2671 matches found
K90412202: libarchive vulnerability CVE-2015-8932
Security Advisory Description The compressbidderinit function in archivereadsupportfiltercompress.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service crash via a crafted tar file, which triggers an invalid left shift. CVE-2015-8932 Impact This functionality is expose...
Information disclosure
In Eternal Terminal 6.2.1, TelemetryService uses fixed paths in /tmp. For example, a local attacker can create /tmp/.sentry-native-etserver with mode 0777 before the etserver process is started. The attacker can choose to read sensitive information from that file, or modify the information in tha...
SUSE CVE-2008-2942
Directory traversal vulnerability in patch.py in Mercurial 1.0.1 allows user-assisted attackers to modify arbitrary files via ".." dot dot sequences in a patch file...
SUSE CVE-2008-4554
The dosplicefrom function in fs/splice.c in the Linux kernel before 2.6.27 does not reject file descriptors that have the OAPPEND flag set, which allows local users to bypass append mode and make arbitrary changes to other locations in the file...
SUSE CVE-2013-6441
The lxc-sshd template templates/lxc-sshd.in in LXC before 1.0.0.beta2 uses read-write permissions when mounting /sbin/init, which allows local users to gain privileges by modifying the init file...
SUSE CVE-2015-3246
libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, directly modifies /etc/passwd, which allows local users to cause a denial of service inconsistent file state by causing an error during the modification. NOTE: this issue can be combined wi...
SUSE CVE-2017-7501
It was found that versions of rpm before 4.13.0.2 use temporary files with predictable names when installing an RPM. An attacker with ability to write in a directory where files will be installed could create symbolic links to an arbitrary location and modify content, and possibly permissions to...
CVE-2022-23455
Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files...
CVE-2022-23453
Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files...
CVE-2022-23454
Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files...
CVE-2022-23454
Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files...
Privilege escalation
Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files...
Privilege escalation
Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files...
Privilege escalation
Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files...
HP Support Assistant 安全漏洞
HP Support Assistant is a solution from Hewlett-Packard HP USA that provides support and other features for PCs and printers. A security vulnerability exists in HP Support Assistant, which stems from a potential security hole that could be exploited by an attacker to cause privilege escalation,...
PT-2023-2973 · Faronics · Faronics Insight
Name of the Vulnerable Software and Affected Versions: Faronics Insight version 10.0.19045 Description: The issue allows a suitably positioned attacker to perform a man-in-the-middle attack on either a connected student or teacher. This enables them to intercept student keystrokes or modify...
HP Support Assistant 安全漏洞
HP Support Assistant is a solution from Hewlett-Packard HP USA that provides support and other features for PCs and printers. A security vulnerability exists in HP Support Assistant, which stems from a potential security hole that could be exploited by an attacker to cause privilege escalation,...
CVE-2022-23455
Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files...
CVE-2022-23455
The CVE-2022-23455 entry concerns HP Support Assistant. Reported vulnerabilities include privilege escalation, integrity compromise, allowing communication with untrusted clients, and unauthorized modification of files. No exploit details are provided. Remediation guidance from the associated HP ...
CVE-2022-23454
Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files...