C Exploits
3,622 exploits tracked across all sources.
NVIDIA Graphics Drivers <10.11.5 - RCE/DoS
The nvCommandQueue::GetHandleIndex method in the NVIDIA Graphics Drivers subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference and memory corruption) via a crafted app.
by Google Security Research
CVSS 7.8
macOS < 10.11.5 - Remote Code Execution or Denial of Service via Crafted App
IOAudioFamily in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.
by Google Security Research
CVSS 7.8
macOS < 10.11.5 - Remote Code Execution via AppleGraphicsControlClient::checkArguments
The AppleGraphicsControlClient::checkArguments method in AppleGraphicsControl in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.
by Google Security Research
CVSS 7.8
Apple OS X < 10.11.5 - Remote Code Execution or Denial of Service via AppleGraphicsDeviceControlClient
AppleGraphicsDeviceControlClient in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.
by Google Security Research
CVSS 7.8
Apple iOS <9.3.2-OS X <10.11.5-tvOS <9.2.1-watchOS <2.2.1 - RCE/DoS
The IOAccelSharedUserClient2::page_off_resource method in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.
by Google Security Research
CVSS 7.8
Apple iOS <9.3.2, OS X <10.11.5, tvOS <9.2.1, watchOS <2.2.1 - RCE/DoS
CoreCapture in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.
by Google Security Research
CVSS 7.8
macOS < 10.11.5 - Remote Code Execution in NVIDIA Graphics Drivers
The NVIDIA Graphics Drivers subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1846.
by Google Security Research
CVSS 7.8
Apple <9.3.2, <10.11.5, <9.2.1, <2.2.1 - Info Disclosure
Race condition in the Disk Images subsystem in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows local users to obtain sensitive information from kernel memory via unspecified vectors.
by Google Security Research
CVSS 5.1
FreeBSD <10.1p34, <10.2p17, <10.3p3 - DoS
Integer signedness error in the sockargs function in sys/kern/uipc_syscalls.c in FreeBSD 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to cause a denial of service (memory overwrite and kernel panic) or gain privileges via a negative buflen argument, which triggers a heap-based buffer overflow.
by CTurt
CVSS 7.8
FreeBSD <9.3 p42, 10.1 p34, 10.2 p17, 10.3 p3 - Memory Corruption via SETFKEY ioctl
Integer signedness error in the genkbd_commonioctl function in sys/dev/kbd/kbd.c in FreeBSD 9.3 before p42, 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to obtain sensitive information from kernel memory, cause a denial of service (memory overwrite and kernel crash), or gain privileges via a negative value in the flen structure member in the arg argument in a SETFKEY ioctl call, which triggers a "two way heap and stack overflow."
by CTurt
CVSS 7.8
VirIT Explorer Lite & Pro 8.1.68 - Local Privilege Escalation
by Paolo Stagno
Broadcom Wi-Fi driver - Memory Corruption
The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control message packets, aka internal bug 25662029.
by AbdSec
CVSS 9.8
Sony Playstation 4 (PS4) 1.76 - 'dlclose' Linux Kernel Loader
by Carlos Pizarro
Hyper-V - 'vmswitch.sys' VmsMpCommonPvtHandleMulticastOids Guest to Host Kernel-Pool Overflow
by Google Security Research
macOS < 10.11.4 - Memory Corruption in Intel Graphics Driver
The Intel driver in the Graphics Drivers subsystem in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1744.
by Piotr Bania
CVSS 7.8
macOS < 10.11.4 - Memory Corruption in Intel Graphics Driver
The Intel driver in the Graphics Drivers subsystem in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1743.
by Google Security Research
CVSS 7.8
Apple macOS X < 10.11.4 - Memory Corruption in NVIDIA Graphics Driver
The NVIDIA driver in the Graphics Drivers subsystem in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
by Google Security Research
CVSS 9.8
Apple OS X < 10.11.4 - Memory Corruption in IOUSBFamily
IOUSBFamily in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
by Google Security Research
CVSS 7.8
Apple iOS <9.3 - Privilege Escalation
The kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1754.
by Google Security Research
CVSS 7.8
FreeBSD <9.3p39, 10.1p31, 10.2p14 - DoS
Integer signedness error in the amd64_set_ldt function in sys/amd64/amd64/sys_machdep.c in FreeBSD 9.3 before p39, 10.1 before p31, and 10.2 before p14 allows local users to cause a denial of service (kernel panic) via an i386_set_ldt system call, which triggers a heap-based buffer overflow.
by Core Security
CVSS 6.2
McAfee VirusScan Enterprise 8.8.0 - Local Console Unlock via Registry Handle Closure
The McAfee VirusScan Console (mcconsol.exe) in McAfee VirusScan Enterprise 8.8.0 before Hotfix 1123565 (8.8.0.1546) on Windows allows local administrators to bypass intended self-protection rules and unlock the console window by closing registry handles.
by Maurizio Agazzini
CVSS 3.0
McAfee Active Response < 1.1.0.161 - Local Administrator Bypass of Self-Protection via Registry Key Modification
The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response (MAR) before 1.1.0.161, Agent (MA) 5.x before 5.0.2 Hotfix 1110392 (5.0.2.333), Data Exchange Layer 2.x (DXL) before 2.0.1.140.1, Data Loss Prevention Endpoint (DLPe) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Device Control (MDC) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Endpoint Security (ENS) 10.x before 10.1, Host Intrusion Prevention Service (IPS) 8.0 before 8.0.0.3624, and VirusScan Enterprise (VSE) 8.8 before P7 (8.8.0.1528) on Windows allows local administrators to bypass intended self-protection rules and disable the antivirus engine by modifying registry keys.
by Maurizio Agazzini
CVSS 5.1
Linux Kernel - io_submit L2TP sendmsg Integer Overflow
by Google Security Research
Qualcomm Adreno GPU MSM Driver - perfcounter Query Heap Overflow
by Google Security Research
NTPd ntp-4.2.6p5 - 'ctl_putdata()' Buffer Overflow (PoC)
by Marcin Kozlowski
By Source