)
Microsoft Windows Kernel - win32k.sys NtSetWindowLongPtr Local Privilege Escalation MS16-135 1 Complete Proof of Concept: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/40823.zip Presentation:...
Microsoft Windows Kernel - 'win32k.sys NtSetWindowLongPtr' Local Privilege Escalation (MS16-135) (1)
Complete Proof of Concept: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/40823.zip Presentation: https://www.exploit-db.com/docs/english/40822-i-know-where-your-page-lives---de-randomizing-the-latest-windows-10-kernel.pdf I Know Where Your Page Lives:...
Microsoft Windows Kernel win32k.sys - 'NtSetWindowLongPtr' Privilege Escalation (MS16-13
Exploit for windows platform in category local exploits Complete Proof of Concept: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40823.zip I Know Where Your Page Lives: Derandomizing the latest Windows 10 Kernel - ZeroNights 2016 Requirements Intel Processo...
InPage Zero Day Used in Attacks Against Banks
A zero-day vulnerability in InPage publishing software used primarily in Urdu, Pashto and Arabic-speaking nations has been publicly exploited in attacks against financial institutions and government agencies in the region. While there are more than 10 million InPage users in Pakistan and India...
CVE-2016-8562
A vulnerability has been identified in SIMATIC CP 1543-1 All versions V2.0.28, SIPLUS NET CP 1543-1 All versions V2.0.28. Under special conditions it was possible to write SNMP variables on port 161/udp which should be read-only and should only be configured with TIA-Portal. A write to these...
UBUNTU-CVE-2015-8963
Race condition in kernel/events/core.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service use-after-free by leveraging incorrect handling of an swevent data structure during a CPU unplug operation...