1351 matches found
CVE-2019-2279
Shared memory gets updated with invalid data and may lead to access beyond the allocated memory. in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9607, MDM9650, MSM8909...
Code injection
Shared memory gets updated with invalid data and may lead to access beyond the allocated memory. in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9607, MDM9650, MSM8909...
CVE-2019-2279
Shared memory gets updated with invalid data and may lead to access beyond the allocated memory. in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9607, MDM9650, MSM8909...
CVE-2019-3972
Comodo Antivirus versions 12.0.0.6810 and below are vulnerable to Denial of Service affecting CmdAgent.exe via an unprotected section object "CisSharedMemBuff". This section object is exposed by CmdAgent and contains a SharedMemoryDictionary object, which allows a low privileged process to modify...
The vulnerability in the XNU kernel of iOS, Mac OS, and TV OS allows attackers to perform unauthorized changes to the memory shared among processes.
The vulnerability of the XNU-based operating systems such as iOS, Mac OS, and TV OS is related to errors in the memory initialization mechanism. Exploiting this vulnerability allows an attacker to perform unauthorized changes to the memory shared among processes, using specially crafted executabl...
CVE-2019-12042
Insecure permissions of the section object Global\PandaDevicesAgentSharedMemory and the event Global\PandaDevicesAgentSharedMemoryChange in Panda products before 18.07.03 allow attackers to queue an event as an encrypted JSON string to the system service AgentSvc.exe, which leads to privilege...
Man-in-the-Middle (MitM)
The Network Time Protocol NTP is used to synchronize a computer's time with another referenced time source. It was found that because NTP's access control was based on a source IP address, an attacker could bypass source IP restrictions and send malicious control and configuration packets by...
Insufficient Entropy In Key Generation Algorithm
The Network Time Protocol NTP is used to synchronize a computer's time with another referenced time source. It was found that because NTP's access control was based on a source IP address, an attacker could bypass source IP restrictions and send malicious control and configuration packets by...
Memory Corruption Vulnerability in SKWorkshop
SKWorkshop is a configuration software produced by Shenzhen Xianzhong Technology Co. SKWorkshop suffers from a memory corruption vulnerability when processing shm project files, which can be exploited by attackers to gain control of a user's system or crash the program...
CARPE (DIEM) Apache 2.4.x Local Privilege Escalation
?php CARPE DIEM: CVE-2019-0211 Apache Root Privilege Escalation Charles Fol @cfreal 2019-04-08 INFOS https://cfreal.github.io/carpe-diem-cve-2019-0211-apache-local-root.html USAGE 1. Upload exploit to Apache HTTP server 2. Send request to page 3. Await 6:25AM for logrotate to restart Apache 4...
Splitting atoms in XNU
Posted by Ian Beer, Google Project Zero TL;DR A locking bug in the XNU virtual memory subsystem allowed violation of the preconditions required for the correctness of an optimized virtual memory operation. This was abused to create shared memory where it wasn't expected, allowing the creation of ...
Android - binder Use-After-Free via racy Initialization of -allow_user_free
Android - binder Use-After-Free via racy Initialization of -allowuserfree The following bug report solely looks at the situation on the upstream master branch; while from a cursory look, at least the wahoo kernel also looks affected, I have only properly tested this on upstream master. The binder...
Android - binder Use-After-Free via racy Initialization of ->allow_user_free Exploit
Android - binder Use-After-Free via racy Initialization of -allowuserfree Exploit The following bug report solely looks at the situation on the upstream master branch; while from a cursory look, at least the wahoo kernel also looks affected, I have only properly tested this on upstream master. Th...
Android - binder Use-After-Free via racy Initialization of ->allow_user_free
The following bug report solely looks at the situation on the upstream master branch; while from a cursory look, at least the wahoo kernel also looks affected, I have only properly tested this on upstream master. The binder driver permits userspace to free buffers in the kernel-managed shared...
CVE-2019-6208
A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may cause unexpected changes in memory shared between processes...
Memory corruption
A memory corruption issue was addressed with improved lock state checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may cause unexpected changes in memory shared between processes...
CVE-2019-6205
A memory corruption issue was addressed with improved lock state checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may cause unexpected changes in memory shared between processes...
CVE-2019-6208
A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may cause unexpected changes in memory shared between processes...
Apple iOS, macOS and tvOS Kernel Memory Corruption Vulnerability
Apple iOS is an operating system developed for mobile devices; macOS Sierra, macOS High Sierra, and macOS Mojave are different versions of a specialized operating system developed for Mac computers; tvOS is a smart TV operating system. Kernel is one of the kernel components. A security...
Apple iOS, tvOS and macOS Kernel Memory Initialization Vulnerability
Apple iOS is an operating system developed for mobile devices; macOS Sierra, macOS High Sierra, and macOS Mojave are different versions of a specialized operating system developed for Mac computers; tvOS is a smart TV operating system. Kernel is one of the kernel components. A security...