Code injection

An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the shared memory without any specific permissions to trigger this vulnerability...

CVE-2019-5068

An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the shared memory without any specific permissions to trigger this vulnerability...

CVE-2019-5068

An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the shared memory without any specific permissions to trigger this vulnerability...

CVE-2019-5068

CVE-2019-5068 affects X11 Mesa 3D Graphics Library, specifically version 19.1.2, with an exploitable shared memory permissions vulnerability that allows an attacker to access shared memory locally. The issue is addressed in vendor advisories (e.g., SUSE-SU-2021:3117-1) and OSV entries indicating ...

X11 Mesa 3D Graphics Library Shared Memory Privilege Vulnerability

X11 Mesa 3D Graphics Library is a 3D graphics library. A shared memory privilege vulnerability exists in X11 Mesa 3D Graphics Library, which can be exploited by an attacker to access shared memory...

X11 Mesa 3D Graphics Library shared memory permissions vulnerability

Summary An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library. An attacker can access the shared memory without any specific permissions to trigger this vulnerability. Tested Versions Mesa 3D X11 Graphics library 19.1.2 Product URLs...

Kernel: page cache side channel attacks

A new software page cache side channel attack scenario was discovered in operating systems that implement the very common 'page cache' caching mechanism. A malicious user/process could use 'in memory' page-cache knowledge to infer access timings to shared memory and gain knowledge which can be us...

Security Bulletin: IBM MQ and IBM MQ Appliance Shared memory leak caused by MQ applications using dynamic queues. (CVE-2017-1283)

Summary Shared memory leak caused by MQ applications using dynamic queues. Vulnerability Details CVEID: CVE-2017-1283 DESCRIPTION: IBM WebSphere MQ could allow an authenticated user to cause a shared memory leak by MQ applications using dynamic queues, which can lead to lack of resources for othe...

Buffer Overflow Vulnerability in Multiple Qualcomm Products (CNVD-2019-27321)

Qualcomm MDM9607 and others are products of Qualcomm Incorporated.MDM9607 is a central processing unit CPU product.MDM9650 is a central processing unit CPU product.SDX20 is a modem. A buffer overflow vulnerability exists in Video Firmware in multiple Qualcomm products, which originates when a...

CVE-2019-2279

Shared memory gets updated with invalid data and may lead to access beyond the allocated memory. in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9607, MDM9650, MSM8909...

Code injection

Shared memory gets updated with invalid data and may lead to access beyond the allocated memory. in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9607, MDM9650, MSM8909...

CVE-2019-2279

Shared memory gets updated with invalid data and may lead to access beyond the allocated memory. in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9607, MDM9650, MSM8909...

CVE-2019-3972

Comodo Antivirus versions 12.0.0.6810 and below are vulnerable to Denial of Service affecting CmdAgent.exe via an unprotected section object "CisSharedMemBuff". This section object is exposed by CmdAgent and contains a SharedMemoryDictionary object, which allows a low privileged process to modify...

The vulnerability in the XNU kernel of iOS, Mac OS, and TV OS allows attackers to perform unauthorized changes to the memory shared among processes.

The vulnerability of the XNU-based operating systems such as iOS, Mac OS, and TV OS is related to errors in the memory initialization mechanism. Exploiting this vulnerability allows an attacker to perform unauthorized changes to the memory shared among processes, using specially crafted executabl...

CVE-2019-12042

Insecure permissions of the section object Global\PandaDevicesAgentSharedMemory and the event Global\PandaDevicesAgentSharedMemoryChange in Panda products before 18.07.03 allow attackers to queue an event as an encrypted JSON string to the system service AgentSvc.exe, which leads to privilege...

Man-in-the-Middle (MitM)

The Network Time Protocol NTP is used to synchronize a computer's time with another referenced time source. It was found that because NTP's access control was based on a source IP address, an attacker could bypass source IP restrictions and send malicious control and configuration packets by...

Insufficient Entropy In Key Generation Algorithm

The Network Time Protocol NTP is used to synchronize a computer's time with another referenced time source. It was found that because NTP's access control was based on a source IP address, an attacker could bypass source IP restrictions and send malicious control and configuration packets by...

Memory Corruption Vulnerability in SKWorkshop

SKWorkshop is a configuration software produced by Shenzhen Xianzhong Technology Co. SKWorkshop suffers from a memory corruption vulnerability when processing shm project files, which can be exploited by attackers to gain control of a user's system or crash the program...

CARPE (DIEM) Apache 2.4.x Local Privilege Escalation

?php CARPE DIEM: CVE-2019-0211 Apache Root Privilege Escalation Charles Fol @cfreal 2019-04-08 INFOS https://cfreal.github.io/carpe-diem-cve-2019-0211-apache-local-root.html USAGE 1. Upload exploit to Apache HTTP server 2. Send request to page 3. Await 6:25AM for logrotate to restart Apache 4...

Splitting atoms in XNU

Posted by Ian Beer, Google Project Zero TL;DR A locking bug in the XNU virtual memory subsystem allowed violation of the preconditions required for the correctness of an optimized virtual memory operation. This was abused to create shared memory where it wasn't expected, allowing the creation of ...