CVE-2021-0360

In netdiag, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch ID: ALPS054420...

EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1512)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In the Linux kernel through 4.14.13, the rdsmessageallocsgs function does not validate a value that is used during DMA page...

The vulnerability of the REST API interface of the FortiOS operating system allows a perpetrator with the “read-only” privilege to disclose administrator passwords with the “read-write” privilege.

The vulnerability of the REST API interface of the FortiOS operating system is caused by access control errors. Exploiting this vulnerability allows a malicious actor, who operates remotely and has privileges for “only reading”, to obtain information about administrator passwords with privileges...

Apache Geode server remote code execution vulnerability

Apache Geode server is the Apache Software Foundation's platform for providing real-time and consistent access to data for data-intensive applications in distributed cloud architectures. A security vulnerability exists in Apache Geode server versions 1.0.0 through 1.4.0. A remote attacker with th...

CVE-2017-8108

Unspecified tests in Lynis before 2.5.0 allow local users to write to arbitrary files or possibly gain privileges via a symlink attack on a temporary file...

VBox Satellite Express Arbitrary Write Privilege Escalation

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 KL-001-2015-005 : VBox Satellite Express Arbitrary Write Privilege Escalation Title: VBox Satellite Express Arbitrary Write Privilege Escalation Advisory ID: KL-001-2015-005 Publication Date: 2015.09.16 Publication URL:...

AVG Internet Security 2015 Arbitrary Write Privilege Escalation Exploit

Exploit for windows platform in category local exploits / Exploit Title - AVG Internet Security 2015 Arbitrary Write Privilege Escalation Date - 04th February 2015 Discovered by - Parvez Anwar @parvezghh Vendor Homepage - http://www.avg.com/ Tested Version - 2015.0.5315 Driver Version - 15.0.0.52...

AVG Internet Security 2015.0.5315 - Arbitrary Write Privilege Escalation

/ Exploit Title - AVG Internet Security 2015 Arbitrary Write Privilege Escalation Date - 04th February 2015 Discovered by - Parvez Anwar @parvezghh Vendor Homepage - http://www.avg.com/ Tested Version - 2015.0.5315 Driver Version - 15.0.0.5204 - avgtdix.sys Tested on OS - 32bit Windows XP SP3...

BullGuard (Multiple Products) - Arbitrary Write Privilege Escalation

/ Exploit Title - BullGuard Multiple Products Arbitrary Write Privilege Escalation Date - 04th February 2015 Discovered by - Parvez Anwar @parvezghh Vendor Homepage - http://www.bullguard.com/ Tested Version - 14.1.285.4 Driver Version - 1.0.0.6 - BdAgent.sys Tested on OS - 32bit Windows XP SP3...

Symantec Altiris Agent 6.9 (Build 648) - Local Privilege Escalation

Symantec Altiris Agent 6.9 Build 648 - Local Privilege Escalation / Exploit Title - Symantec Altiris Agent Arbitrary Write Privilege Escalation Date - 01st February 2015 Discovered by - Parvez Anwar @parvezghh Vendor Homepage - http://www.symantec.com Tested Version - 6.9 Build 648 Driver Version...

MQAC.sys Arbitrary Write Privilege Escalation

A vulnerability within the MQAC.sys module allows an attacker to overwrite an arbitrary location in kernel memory. This module will elevate itself to SYSTEM, then inject the payload into another SYSTEM process. This module requires Metasploit: https://metasploit.com/download Current source:...

Solaris <= 7.0 chkperm Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/295/info Solaris 2.4, 2.5, and 2.5.1 possibly other versions have a package called FACE Framed Access Command Environment installed. Included in the package is a program called chkperm which checks a file to see if the us...

CVE-2013-4401

The virConnectDomainXMLToNative API function in libvirt 1.1.0 through 1.1.3 checks for the connect:read permission instead of the connect:write permission, which allows attackers to gain domain:write privileges and execute Qemu binaries via crafted XML. NOTE: some of these details are obtained fr...

CVE-2012-3495

The physdevgetfreepirq hypercall in arch/x86/physdev.c in Xen 4.1.x and Citrix XenServer 6.0.2 and earlier uses the return value of the getfreepirq function as an array index without checking that the return value indicates an error, which allows guest OS users to cause a denial of service invali...

CVE-2008-3298

SocialEngine (SE) prior to 2.83 is affected. The vulnerability arises from write privileges for templates, enabling remote authenticated administrators to execute arbitrary PHP code. There is no remediation detail provided in the supplied documents. Impact is limited to code execution by privileg...

i965 DRM allows insecure packets

The drm/i915 component in the Linux kernel before 2.6.22.2, when used with i965G and later chipsets, allows local users with access to an X11 session and Direct Rendering Manager DRM to write to arbitrary memory locations and gain privileges via a crafted batchbuffer...

Solaris 7.0 - &#039;chkperm&#039; Local Privilege Escalation

source: https://www.securityfocus.com/bid/295/info Solaris 2.4, 2.5, and 2.5.1 possibly other versions have a package called FACE Framed Access Command Environment installed. Included in the package is a program called chkperm which checks a file to see if the user has permission to use the FACE...