Lucene search
K

423 matches found

NVD
NVD
added 2015/07/03 2:0 a.m.16 views

CVE-2015-3718

systemstatsd in the System Stats subsystem in Apple OS X before 10.10.4 does not properly interpret data types encountered in interprocess communication, which allows attackers to execute arbitrary code with systemstatsd privileges via a crafted app, related to a "type confusion" issue...

6.8CVSS6.9AI score0.02261EPSS
Exploits0References4
Prion
Prion
added 2015/07/03 2:0 a.m.11 views

Type confusion

systemstatsd in the System Stats subsystem in Apple OS X before 10.10.4 does not properly interpret data types encountered in interprocess communication, which allows attackers to execute arbitrary code with systemstatsd privileges via a crafted app, related to a "type confusion" issue...

6.8CVSS7.4AI score0.02261EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2015/07/03 1:0 a.m.22 views

CVE-2015-3718

systemstatsd in the System Stats subsystem in Apple OS X before 10.10.4 does not properly interpret data types encountered in interprocess communication, which allows attackers to execute arbitrary code with systemstatsd privileges via a crafted app, related to a "type confusion" issue...

4.8AI score0.02261EPSS
Exploits0References4
CNVD
CNVD
added 2015/03/18 12:0 a.m.4 views

Cisco AnyConnect Secure Mobility Client Elevation of Privilege Vulnerability

The Cisco AnyConnect Secure Mobility Client is Cisco's next-generation VPN client. Cisco AnyConnect Secure Mobility Client has a security vulnerability in interprocess communication IPC that allows a local attacker to write and overwrite arbitrary files with elevated privileges...

7.2CVSS6.9AI score0.00371EPSS
Exploits0References1
CNVD
CNVD
added 2015/03/18 12:0 a.m.4 views

Cisco AnyConnect Secure Mobility Client Hostscan Path Traversal Vulnerability

The Cisco AnyConnect Secure Mobility Client is Cisco's next-generation VPN client. A security vulnerability exists in the Interprocess Communication IPC of the Cisco AnyConnect Secure Mobility Client Hostscan module, which allows a local attacker to write and overwrite arbitrary files with elevat...

6.6CVSS6.8AI score0.00386EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2014/10/13 9:28 p.m.3 views

kernel: ipc: ipc_rcu_putref refcount races

A flaw was found in the way the ipcrcuputref function in the Linux kernel's IPC implementation handled reference counter decrementing. A local, unprivileged user could use this flaw to trigger an Out of Memory OOM condition and, potentially, crash the system...

4.9CVSS6.6AI score0.00489EPSS
Exploits1References4
OSV
OSV
added 2014/10/08 12:0 a.m.5 views

UBUNTU-CVE-2014-3188

Google Chrome before 38.0.2125.101 and Chrome OS before 38.0.2125.101 do not properly handle the interaction of IPC and Google V8, which allows remote attackers to execute arbitrary code via vectors involving JSON data, related to improper parsing of an escaped index by ParseJsonObject in...

10CVSS7.7AI score0.0595EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2014/09/19 12:0 a.m.3 views

PT-2014-7805 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.16.3 Description: The issue allows remote CIFS servers to cause a denial of service, resulting in a NULL pointer dereference and client system crash, or possibly have unspecified other impact. This occurs when...

7.8CVSS7AI score0.06167EPSS
Exploits13References254
OSV
OSV
added 2014/08/27 1:55 a.m.4 views

UBUNTU-CVE-2014-3177

Google Chrome before 37.0.2062.94 does not properly handle the interaction of extensions, IPC, the sync API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-3176...

10CVSS7.7AI score0.03883EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2011/10/16 12:0 a.m.15 views

FreeBSD Security Advisory (FreeBSD-SA-11:05.unix.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-11:05.unix.asc ADV FreeBSD-SA-11:05.unix.asc OpenVAS Vulnerability Test $ Description: Auto generated from ADV FreeBSD-SA-11:05.unix.asc Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft...

Exploits0
OpenVAS
OpenVAS
added 2011/10/16 12:0 a.m.7 views

FreeBSD Security Advisory (FreeBSD-SA-11:05.unix.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-11:05.unix.asc SPDX-FileCopyrightText: 2011 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

7.4AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 2011/07/18 9:1 p.m.5 views

system-config-firewall: privilege escalation flaw via use of python pickle

fwdbus.py in system-config-firewall 1.2.29 and earlier uses the pickle Python module unsafely during D-Bus communication between the GUI and the backend, which might allow local users to gain privileges via a crafted serialized object...

7.8CVSS5.8AI score0.00421EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2010/07/01 6:0 p.m.6 views

kernel: tipc: Fix oops on send prior to entering networked mode

The Transparent Inter-Process Communication TIPC functionality in Linux kernel 2.6.16-rc1 through 2.6.33, and possibly other versions, allows local users to cause a denial of service kernel OOPS by sending datagrams through AFTIPC before entering network mode, which triggers a NULL pointer...

4.9CVSS5.8AI score0.00416EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2009/06/15 12:0 a.m.14 views

FreeBSD Security Advisory (FreeBSD-SA-09:09.pipe.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-09:09.pipe.asc ADV FreeBSD-SA-09:09.pipe.asc OpenVAS Vulnerability Test $ Description: Auto generated from ADV FreeBSD-SA-09:09.pipe.asc Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2009/06/14 12:0 a.m.37 views

FreeBSD Security Advisory FreeBSD-SA-09:09.pipe

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-09:09.pipe Security Advisory The FreeBSD Project Topic: Local information disclosure via direct pipe writes Category: core Module: kern Announced: 2009-06-10...

6.9AI score
Exploits0
securityvulns
securityvulns
added 2007/10/04 12:0 a.m.46 views

iDefense Security Advisory 10.02.07: Sun Microsystems Solaris FIFO FS Information Disclosure Vulnerability

Sun Microsystems Solaris FIFO FS Information Disclosure Vulnerability iDefense Security Advisory 10.02.07 http://labs.idefense.com/intelligence/vulnerabilities/ Oct 02, 2007 I. BACKGROUND Solaris is a UNIX operating system developed by Sun Microsystems. More information can be found at the...

6.5AI score
Exploits0
RedHat Linux
RedHat Linux
added 2006/10/20 10:28 a.m.5 views

security flaw

Linux kernel 2.4.x and 2.6.x up to 2.6.16 allows local users to bypass IPC permissions and modify a readonly attachment of shared memory by using mprotect to give write permission to the attachment. NOTE: some original raw sources combined this issue with CVE-2006-1524, but they are different bug...

2.1CVSS5.7AI score0.00411EPSS
Exploits0References4
myhack58
myhack58
added 2005/09/27 12:0 a.m.43 views

In W2K, elevated several attack instances of success or failure experiences-vulnerability and early warning-the black bar safety net

Speaking of the Virus are related to elevation of Privilege issues, the so-called elevation of privilege is the use of the system loopholes to obtain higher Privilege to. For example, you use the General user account to log on to Windows NT/Windows 2 0 0 0, You can only make a limited operation,...

7.9AI score
Exploits0
CVE
CVE
added 2005/06/28 4:0 a.m.46 views

CVE-2002-1883

CVE-2002-1883 affects Trolltech Qt Assistant 1.0 within Trolltech Qt 3.0.3 when loaded from the Designer, which opens port 7358 for interprocess communication. This enables remote attackers to open arbitrary HTML pages and cause a denial of service. The connected Red Hat and CVE records corrobora...

6.4CVSS7AI score0.01634EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2005/06/28 4:0 a.m.17 views

CVE-2002-1883

Trolltech Qt Assistant 1.0 in Trolltech Qt 3.0.3, when loaded from the Designer, opens port 7358 for interprocess communication, which allows remote attackers to open arbitrary HTML pages and cause a denial of service...

6.7AI score0.01634EPSS
Exploits0References4
Rows per page
Query Builder