The amd64_set_ldt() function in sys/amd64/amd64/sys_machdep.c in the FreeBSD kernel code is prone to an integer signedness error when processing a system call with specially crafted parameters originated from user space.

This issue ultimately leads to a kernel heap overflow, which can be used by unprivileged local attackers to cause a kernel panic and crash the machine.

This module will exploit a vulnerability in the NVIDIA Stereoscopic 3D Driver Service. It will wait for users to login on the target system, installing agents for every user, until being able to install an agent for a user in the Built In Administrators group.

The join_session_keyring() function in security/keys/process_keys.c in the Linux kernel is prone to a reference counter overflow that occurs when a process repeatedly tries to join an already existing keyring.

This vulnerability can be leveraged by local unprivileged attackers to gain root privileges on the affected systems.

This module exploits a vulnerability present in Mac OS X. dyld in Apple OS X before 10.10.5 does not properly validate pathnames in the environment, which allows local users to gain root privileges via the DYLD_PRINT_TO_FILE environment variable.

Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass intended access restrictions and perform a transition from Low Integrity to Medium Integrity via unspecified vectors, a different vulnerability than CVE-2015-4446 and CVE-2015-5106.

A vulnerability in the Network Driver Interface Standard (NDIS) implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to trigger buffer overflow.



This allows unprivileged local users to cause an invalid dereference in kernel mode, which produces a BSoD.

The EnableNetwork method in the org.blueman.Mechanism D-Bus service of Blueman, a Bluetooth Manager, receives untrusted Python code provided by unprivileged users and evaluates it as root.

This can be leveraged by a local unprivileged attacker to gain root privileges.

This module exploits a vulnerability in win32k.sys by calling to SetParent function with crafted parameters.

This module exploits a vulnerability in "atmfd.dll" Windows driver by loading a crafted OTF font.



This update adds support to "Low Integrity Level" bypass for "Windows 8.1" 32 bits by using a kernel memory leak (CVE-2015-2433).

This module exploits a vulnerability in Linux. The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application.