Vulnerabilities of the Debian GNU/Linux operating system that allow a local malicious individual to compromise the integrity of protected information

The mgetty-voice package for the Debian GNU/Linux operating system has multiple vulnerabilities. Exploitation of these vulnerabilities may lead to a breach of the integrity of protected information. These vulnerabilities can be exploited by local malicious individuals...

The vulnerability of the OpenSUSE operating system allows attackers to compromise the confidentiality of protected information.

The vulnerability of the kdebase3-kdm package in the OpenSUSE operating system can lead to a violation of the confidentiality of protected information. This vulnerability can be exploited locally...

The vulnerability of the CentOS operating system allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the rtkit-debuginfo-0.5 package of the CentOS operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. Exploiting this vulnerability can be carried out locally...

The vulnerability of the Red Hat Linux operating system, which allows a malicious individual to compromise the confidentiality of protected information

The vulnerability of the glibc-devel-2.2 package in the Red Hat Linux operating system can lead to a violation of the confidentiality of protected information. This vulnerability can be exploited locally...

The vulnerability of the CentOS operating system allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the spice-gtk-0.14 package on the CentOS operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited locally...

The vulnerability of the CentOS operating system allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the sblim-cmpi-fsvol-test-1.4.4 package of the CentOS operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. Exploiting this vulnerability can be carried out locally...

Lenovo USB Enhanced Performance Keyboard Information Disclosure Vulnerability

Lenovo USB Enhanced Performance Keyboard is an enhanced USB keyboard from Lenovo China. A security vulnerability exists in the Lenovo USB Enhanced Performance Keyboard software prior to version 2.0.2.2, which originates from the inclusion of modulation code in the SKHOOKS.DLL file. A local attack...

xaviershay-dm-rails Gem for Ruby exposes sensitive information via the process table

xaviershay-dm-rails Gem for Ruby contains a flaw in the execute function in /datamapper/dm-rails/blob/master/lib/dm-rails/storage.rb. The issue is due to the function exposing sensitive information via the process table. This may allow a local attack to gain access to MySQL credential information...

VeryPhoto v3.0 iOS - Command Injection Vulnerability

Document Title: =============== VeryPhoto v3.0 iOS - Command Injection Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1401 Release Date: ============= 2015-01-13 Vulnerability Laboratory ID VL-ID: ==================================== 1401...

ZTE Datacard MF180 Privilege Escalation / DLL Hijacking

/ Exploit Title:ZTE Datacard MF180 PCWTNZNZLMF180V1.0.0B02 Telecom MF180 Modem Insecure Permissions Local Privilege Escalation & PoC Local crash & Path Subversion Arbitrary DLL Injection Code Execution mmsdllr.dll Date: 10/01/2015 Author: Hadji Samir [email protected] Link...

MGASA-2014-0461 Updated hawtjni packages fix security vulnerability

The HawtJNI Library class wrote native libraries to a predictable file name in /tmp/ when the native libraries were bundled in a JAR file, and no custom library path was specified. A local attacker could overwrite these native libraries with malicious versions during the window between when HawtJ...

PayPal Inc #90 PM - Buffer Overflow Vulnerability

Document Title: =============== PayPal Inc 90 PM - Buffer Overflow Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=940 http://www.vulnerability-lab.com/getcontent.php?id=1274 Release Date: ============= 2014-10-02 Vulnerability Laboratory I...

Apple iOS v7.1.2 - (Merge Apps) Bypass Vulnerability

Document Title: =============== Apple iOS v7.1.2 - Merge Apps Bypass Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1280 Video: http://www.vulnerability-lab.com/getcontent.php?id=1281 Vulnerability Magazine:...

F-Secure Key Plaintext Information Disclosure (Mac OS X)

The version of F-Secure Key installed on the remote Mac OS X host is older than 1.5.146. It is, therefore, affected by an unspecified error that could allow a local attacker to dump the contents of memory and obtain sensitive plaintext information. C Tenable Network Security, Inc...

Cisco Small Business SPA300 and SPA500 Series IP Phones Local Code Execution Vulnerability

A vulnerability in the Cisco Small Business SPA300 and SPA500 Series IP Phones could allow an unauthenticated, local attacker to access the debug shell and file system of the affected device. The vulnerability is due to insufficient authentication implementation in the debug console interface. An...

IBM DB2 db2govd Command Line Argument Local Overflow

No description provided by source. source: http://www.securityfocus.com/bid/8990/info IBM DB2 has been reported to be prone to multiple buffer overflow vulnerabilities that present themselves in binaries that are shipped with DB2. The vulnerabilities are likely caused due to a lack of sufficient...

Linux Kernel 2.4.x/2.6.x Bluetooth Signed Buffer Index Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/12911/info A local signed-buffer-index vulnerability affects the Linux kernel because it fails to securely handle signed values when validating memory indexes. A local attacker may leverage this issue to gain escalated...

FreeBSD 3.3 angband Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/840/info The version angband shipped with FreeBSD 3.3-RELEASE is vulnerable to a local buffer overflow attack. Since it is setgid games, a compromise of files and directories owned by group games is possible. / FreeBSD 3....

SoftiaCom WMailserver 1.0 - Local Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14212/info SoftiaCom WMailserver is prone to a local information disclosure vulnerability. The application stores passwords in the windows registry. A local attacker may exploit this issue to disclose potentially sensitiv...

HP-UX 10.x stmkfont Alternate Typeface Library Buffer Overflow Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/6836/info A buffer overflow vulnerability has been reported in the stmkfont utility shipped with HP-UX systems. The problem occurs due to insufficient bounds checking on user-suplied data to the alternate typeface library...