Lucene search
K

1580 matches found

RedHat Linux
RedHat Linux
added 2017/08/01 2:13 p.m.162 views

kernel: Double free in the inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c

The inetcskclonelock function in net/ipv4/inetconnectionsock.c in the Linux kernel allows attackers to cause a denial of service double free or possibly have unspecified other impact by leveraging use of the accept system call. An unprivileged local user could use this flaw to induce kernel memor...

7.8CVSS6.8AI score0.01372EPSS
Exploits5References4
CNVD
CNVD
added 2017/07/27 12:0 a.m.9 views

Google Android syscall handler buffer overflow vulnerability

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. syscall handler is one of the system call handlers. A buffer overflow vulnerability exists in the syscall handler in Android. An attacker can exploit this vulnerability to perform...

9.3CVSS7.2AI score0.00625EPSS
Exploits0References1
exploitpack
exploitpack
added 2017/06/28 12:0 a.m.82 views

Linux Kernel (Debian 910 Ubuntu 14.04.516.04.217.04 Fedora 232425) - ldso_dynamic Stack Clash Local Privilege Escalation

Linux Kernel Debian 910 Ubuntu 14.04.516.04.217.04 Fedora 232425 - ldsodynamic Stack Clash Local Privilege Escalation / Linuxldsodynamic.c for CVE-2017-1000366, CVE-2017-1000371 Copyright C 2017 Qualys, Inc. This program is free software: you can redistribute it and/or modify it under the terms o...

7.2CVSS0.7AI score0.02733EPSS
Exploits17
0day.today
0day.today
added 2017/06/26 12:0 a.m.19 views

Linux/x86 - Bind Shell Shellcode (75 bytes)

/ Architecture : x86 OS : Linux Author : wetw0rk ID : SLAE-958 Shellcode Size : 75 bytes Bind Port : 4444 Description : A linux/x86 bind shell via /bin/sh. Created by analysing msfvenom; original payload was 78 bytes and contained 1 NULL. My shellcode is 75 and contains 0 NULLS ;. Original...

7.4AI score
Exploits0
UbuntuCve
UbuntuCve
added 2017/06/23 12:0 a.m.40 views

CVE-2017-7518

A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flagTF bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exceptionDB being raised in the guest stack. A user/process inside a guest could use this flaw to...

7.8CVSS6.7AI score0.00698EPSS
Exploits0References7
OSV
OSV
added 2017/06/23 12:0 a.m.3 views

UBUNTU-CVE-2017-7518

A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flagTF bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exceptionDB being raised in the guest stack. A user/process inside a guest could use this flaw to...

7.8CVSS6.6AI score0.00698EPSS
Exploits0References8
Exploit DB
Exploit DB
added 2017/06/20 12:0 a.m.28 views

Linux/x86 - Reverse UDP Shellcode (668 bytes)

Linux/x86 - Reverse UDP Shellcode 668 bytes. Shellcode exploit for Linx86 platform ; SLAE-X ; thanks to writesup from previou students : ; assignment: 2. create a reverse shell ; originality: using UDP instead TCP ; usage : sudo ncat -lup 53 on the receiving end ; warning, this shellcode might...

7.4AI score
Exploits0
NVD
NVD
added 2017/06/13 8:29 p.m.17 views

CVE-2016-10342

In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a syscall handler...

9.3CVSS7.6AI score0.00625EPSS
Exploits0References3
Prion
Prion
added 2017/06/13 8:29 p.m.18 views

Buffer overflow

In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a syscall handler...

9.3CVSS7.6AI score0.00625EPSS
Exploits0References3
Prion
Prion
added 2017/06/13 8:29 p.m.18 views

Integer overflow

In all Android releases from CAF using the Linux kernel, an integer underflow leading to buffer overflow vulnerability exists in a syscall handler...

9.3CVSS7.5AI score0.00625EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/06/13 8:0 p.m.31 views

CVE-2016-10340

In all Android releases from CAF using the Linux kernel, an integer underflow leading to buffer overflow vulnerability exists in a syscall handler...

7.8AI score0.00625EPSS
Exploits0References3
CVE
CVE
added 2017/06/13 8:0 p.m.55 views

CVE-2016-10342

CVE-2016-10342 is a buffer overflow in an Android CAF Linux kernel syscall handler. Attack requires local access and user interaction, with potential for high impact (admin privileges) per CVSS data. Affected: Android CAF builds using the Linux kernel; exploit details are not provided in the link...

9.3CVSS7.7AI score0.00625EPSS
Exploits0References3Affected Software1
Exploit DB
Exploit DB
added 2017/06/05 12:0 a.m.61 views

Linux/x86-64 - /bin/sh Shellcode (31 bytes)

Linux/x86-64 - /bin/sh Shellcode 31 bytes. Shellcode exploit for Linx86-64 platform / ;Title: Linux/x86-64 - /bin/sh Shellcode ;Author: Touhid M.Shaikh ;Contact: https://github.com/touhidshaikh ;Category: Shellcode ;Architecture: Linux x8664 ;Description: This shellcode baased on "JMP CALL POP"...

7.4AI score
Exploits0
android
android
added 2017/06/01 12:0 a.m.40 views

CVE-2016-10340

In all Android releases from CAF using the Linux kernel, an integer underflow leading to buffer overflow vulnerability exists in a syscall handler...

9.3CVSS6AI score0.00625EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2017/05/31 12:0 a.m.28 views

OracleVM 3.3 / 3.4 : sudo (OVMSA-2017-0110)

The remote OracleVM system is missing necessary patches to address critical security updates : - Fixes CVE-2017-1000367 Resolves: rhbz1455399 - Update noexec syscall blacklist - Fixes CVE-2016-7032, CVE-2016-7076 Resolves: rhbz1391938 - RHEL-6.9 erratum - Fix race condition when creating...

7.8CVSS7.3AI score0.08018EPSS
Exploits8References5
seebug.org
seebug.org
added 2017/05/27 12:0 a.m.52 views

Apple MacOS 32-Bit Syscall Exit Kernel Register Leak(CVE-2017-2509)

The XNU kernel, when compiled for a x86-64 CPU, can run 32-bit x86 binaries in compatibility mode. 32-bit binaries use partly separate syscall entry and exit paths. To return to userspace, unixsyscall in bsd/dev/i386/systemcalls.c calls threadexceptionreturn in osfmk/x8664/locore.s, which in turn...

4.3CVSS7.7AI score0.02321EPSS
Exploits2
0day.today
0day.today
added 2017/05/23 12:0 a.m.54 views

Apple macOS - 32-bit syscall exit Kernel Register Leak Exploit

Exploit for macOS platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1149 The XNU kernel, when compiled for a x86-64 CPU, can run 32-bit x86 binaries in compatibility mode. 32-bit binaries use partly separate syscall entry and exit paths. To return to...

4.3CVSS7.7AI score0.02321EPSS
Exploits2
Exploit DB
Exploit DB
added 2017/05/22 12:0 a.m.28 views

Apple macOS - '32-bit syscall exit' Kernel Register Leak

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1149 The XNU kernel, when compiled for a x86-64 CPU, can run 32-bit x86 binaries in compatibility mode. 32-bit binaries use partly separate syscall entry and exit paths. To return to userspace, unixsyscall in...

7AI score
Exploits0
exploitpack
exploitpack
added 2017/05/22 12:0 a.m.16 views

Apple macOS - 32-bit syscall exit Kernel Register Leak

Apple macOS - 32-bit syscall exit Kernel Register Leak Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1149 The XNU kernel, when compiled for a x86-64 CPU, can run 32-bit x86 binaries in compatibility mode. 32-bit binaries use partly separate syscall entry and exit paths. To...

Exploits0
0day.today
0day.today
added 2017/04/06 12:0 a.m.18 views

Windows 10 x64 - Egghunter Shellcode (45 bytes)

PUBLIC Win10egghunterx64 .code Win10egghunterx64 PROC start: push 7fh pop rdi ; RDI is nonvolatile, so it will be preserved after syscalls setup: inc rdi ; parameter 1 - lpAddress - counter mov r9b,40h ; parameter 3 - flNewProtect - 0x40 PAGEEXECUTEREADWRITE pop rsi ; Stack alignment before the...

7.1AI score
Exploits0
Rows per page
Query Builder