vaginessa

2 exploits Active since Jul 2015

CVE-2020-0041 NOMISEC HIGH WORKING POC

Android - Local Privilege Escalation via Binder Transaction Bounds Check

In binder_transaction of binder.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-145988638References: Upstream kernel

5 stars

CVSS 7.8

View Code

CVE-2014-7912 NOMISEC WORKING POC

dhcpcd < 6.1.0 - Remote Code Execution via DHCPACK Option Length Mismatch

The get_option function in dhcp.c in dhcpcd before 6.2.0, as used in dhcpcd 5.x in Android before 5.1 and other products, does not validate the relationship between length fields and the amount of data, which allows remote DHCP servers to execute arbitrary code or cause a denial of service (memory corruption) via a large length value of an option in a DHCPACK message.

View Code