159 matches found
CVE-2023-42768
When a non-admin user has been assigned an administrator role via an iControl REST PUT request and later the user's role is reverted back to a non-admin role via the Configuration utility, tmsh, or iControl REST. BIG-IP non-admin user can still have access to iControl REST admin resource. Note:...
Wings 安全漏洞
Wings is the server control interface for Pterodactyl Panel. A security vulnerability exists in Wings versions prior to 1.7.5 and 1.11.6, which can be exploited by an attacker to gain access to the host...
SUSE CVE-2022-3061
Found Linux Kernel flaw in the i740 driver. The Userspace program could pass any values to the driver through ioctl interface. The driver doesn't check the value of 'pixclock', so it may cause a divide by zero error...
PT-2023-1003 · Linux +10 · Linux Kernel +10
Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. The issue is related to missing locks in SNDRV CTL IOCTL ELEM READ|WRITE32 that can be used in a...
CVE-2022-36438
AsusSwitch.exe on ASUS personal computers running Windows sets weak file permissions, leading to local privilege escalation this also can be used to delete files within the system arbitrarily. This affects ASUS System Control Interface 3 before 3.1.5.0, and AsusSwitch.exe before 1.0.10.0...
CVE-2022-36439
AsusSoftwareManager.exe in ASUS System Control Interface on ASUS personal computers running Windows allows a local user to write into the Temp directory and delete another more privileged file via SYSTEM privileges. This affects ASUS System Control Interface 3 before 3.1.5.0, AsusSoftwareManger.e...
CVE-2022-36439
AsusSoftwareManager.exe in ASUS System Control Interface on ASUS personal computers running Windows allows a local user to write into the Temp directory and delete another more privileged file via SYSTEM privileges. This affects ASUS System Control Interface 3 before 3.1.5.0, AsusSoftwareManger.e...
Design/Logic Flaw
AsusSoftwareManager.exe in ASUS System Control Interface on ASUS personal computers running Windows allows a local user to write into the Temp directory and delete another more privileged file via SYSTEM privileges. This affects ASUS System Control Interface 3 before 3.1.5.0, AsusSoftwareManger.e...
Privilege escalation
AsusSwitch.exe on ASUS personal computers running Windows sets weak file permissions, leading to local privilege escalation this also can be used to delete files within the system arbitrarily. This affects ASUS System Control Interface 3 before 3.1.5.0, and AsusSwitch.exe before 1.0.10.0...
CVE-2022-36438
AsusSwitch.exe on ASUS personal computers running Windows sets weak file permissions, leading to local privilege escalation this also can be used to delete files within the system arbitrarily. This affects ASUS System Control Interface 3 before 3.1.5.0, and AsusSwitch.exe before 1.0.10.0...
PT-2022-5314 · Asus +1 · Asusswitch.Exe +2
Name of the Vulnerable Software and Affected Versions: ASUS System Control Interface versions prior to 3.1.5.0 AsusSwitch.exe versions prior to 1.0.10.0 Description: The issue is related to incorrect default permissions in the System Control Interface and AsusSwitch drivers for Windows operating...
CVE-2022-36439
AsusSoftwareManager.exe in ASUS System Control Interface on ASUS personal computers running Windows allows a local user to write into the Temp directory and delete another more privileged file via SYSTEM privileges. This affects ASUS System Control Interface 3 before 3.1.5.0, AsusSoftwareManger.e...
CVE-2022-36439
AsusSoftwareManager.exe in ASUS System Control Interface on ASUS personal computers running Windows allows a local user to write into the Temp directory and delete another more privileged file via SYSTEM privileges. This affects ASUS System Control Interface 3 before 3.1.5.0, AsusSoftwareManger.e...
CVE-2022-36439
CVE-2022-36439 affects ASUS System Control Interface components on Windows: AsusSoftwareManager.exe before 1.0.53.0, AsusLiveUpdate.dll before 1.0.45.0, and System Control Interface before 3.1.5.0. A local attacker could write to the Temp directory and delete a more privileged file using SYSTEM p...
CVE-2022-36438
AsusSwitch.exe on ASUS personal computers running Windows sets weak file permissions, leading to local privilege escalation this also can be used to delete files within the system arbitrarily. This affects ASUS System Control Interface 3 before 3.1.5.0, and AsusSwitch.exe before 1.0.10.0...
PT-2022-5315 · Asus +1 · Asussoftwaremanager.Exe +3
Name of the Vulnerable Software and Affected Versions: ASUS System Control Interface versions prior to 3.1.5.0 AsusSoftwareManager.exe versions prior to 1.0.53.0 AsusLiveUpdate.dll versions prior to 1.0.45.0 Description: The issue is related to incorrect default permissions in the System Control...
Google Android 缓冲区错误漏洞
Google Android is a Linux-based open source operating system from Google. A security vulnerability exists in Google Android, which stems from incorrect input validation in CCCI, and can be exploited by an attacker to obtain local information. mt6771, mt6779, mt6781, mt6785, mt6833, mt6853, mt6873...
Low-rent RAT Worries Researchers
For about the price of a cup of Starbucks latte, a hacker is renting out a remote access trojan designed to backdoor targeted networks. Dubbed as Dark Crystal RAT or DCRat, the malware is being peddled online to hackers in Russian by a lone rookie malware writer with a penchant for cut-rate...
PT-2022-6194 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: The issue is related to the i740 driver in the Linux Kernel, where a Userspace program can pass any values to the driver through the ioctl interface. The driver does not check the valu...
Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-5161-1)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5161-1 advisory. Ilja Van Sprundel discovered that the SCTP implementation in the Linux kernel did not properly perform size validations on incoming packets in some...