C Exploits
3,622 exploits tracked across all sources.
Microsoft Windows - Local Privilege Escalation via WebDAV Client
The WebDAV client in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "WebDAV Elevation of Privilege Vulnerability."
by koczkatamas
CVSS 7.8
watchOS < 2.1 - Local Privilege Escalation via Crafted Mach Message
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges via a crafted mach message that is misparsed.
by Google Security Research
watchOS < 2.1 - Local Privilege Escalation via Crafted Mach Message
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges via a crafted mach message that is misparsed.
by Google Security Research
watchOS < 2.1 - Local Privilege Escalation via Crafted Mach Message
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges via a crafted mach message that is misparsed.
by Google Security Research
macOS < 10.11.2 - Use-After-Free in Hypervisor via VM Objects
Use-after-free vulnerability in Hypervisor in Apple OS X before 10.11.2 allows local users to gain privileges via vectors involving VM objects.
by Google Security Research
Apple iOS <9.1, macOS <10.11.1, watchOS <2.0.1 - Remote Code Execution via IOAcceleratorFamily Memory Corruption
IOAcceleratorFamily in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app.
by Google Security Research
IOKit <9.2.1-10.11.3-9.1.1 - Privilege Escalation/DoS
IOKit in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
by Google Security Research
CVSS 7.8
Apple iOS <9.2, macOS <10.11.2, tvOS <9.1, watchOS <2.1 - Denial of Service via IOKit SCSI Userclient Type
IOKit SCSI in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an app that provides an unspecified userclient type.
by Google Security Research
CVSS 7.8
watchOS < 2.1 - Local Privilege Escalation via Crafted Mach Message
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges via a crafted mach message that is misparsed.
by Google Security Research
Apple iOS < 9.1 and OS X < 10.11.1 - Remote Code Execution via Disk Images Component
The Disk Images component in Apple iOS before 9.1 and OS X before 10.11.1 misparses images, which allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app.
by Google Security Research
macOS X < 10.11.2 - Memory Corruption via Bluetooth HCI Interface
The Bluetooth HCI interface in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
by Google Security Research
macOS < 10.11.2 - Memory Corruption in Intel Graphics Driver
The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
by Google Security Research
macOS < 10.11.2 - Privilege Escalation or Denial of Service via Intel Graphics Driver Memory Access
The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (out-of-bounds memory access) via unspecified vectors.
by Google Security Research
Apple iOS <9.2, macOS <10.11.2, tvOS <9.1, watchOS <2.1 - Memory Corruption in Kernel
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7083.
by Google Security Research
Apple macOS X < 10.11.2 and iPhone OS < 9.1 - Memory Corruption in Disk Images
The Disk Images component in Apple OS X before 10.11.2 and tvOS before 9.1 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted disk image.
by Google Security Research
watchOS < 2.1 - Local Privilege Escalation via Crafted Mach Message
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges via a crafted mach message that is misparsed.
by Google Security Research
Apple Mac OS X < 10.11.1 - Memory Corruption
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7084.
by Google Security Research
Linux Kernel 3.0.0-3.19.8 - Heap-Based Buffer Overflow in WLAN Driver via Packet Filter
Heap-based buffer overflow in the private wireless extensions IOCTL implementation in wlan_hdd_wext.c in the WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges via a crafted application that establishes a packet filter.
by Shawn the R0ck
CVSS 7.8
Huawei P8 and Mate 7 Firmware - Heap-Based Buffer Overflow in HIFI Driver
Heap-based buffer overflow in the HIFI driver in Huawei Mate 7 phones with software MT7-UL00 before MT7-UL00C17B354, MT7-TL10 before MT7-TL10C00B354, MT7-TL00 before MT7-TL00C01B354, and MT7-CL00 before MT7-CL00C92B354 and P8 phones with software GRA-TL00 before GRA-TL00C01B220SP01, GRA-CL00 before GRA-CL00C92B220, GRA-CL10 before GRA-CL10C92B220, GRA-UL00 before GRA-UL00C00B220, and GRA-UL10 before GRA-UL10C00B220 allows attackers to cause a denial of service (reboot) or execute arbitrary code via a crafted application.
by pray3r
CVSS 7.8
Linux kernel <4.4.1 - Privilege Escalation/DoS
The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and use-after-free) via crafted keyctl commands.
by Federico Bento
CVSS 7.8
Linux kernel <4.4.1 - Privilege Escalation/DoS
The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and use-after-free) via crafted keyctl commands.
by Perception Point Team
CVSS 7.8
Overlayfs Privilege Escalation
The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application.
by halfdog
CVSS 6.7
Amanda 3.3.1 - Authenticated Command Injection via runtar Binary Argument Manipulation
An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. The "runtar" setuid root binary does not check for additional arguments supplied after --create, allowing users to manipulate commands and perform command injection as root.
by Hacker Fantastic
CVSS 7.8
Overlayfs Privilege Escalation
The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application.
by rebel
CVSS 6.7
Gentoo QEMU <2.5.0-r1 - Privilege Escalation
Local privilege escalation vulnerability in the Gentoo QEMU package before 2.5.0-r1.
by zx2c4
CVSS 10.0
By Source