php-fpm Arbitrary File Creation Vulnerability

php-fpm is a PHPFastCGI process manager for PHP. A security vulnerability exists in php-fpm. A local attacker can exploit this vulnerability to perform a symbolic link attack, write to arbitrary files or create arbitrary files...

Heap overflow

A kernel driver, namely DLMFENC.sys, bundled with the DESLock+ client application 4.8.16 and earlier contains a locally exploitable heap based buffer overflow in the handling of an IOCTL message of type 0x0FA4204. The vulnerability is present due to the kernel driver failing to allocate sufficien...

Linux Kernel 'drivers/acpi/acpica/psobject.c' Local Information Disclosure Vulnerability

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A local information disclosure vulnerability exists in the 'acpipscompletefinalop' function in the drivers/acpi/acpica/psobject.c file in Linux kernel 4.12.9 and earlier, whic...

Hashicorp vagrant-vmware-fusion <= 4.0.20 - Local root Privilege Esclation Exploit

Exploit for macOS platform in category local exploits I'm a big fan of Hashicorp but this is an awful bug to have in software of their calibre. Their vagrant plugin for vmware fusion uses a product called Ruby Encoder to protect their proprietary ruby code. It does this by turning the ruby code...

Digital Canal Structural Wind Analysis 9.1 Buffer Overflow

Vendor: Digital Canal Structural Equipment: Wind Analysis Vulnerability: Stack-Based Buffer Overflow Advisory URL: https://ipositivesecurity.com/2017/06/15/ics-digital-canal-structural-wind-analysis-stack-buffer-overflow/ ICS-CERT Advisory https://ics-cert.us-cert.gov/advisories/ICSA-17-157-02...

CVE-2016-4973

Binaries compiled against targets that use the libssp library in GCC for stack smashing protection SSP might allow local users to perform buffer overflow attacks by leveraging lack of the Object Size Checking feature...

The vulnerability of the MediaTek driver for the Android operating system, allowing a hacker to execute arbitrary code

The vulnerability of the MediaTek driver for the Android operating system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code within the kernel context on the local host. This issue is considered “high” because it requires...

Recent Python Meterpreter Improvements

The Python Meterpreter has received quite a few improvements this year. In order to generate consistent results, we now use the same technique to determine the Windows version in both the Windows and Python instances of Meterpreter. Additionally, the native system language is now populated in the...

CVE-2017-8849

CVE-2017-8849 affects smb4k, a KDE SMB/CIFS share browser. A logic flaw in the mount helper binary (typically installed setuid) may allow a local user to execute arbitrary commands as root by abusing mount command handling. Public advisories (Debian DSA-3951-1, Mageia, Gentoo GLSA, Fedora package...

The vulnerability of the Linux operating system, which allows a perpetrator to trigger a service failure or cause other effects.

The vulnerability in the driver drivers/media/usb/dvb-usb-v2/dvbusbcore.c of the Linux operating system arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor, operating locally, to improperly interact with the...

Intel Management Engine Insecure Read / Write Operations RCE (INTEL-SA-00075) (remote check)

The Intel Management Engine on the remote host has Active Management Technology AMT enabled, and according to its self-reported version in the banner, it is running Intel manageability firmware version 6.x prior to 6.2.61.3535, 7.x prior to 7.1.91.3272, 8.x prior to 8.1.71.3608, 9.0.x or 9.1.x...

CVE-2017-8418

CVE-2017-8418 : RuboCop 0.48.1 and earlier fails to use /tmp safely, allowing local users to tamper with other users’ cache files. Affects RuboCop versions up to and including 0.48.1; impact is local, privilege-impacting to the cache. The provided documents describe the vulnerability but do not i...

CVE-2014-9680

CVE-2014-9680 : sudo before 1.8.12 fails to sanitize the TZ environment variable, allowing a local attacker to bypass restrictions and potentially cause a denial of service or read/open unauthorized files via a sudo session. Connected advisories/docs corroborate local-execution impact and recomme...

CVE-2017-0563

An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing...

Privilege escalation

An elevation of privilege vulnerability in the kernel ION subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing th...

The vulnerability of the Linux operating system, which allows a hacker to trigger a service failure

The vulnerability of the keyringsearchaux function in the Linux operating system’s security/keys/keyring.c file is related to pointer dereferencing errors. Exploiting this vulnerability could allow an attacker, operating locally, to trigger a service failure dereferencing the null pointer through...

NixOS Local Elevation of Privilege Vulnerability

NixOS is a distribution of the Linux system. A security vulnerability exists in version 17.03 of NixOS prior to 17.03.887. A local attacker can exploit the vulnerability to gain privileges by executing the docker command...

The vulnerability of the Windows operating system, which allows a hacker to increase their privileges

The vulnerability of Windows operating system’s kernel mode drivers is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor, operating locally, to enhance their privileges through a specially created application...

The vulnerability of the Windows operating system, which allows a hacker to increase their privileges

The vulnerability of Windows operating system’s kernel mode drivers is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor, operating locally, to enhance their privileges through a specially created application...

CVE-2017-6459

The Windows installer for NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via vectors related to an argument with multiple null bytes...