VYPR

Vendor CVEs

Linux

All CVEs

15,975 total · sorted by risk
  • CVE-2016-8428HigJan 12, 2017
    risk 0.51cvss 7.8epss 0.02

    An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may…

  • CVE-2016-8427HigJan 12, 2017
    risk 0.51cvss 7.8epss 0.02

    An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may…

  • CVE-2016-8426HigJan 12, 2017
    risk 0.51cvss 7.8epss 0.02

    An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may…

  • CVE-2016-8425HigJan 12, 2017
    risk 0.51cvss 7.8epss 0.02

    An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may…

  • CVE-2016-8424HigJan 12, 2017
    risk 0.51cvss 7.8epss 0.02

    An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may…

  • CVE-2016-6790HigJan 12, 2017
    risk 0.51cvss 7.8epss 0.02

    An elevation of privilege vulnerability in the NVIDIA libomx library (libnvomx) could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated…

  • CVE-2016-6789HigJan 12, 2017
    risk 0.51cvss 7.8epss 0.02

    An elevation of privilege vulnerability in the NVIDIA libomx library (libnvomx) could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated…

  • CVE-2016-6777HigJan 12, 2017
    risk 0.51cvss 7.8epss 0.02

    An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may…

  • CVE-2016-6776HigJan 12, 2017
    risk 0.51cvss 7.8epss 0.02

    An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may…

  • CVE-2016-6775HigJan 12, 2017
    risk 0.51cvss 7.8epss 0.02

    An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may…

  • CVE-2016-6761HigJan 12, 2017
    risk 0.51cvss 7.8epss 0.02

    An elevation of privilege vulnerability in Qualcomm media codecs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities,…

  • CVE-2016-6760HigJan 12, 2017
    risk 0.51cvss 7.8epss 0.02

    An elevation of privilege vulnerability in Qualcomm media codecs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities,…

  • CVE-2016-6759HigJan 12, 2017
    risk 0.51cvss 7.8epss 0.02

    An elevation of privilege vulnerability in Qualcomm media codecs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities,…

  • CVE-2016-6758HigJan 12, 2017
    risk 0.51cvss 7.8epss 0.02

    An elevation of privilege vulnerability in Qualcomm media codecs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities,…

  • CVE-2016-9754HigJan 5, 2017
    risk 0.51cvss 7.8epss 0.01

    The ring_buffer_resize function in kernel/trace/ring_buffer.c in the profiling subsystem in the Linux kernel before 4.6.1 mishandles certain integer calculations, which allows local users to gain privileges by writing to the /sys/kernel/debug/tracing/buffer_size_kb file.

  • CVE-2016-9806HigDec 28, 2016
    risk 0.51cvss 7.8epss 0.00

    Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel before 4.6.3 allows local users to cause a denial of service (double free) or possibly have unspecified other impact via a crafted application that makes sendmsg system calls, leading to…

  • CVE-2016-9794HigDec 28, 2016
    risk 0.51cvss 7.8epss 0.00

    Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel before 4.7 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START…

  • CVE-2016-9777HigDec 28, 2016
    risk 0.51cvss 7.8epss 0.00

    KVM in the Linux kernel before 4.8.12, when I/O APIC is enabled, does not properly restrict the VCPU index, which allows guest OS users to gain host OS privileges or cause a denial of service (out-of-bounds array access and host OS crash) via a crafted interrupt request, related…

  • CVE-2016-9755HigDec 28, 2016
    risk 0.51cvss 7.8epss 0.00

    The netfilter subsystem in the Linux kernel before 4.9 mishandles IPv6 reassembly, which allows local users to cause a denial of service (integer overflow, out-of-bounds write, and GPF) or possibly have unspecified other impact via a crafted application that makes socket,…

  • CVE-2016-9576HigDec 28, 2016
    risk 0.51cvss 7.8epss 0.00

    The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging…

  • CVE-2016-9120HigDec 8, 2016
    risk 0.51cvss 7.8epss 0.02

    Race condition in the ion_ioctl function in drivers/staging/android/ion/ion.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) by calling ION_IOC_FREE on two CPUs at the same time.

  • CVE-2016-9644HigNov 28, 2016
    risk 0.51cvss 7.8epss 0.01

    The __get_user_asm_ex macro in arch/x86/include/asm/uaccess.h in the Linux kernel 4.4.22 through 4.4.28 contains extended asm statements that are incompatible with the exception table, which allows local users to obtain root access on non-SMEP platforms via a crafted…

  • CVE-2016-9313HigNov 28, 2016
    risk 0.51cvss 7.8epss 0.02

    security/keys/big_key.c in the Linux kernel before 4.8.7 mishandles unsuccessful crypto registration in conjunction with successful key-type registration, which allows local users to cause a denial of service (NULL pointer dereference and panic) or possibly have unspecified…

  • CVE-2016-9084HigNov 28, 2016
    risk 0.51cvss 7.8epss 0.00

    drivers/vfio/pci/vfio_pci_intrs.c in the Linux kernel through 4.8.11 misuses the kzalloc function, which allows local users to cause a denial of service (integer overflow) or have unspecified other impact by leveraging access to a vfio PCI device file.

  • CVE-2016-9083HigNov 28, 2016
    risk 0.51cvss 7.8epss 0.00

    drivers/vfio/pci/vfio_pci.c in the Linux kernel through 4.8.11 allows local users to bypass integer overflow checks, and cause a denial of service (memory corruption) or have unspecified other impact, by leveraging access to a vfio PCI device file for a VFIO_DEVICE_SET_IRQS…

  • CVE-2016-8632HigNov 28, 2016
    risk 0.51cvss 7.8epss 0.00

    The tipc_msg_build function in net/tipc/msg.c in the Linux kernel through 4.8.11 does not validate the relationship between the minimum fragment length and the maximum packet size, which allows local users to gain privileges or cause a denial of service (heap-based buffer…

  • CVE-2016-7913HigNov 16, 2016
    risk 0.51cvss 7.8epss 0.02

    The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) via vectors involving omission of the firmware name from a certain data structure.

  • CVE-2016-7912HigNov 16, 2016
    risk 0.51cvss 7.8epss 0.02

    Use-after-free vulnerability in the ffs_user_copy_worker function in drivers/usb/gadget/function/f_fs.c in the Linux kernel before 4.5.3 allows local users to gain privileges by accessing an I/O data structure after a certain callback call.

  • CVE-2016-7911HigNov 16, 2016
    risk 0.51cvss 7.8epss 0.02

    Race condition in the get_task_ioprio function in block/ioprio.c in the Linux kernel before 4.6.6 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted ioprio_get system call.

  • CVE-2016-7910HigNov 16, 2016
    risk 0.51cvss 7.8epss 0.03

    Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel before 4.7.1 allows local users to gain privileges by leveraging the execution of a certain stop operation even if the corresponding start operation had failed.

  • CVE-2016-7425HigOct 16, 2016
    risk 0.51cvss 7.8epss 0.00

    The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel through 4.8.2 does not restrict a certain length field, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflow) via an…

  • CVE-2016-5342HigAug 30, 2016
    risk 0.51cvss 7.8epss 0.01

    Heap-based buffer overflow in the wcnss_wlan_write function in drivers/net/wireless/wcnss/wcnss_wlan.c in the wcnss_wlan device driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows…

  • CVE-2016-2065HigAug 7, 2016
    risk 0.51cvss 7.8epss 0.01

    sound/soc/msm/qdsp6v2/msm-audio-effects-q6-v2.c in the MSM QDSP6 audio driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (out-of-bounds write and…

  • CVE-2016-2064HigAug 7, 2016
    risk 0.51cvss 7.8epss 0.01

    sound/soc/msm/qdsp6v2/msm-audio-effects-q6-v2.c in the MSM QDSP6 audio driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (buffer over-read) or…

  • CVE-2016-2063HigAug 7, 2016
    risk 0.51cvss 7.8epss 0.00

    Stack-based buffer overflow in the supply_lm_input_write function in drivers/thermal/supply_lm_core.c in the MSM Thermal driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to…

  • CVE-2015-0568HigAug 7, 2016
    risk 0.51cvss 7.8epss 0.01

    Use-after-free vulnerability in the msm_set_crop function in drivers/media/video/msm/msm_camera.c in the MSM-Camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain…

  • CVE-2016-6162HigAug 6, 2016
    risk 0.51cvss 7.8epss 0.00

    net/core/skbuff.c in the Linux kernel 4.7-rc6 allows local users to cause a denial of service (panic) or possibly have unspecified other impact via certain IPv6 socket operations.

  • CVE-2016-3070HigAug 6, 2016
    risk 0.51cvss 7.8epss 0.00

    The trace_writeback_dirty_page implementation in include/trace/events/writeback.h in the Linux kernel before 4.4 improperly interacts with mm/migrate.c, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified…

  • CVE-2014-9884HigAug 6, 2016
    risk 0.51cvss 7.8epss 0.00

    drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not validate certain pointers, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28769920 and Qualcomm internal bug…

  • CVE-2014-9865HigAug 6, 2016
    risk 0.51cvss 7.8epss 0.01

    drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not properly restrict user-space input, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28748271 and Qualcomm…

  • CVE-2016-2068HigJul 11, 2016
    risk 0.51cvss 7.8epss 0.01

    The MSM QDSP6 audio driver (aka sound driver) for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a denial of service (integer overflow, and buffer overflow…

  • CVE-2016-2067HigJul 11, 2016
    risk 0.51cvss 7.8epss 0.01

    drivers/gpu/msm/kgsl.c in the MSM graphics driver (aka GPU driver) for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, mishandles the KGSL_MEMFLAGS_GPUREADONLY flag, which allows attackers to gain…

  • CVE-2014-9785HigJul 11, 2016
    risk 0.51cvss 7.8epss 0.01

    drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-07-05 on Nexus 7 (2013) devices does not validate addresses before copying data, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28469042 and Qualcomm internal…

  • CVE-2016-5829HigJun 27, 2016
    risk 0.51cvss 7.8epss 0.00

    Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES…

  • CVE-2016-5828HigJun 27, 2016
    risk 0.51cvss 7.8epss 0.00

    The start_thread function in arch/powerpc/kernel/process.c in the Linux kernel through 4.6.3 on powerpc platforms mishandles transactional state, which allows local users to cause a denial of service (invalid process state or TM Bad Thing exception, and system crash) or possibly…

  • CVE-2016-4440HigJun 27, 2016
    risk 0.51cvss 7.8epss 0.00

    arch/x86/kvm/vmx.c in the Linux kernel through 4.6.3 mishandles the APICv on/off state, which allows guest OS users to obtain direct APIC MSR access on the host OS, and consequently cause a denial of service (host OS crash) or possibly execute arbitrary code on the host OS, via…

  • CVE-2016-2066HigJun 13, 2016
    risk 0.51cvss 7.8epss 0.01

    Integer signedness error in the MSM QDSP6 audio driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a denial of service (memory corruption) via a…

  • CVE-2016-2061HigJun 13, 2016
    risk 0.51cvss 7.8epss 0.01

    Integer signedness error in the MSM V4L2 video driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a denial of service (array overflow and memory…

  • CVE-2016-4951HigMay 23, 2016
    risk 0.51cvss 7.8epss 0.01

    The tipc_nl_publ_dump function in net/tipc/socket.c in the Linux kernel through 4.6 does not verify socket existence, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a dumpit…

  • CVE-2016-4913HigMay 23, 2016
    risk 0.51cvss 7.8epss 0.01

    The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM (aka alternate name) entries containing \0 characters, which allows local users to obtain sensitive information from kernel memory or possibly have unspecified other impact via…

Page 41 of 320