CVE-2019-9896

PuTTY (Windows) before version 0.71 is affected by CVE-2019-9896. An attacker could hijack the application by placing a malicious help file in the same directory as the PuTTY executable. OpenSUSE and Nessus references confirm this Windows‑only issue. The remediation is to upgrade to upstream rele...

CVE-2018-17483

CVE-2018-17483 affects Lobby Track Desktop in kiosk mode, where an error in Reports enables a local attacker viewing the driver’s license column to obtain driver’s license numbers and other personal information. The NVD entry confirms an information disclosure vulnerability with local access; the...

CUJO Smart Firewall dhcpd.conf verified boot bypass

Summary An exploitable vulnerability exists in the verified boot protection of the CUJO Smart Firewall. It is possible to add arbitrary shell commands into the dhcpd.conf file, that persist across reboots and firmware updates, and thus allow for executing unverified commands. To trigger this...

Intel Graphics Driver for Windows User Mode Driver Buffer Overflow Vulnerability

Intel Graphics Driver for Windows is an Intel graphics card driver for the Windows platform.User Mode Driver is one of the user mode drivers. A buffer overflow vulnerability exists in the User Mode Driver of the Intel Graphics Driver for Windows. A local attacker could exploit this vulnerability ...

CVE-2018-1980

IBM DB2 for Linux, UNIX and Windows includes DB2 Connect Server 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-ForceID: 154078...

CVE-2019-1613

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker coul...

CVE-2019-1604

CVE-2019-1604 affects Cisco NX-OS Software privilege escalation via an incorrect authorization check for user accounts and their GID. An authenticated, local attacker can exploit a logic error to run higher-privileged commands on the Linux shell of affected devices. Affected platforms and version...

Cisco WebEx Meetings Privilege Escalation

SecureAuth - SecureAuth Labs Advisory http://www.secureauth.com/ Cisco WebEx Meetings Elevation of Privilege Vulnerability Version 2 1. Advisory Information Title: Cisco WebEx Meetings Elevation of Privilege Vulnerability Version 2 Advisory ID: CORE-2018-0012 Advisory URL:...

CVE-2019-7006 Avaya one-X Communicator Weak Encryption

Avaya one-X Communicator uses weak cryptographic algorithms in the client authentication component that could allow a local attacker to decrypt sensitive information. Affected versions include all 6.2.x versions prior to 6.2 SP13...

CVE-2019-5780

The CVE-2019-5780 entry refers to Google Chrome on macOS with insufficient restrictions on Apple Events before Chrome 72.0.3626.81, allowing a local attacker to execute JavaScript via Apple Events. Affects Chrome versions prior to the 72.0.3626.81 update. Root cause: insufficient restriction of A...

CVE-2019-3812

QEMU, through version 2.10 and through version 3.1.0, is vulnerable to an out-of-bounds read of up to 128 bytes in the hw/i2c/i2c-ddc.c:i2cddc function. A local attacker with permission to execute i2c commands could exploit this to read stack memory of the qemu process on the host...

Denial Of Service (Dos)

libXfont is vulnerable to denial of service. A stack-based buffer overflow occurs when the libXfont library parsed Glyph Bitmap Distribution Format BDF fonts with a long string in a character name. This allows a local attacker to crash the service or potentially execute arbitrary code with the...

CVE-2018-16888

It was discovered systemd does not correctly check the content of PIDFile files before using it to kill processes. When a service is run from an unprivileged user e.g. User field set in the service file, a local attacker who is able to write to the PIDFile of the mentioned service may use this fl...

Linux: Mounting of udf filesystems

The udf filesystem type is the universal disk format used to implement ISO/IEC 13346 and ECMA-167 specifications. This is an open vendor filesystem type for data storage on a broad range of media. This filesystem type is necessary to support writing DVDs and newer optical disc formats. Removing...

ATool 1.0.0.22 Buffer Overflow

Exploit Title: Kernel Pool Buffer Overflow ATool - 1.0.0.22 0day CVE: CVE-2018-20331 Date: 21-12-2018 Software Link: http://www.antiy.net/ Exploit Author: Aloyce J. Makalanga Contact: https://twitter.com/aloycemjr Vendor Homepage: http://www.antiy.net/ Category: Windows Attack Type: local...

PCRE 8.41 Buffer Overflow

Buffer Overflow in function match PCRE 8.41 CVE-2017-16231 Product Download: https://sourceforge.net/projects/pcre/files/pcre/ Vulnerability TypePSoBuffer Overflow Attack Type : local Vulnerability Description a pcretest load test PoC produces a crash overflow in the function match in pcreexec.c...

Code injection

eScan Agent Application MWAGENT.EXE 4.0.2.98 in MicroWorld Technologies eScan 14.0 allows remote or local attackers to execute arbitrary commands by sending a carefully crafted payload to TCP port 2222...

CVE-2018-1000876

binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfdgetdynamicrelocupperbound,bfdcanonicalizedynamicreloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be...

PT-2018-3886 · D Link · D-Link 825L +1

Name of the Vulnerable Software and Affected Versions: D-Link myDlink Baby App version 2.04.06 D-Link 825L firmware 1.08 Description: The issue concerns the communication between the myDlink Baby App and the D-Link 825L Wi-Fi camera, where credentials, including username and password, are sent in...

CVE-2018-16883

sssd versions from 1.13.0 to before 2.0.0 did not properly restrict access to the infopipe according to the "alloweduids" configuration parameter. If sensitive information were stored in the user directory, this could be inadvertently disclosed to local attackers...