Linux Distros Unpatched Vulnerability : CVE-2020-7221

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mysqlinstalldb in MariaDB 10.4.7 through 10.4.11 allows privilege escalation from the mysql user account to root because chown and chmod are performed unsafely,...

MariaDB 10.4.7 - 10.4.11 Privilege Escalation Vulnerability (Linux)

MariaDB is prone to a privilege escalation vulnerability. Copyright C 2020 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software...

CVE-2020-7221

mysqlinstalldb in MariaDB 10.4.7 through 10.4.11 allows privilege escalation from the mysql user account to root because chown and chmod are performed unsafely, as demonstrated by a symlink attack on a chmod 04755 of authpamtooldir/authpamtool. NOTE: this does not affect the Oracle MySQL product,...

Security fix for the ALT Linux 9 package mariadb version 10.4.7-alt1

10.4.7-alt1 built Aug. 11, 2019 Alexey Shabalin in task 235868 Aug. 9, 2019 Alexey Shabalin - 10.4.7 - Fixes for the following security vulnerabilities: + CVE-2019-2805 + CVE-2019-2740 + CVE-2019-2739 + CVE-2019-2737 + CVE-2019-2758...

Cross site scripting

GitLab Community and Enterprise Editions version 9.2 up to 10.4 are vulnerable to XSS because a lack of input validation in the milestones component leads to cross site scripting specifically, data-milestone-id in the milestone dropdown feature. This is fixed in 10.6.3, 10.5.7, and 10.4.7...

CVE-2018-9244

GitLab Community and Enterprise Editions version 9.2 up to 10.4 are vulnerable to XSS because a lack of input validation in the milestones component leads to cross site scripting specifically, data-milestone-id in the milestone dropdown feature. This is fixed in 10.6.3, 10.5.7, and 10.4.7...

Mac OS X <= 10.4.7 fetchmail Privilege Escalation Exploit (ppc)

No description provided by source. !/usr/bin/perl getpwnedmail.pl http://www.digitalmunition.com written by kf kflistsatdigitalmunitiondotcom This is a canibalized version of Kansas City POP Daemon Version 0.0 - Copyright c 1999 David Nicol [email protected] kevin-finisterres-mac-mini:...

Apple Mac OSX 10.4.7 - Mach Exception Handling Local (10.3.x)

/ excploit.c - 28 Nov 2005 - [email protected] Exploitable Mach Exception Handling Affected: Mac OS X 10.4.6 darwin 8.6.0 and older When a process executes a setuid executable, all existing rights to the task port are invalidated, to make sure unauthorized processes do not retain control o...

Mac OS X <= 10.4.7 Mach Exception Handling Local Root Exploit

Exploit for macOS platform in category local exploits ============================================================= Mac OS X include include include extern booleant excservermachmsgheadert , machmsgheade...

CVE-2006-3509

Integer overflow in the API for the AirPort wireless driver on Apple Mac OS X 10.4.7 might allow physically proximate attackers to cause a denial of service crash or execute arbitrary code in third-party wireless software that uses the API via crafted frames...

CVE-2006-3509

CVE-2006-3509 describes an integer overflow in the AirPort wireless driver’s API for third‑party software on Mac OS X v10.4.7 (and related updates). The underlying issue is an overflow that could lead to a buffer overflow in applications using the API, with attackers in near proximity able to tri...

CVE-2006-3506

Buffer overflow in the Xsan Filesystem driver on Mac OS X 10.4.7 and OS X Server 10.4.7 allows local users with Xsan write access, to execute arbitrary code via unspecified vectors related to "processing a path name."...

getpwnedmail-ppc.pl.txt

!/usr/bin/perl getpwnedmail.pl http://www.digitalmunition.com written by kf kflistsatdigitalmunitiondotcom This is a canibalized version of "Kansas City POP Daemon Version 0.0" - Copyright c 1999 David Nicol kevin-finisterres-mac-mini: kfinisterre$ /usr/bin/fetchmail -p pop3 --fastuidl 1 localhos...

CVE-2006-3500

The dynamic linker dyld in Apple Mac OS X 10.4.7 allows local users to execute arbitrary code via an "improperly handled condition" that leads to use of "dangerous paths," probably related to an untrusted search path vulnerability...

Buffer overflow

Buffer overflow in Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted Canon RAW image...

CVE-2006-0392

CVE-2006-0392 describes a buffer overflow in Apple Mac OS X 10.4.7's ImageIO framework when processing Canon RAW images. An attacker could entice a user to view a crafted Canon RAW file, potentially causing an application crash or arbitrary code execution with user privileges. Affected products i...

CVE-2006-3503

Integer overflow in ImageIO in Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code via a malformed GIF image...

CVE-2006-3504

CVE-2006-3504 affects Apple Mac OS X 10.4.7 where LaunchServices’ Download Validation can misclassify HTML as “safe.” If Safari’s “Open ‘safe’ files after downloading” is enabled, a downloaded HTML file could auto-open in a local context and allow embedded JavaScript to bypass local access restri...

CVE-2006-0393

OpenSSH in Apple Mac OS X 10.4.7 is affected by CVE-2006-0393. The vulnerability arises when attempting to log in with a nonexistent user, causing the authentication process to hang and enabling denial of service and potential account existence discovery. The issue is documented in multiple sourc...

CVE-2006-3501

Integer overflow in ImageIO for Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted Radiance image...