Exploitdb Exploits
50,076 exploits tracked across all sources.
NVIDIA Windows GPU Display Driver <342.00-375.63 - Buffer Overflow
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x10000e9 where a value is passed from an user to the driver is used without validation as the size input to memcpy() causing a stack buffer overflow, leading to denial of service or potential escalation of privileges.
by Google Security Research
CVSS 7.8
NVIDIA GPU Driver R340 < 342.00 and R375 < 375.63 - Denial of Service or Privilege Escalation via DxgDdiEscape Handler
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x7000194 where a value passed from a user to the driver is used without validation as the index to an internal array, leading to denial of service or potential escalation of privileges.
by Google Security Research
CVSS 7.8
NVIDIA Windows GPU Display Driver R340 <342.00 and R375 <375.63 - DoS
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x7000170 where the size of an input buffer is not validated, leading to denial of service or potential escalation of privileges.
by Google Security Research
CVSS 7.8
NVIDIA Windows GPU Display Driver and R375 <342.00-375.63 - Privilege Escalation
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x70000d5 where a value passed from an user to the driver is used without validation as the index to an internal array, leading to denial of service or potential escalation of privileges.
by Google Security Research
CVSS 7.8
NVIDIA GPU Driver R340 < 342.00 & R375 < 375.63 - DoS or Privilege Escalation via Unvalidated Array Index
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x100009a where a value passed from an user to the driver is used without validation as the index to an internal array, leading to denial of service or potential escalation of privileges.
by Google Security Research
CVSS 7.8
NVIDIA Windows GPU Display Driver <342.00-375.63 - DoS/Privilege Es...
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x70001b2 where the size of an input buffer is not validated, leading to denial of service or potential escalation of privileges.
by Google Security Research
CVSS 7.8
NVIDIA GPU Driver R340 < 342.00 and R375 < 375.63 - Kernel Memory Leak via DxgDdiEscape Handler
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x70000D4 which may lead to leaking of kernel memory contents to user space through an uninitialized buffer.
by Google Security Research
CVSS 5.5
NVIDIA GPU Driver R340 < 342.00 and R375 < 375.63 - Denial of Service or Privilege Escalation via DxgDdiEscape Handler
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x100010b where a missing array bounds check can allow a user to write to kernel memory, leading to denial of service or potential escalation of privileges.
by Google Security Research
CVSS 7.8
Micro Focus Rumba 9.x - Stack-based Buffer Overflow via PlayMacro MacroName Argument
Stack-based buffer overflow in the PlayMacro function in ObjectXMacro.ObjectXMacro in WdMacCtl.ocx in Micro Focus Rumba 9.x before 9.3 HF 11997 and 9.4.x before 9.4 HF 12815 allows remote attackers to execute arbitrary code via a long MacroName argument. NOTE: some references mention CVE-2016-5226 but that is not a correct ID for any Rumba vulnerability.
by Umit Aksu
CVSS 9.8
macOS < 10.11.6 - Use-After-Free in IOSurface
Use-after-free vulnerability in IOSurface in Apple OS X before 10.11.6 allows local users to gain privileges via unspecified vectors.
by Google Security Research
CVSS 7.8
Apple iOS <9.3.3, OS X <10.11.6, tvOS <9.2.2, watchOS <2.2.2 - Pri...
The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4582 and CVE-2016-4653.
by Google Security Research
CVSS 7.8
Safari Webkit JIT Exploit for iOS 7.1.2
An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "Kernel" component. It allows local users to execute arbitrary code in a privileged context or cause a denial of service (MIG code mishandling and system crash) via unspecified vectors.
by Google Security Research
CVSS 7.8
macOS < 10.11.6 - Use-After-Free in IOSurface
Use-after-free vulnerability in IOSurface in Apple OS X before 10.11.6 allows local users to gain privileges via unspecified vectors.
by Google Security Research
CVSS 7.8
InfraPower PPS-02-S Q213V1 - Multiple Cross-Site Scripting Vulnerabilities
by LiquidWorm
InfraPower PPS-02-S Q213V1 - Insecure Direct Object Reference
by LiquidWorm
InfraPower PPS-02-S Q213V1 - Cross-Site Request Forgery
by LiquidWorm
Joomla! < 3.6.3 - Unauthenticated User Account Creation via UsersModelRegistration
The register method in the UsersModelRegistration class in controllers/user.php in the Users component in Joomla! before 3.6.4, when registration has been disabled, allows remote attackers to create user accounts by leveraging failure to check the Allow User Registration configuration setting.
by Xiphos Research Ltd
CVSS 8.1
HP TouchSmart Calendar 4.1.4245 - Insecure File Permissions Privilege Escalation
by hyp3rlinx
By Source