Page 23 of 213 results (0.054 seconds)

CVSS: 10.0EPSS: 65%CPEs: 1EXPL: 4

A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse 2.20.15.1104 that is forwarded to ZwOpenProcess allowing a handle to be opened to an arbitrary process. • https://www.exploit-db.com/exploits/42368 https://github.com/kkent030315/CVE-2017-9769 http://www.rapid7.com/db/modules/exploit/windows/local/razer_zwopenprocess https://warroom.securestate.com/cve-2017-9769 •

CVSS: 7.3EPSS: 0%CPEs: 38EXPL: 1

IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) is vulnerable to a stack-based buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code. ... IBM DB2 para Linux, Unix y Windows 9.2, 10.1, 10.5 y 11.1 (incluido DB2 Connect Server) es vulnerable a un buffer overflow basado en pila --stack-- causado por una inapropiada verificación de límites lo que podría permitir a un atacante local ejecutar código aleatorio. • https://www.exploit-db.com/exploits/42260 http://www.ibm.com/support/docview.wss?uid=swg22004878 http://www.securityfocus.com/bid/99271 http://www.securitytracker.com/id/1038772 https://exchange.xforce.ibmcloud.com/vulnerabilities/125159 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.8EPSS: 1%CPEs: 3EXPL: 1

VMware Workstation Pro/Player contains a NULL pointer dereference vulnerability that exists in the vstor2 driver. Successful exploitation of this issue may allow host users with normal user privileges to trigger a denial-of-service in a Windows host machine. ... La explotación con éxito de este problema puede permitir a los usuarios del host con privilegios de usuario normal desencadenar una denegación de servicio en una máquina host de Windows. VMware Workstation version 12 Pro suffers from a null pointer dereference in the vstor2 driver. • https://www.exploit-db.com/exploits/42140 http://www.securityfocus.com/bid/98560 http://www.securitytracker.com/id/1038526 https://www.vmware.com/security/advisories/VMSA-2017-0009.html • CWE-476: NULL Pointer Dereference •

CVSS: 7.8EPSS: 56%CPEs: 12EXPL: 3

The kernel-mode drivers in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." Los controladores del modo kernel en Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows versión 8.1, Windows Server 2012 versión Gold y R2, Windows RT versión 8.1, Windows 10 versión Gold, 1511, 1607, 1703 y Windows Server 2016 de Microsoft, permiten a los usuarios locales alcanzar privilegios por medio de una aplicación diseñada, también se conoce como "Win32k Elevation of Privilege Vulnerability" Microsoft Win32k contains a privilege escalation vulnerability due to the Windows kernel-mode driver failing to properly handle objects in memory. • https://www.exploit-db.com/exploits/44478 https://github.com/R06otMD5/cve-2017-0263-poc http://www.securityfocus.com/bid/98258 http://www.securitytracker.com/id/1038449 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0263 https://xiaodaozhi.com/exploit/117.html • CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 1

An example affected driver is Realtek Audio Driver 6.0.1.7898 on a Lenovo P50. ... Un ejemplo de controlador afectado es el Realtek Audio Driver 6.0.1.7898 en un Lenovo P50. • https://www.exploit-db.com/exploits/41933 https://bugs.chromium.org/p/project-zero/issues/detail?id=1075 • CWE-502: Deserialization of Untrusted Data •