Coral 安全漏洞

coral is an open source project. Improve the community on your website through smart technology, effective design, and efficient strategy. A security vulnerability exists in Coral Talk 4 versions prior to 4.12.1, which stems from the use of incorrect data types for program privilege checking, and...

Google Android elevation of privilege vulnerability (CNVD-2021-43383)

Google Android is a Linux-based open source operating system from the Google Open Handheld Alliance Google. Google Android suffers from an elevation of privilege vulnerability. The vulnerability is caused due to a privilege checking error in the memory management driver. An attacker could exploit...

SUSE: Security Advisory (SUSE-SU-2018:2976-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from the Google Open Handheld Alliance Google. Google Android suffers from an elevation of privilege vulnerability. The vulnerability is caused due to a privilege checking error in the memory management driver. An attacker could exploit...

CloudBees Jenkins Config File Provider Plugin Privilege Checking Vulnerability (CNVD-2021-31659)

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Config File Provider Plugin is used in one of...

Jenkins Config File Provider Plugin 安全漏洞

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Config File Provider Plugin is used in one of...

MediaTek netdiag Information Disclosure Vulnerability

MediaTek netdiag is an application chip from MediaTek China. Improved processing capabilities. A security vulnerability exists in MediaTek netdiag. The vulnerability stems from a lack of privilege checking and could lead to the disclosure of local information with required system execution...

Google Android 安全特征问题漏洞

Google Android is a Linux-based open source operating system from the USGoogleOpen Handheld Alliance Google. Google Android/Pixel has a security vulnerability that stems from a lack of privilege checking in Telephony, which could bypass privileges. This could lead to local privilege escalation...

JetBrains TeamCity Improper Privilege Checking Vulnerability (CNVD-2021-09319)

TeamCity is a Java-based build management and continuous integration server from JetBrains. JetBrains TeamCity versions prior to 2020.2.1 are vulnerable to improper privilege checking during token deletion. No details of the vulnerability are provided at this time...

JetBrains TeamCity 安全漏洞

TeamCity is a Java-based build management and continuous integration server from JetBrains. JetBrains TeamCity versions prior to 2020.2.1 are vulnerable to improper privilege checking during user deletion. No details of the vulnerability are provided at this time...

Google Android actory reset protection privilege checking vulnerability

Android is a Linux-based open source operating system from Google and the Open Handheld Alliance OHA. A privilege checking vulnerability exists in Android-11 version factory reset protection. The vulnerability stems from a lack of privilege checking, which allows an attacker to bypass the FRP,...

FreeBSD : FreeBSD -- Insufficient oce(4) ioctl(2) privilege checking (3c10ccdf-6a09-11ea-92ab-00163e433440)

The driver-specific ioctl2 command handlers in oce4 failed to check whether the caller has sufficient privileges to perform the corresponding operation. Impact : The oce4 handler permits unprivileged users to send passthrough commands to device firmware. C Tenable Network Security, Inc. The...

FreeBSD : FreeBSD -- Insufficient ixl(4) ioctl(2) privilege checking (b2b83761-6a09-11ea-92ab-00163e433440)

The driver-specific ioctl2 command handlers in ixl4 failed to check whether the caller has sufficient privileges to perform the corresponding operation. Impact : The ixl4 handler permits unprivileged users to trigger updates to the device's non-volatile memory NVM. C Tenable Network Security, Inc...

FreeBSD -- Insufficient oce(4) ioctl(2) privilege checking

Problem Description: The driver-specific ioctl2 command handlers in oce4 failed to check whether the caller has sufficient privileges to perform the corresponding operation. Impact: The oce4 handler permits unprivileged users to send passthrough commands to device firmware...

FreeBSD-SA-20:05.if_oce_ioctl

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-20:05.ifoceioctl Security Advisory The FreeBSD Project Topic: Insufficient oce4 ioctl2 privilege checking Category: core Module: oce4 Announced: 2020-03-19...

FreeBSD-SA-20:06.if_ixl_ioctl

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-20:06.ifixlioctl Security Advisory The FreeBSD Project Topic: Insufficient ixl4 ioctl2 privilege checking Category: core Module: ixl4 Announced: 2020-03-19...

FreeBSD -- Insufficient ixl(4) ioctl(2) privilege checking

Problem Description: The driver-specific ioctl2 command handlers in ixl4 failed to check whether the caller has sufficient privileges to perform the corresponding operation. Impact: The ixl4 handler permits unprivileged users to trigger updates to the device's non-volatile memory NVM...

Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2019-1004)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2019-1087)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Unspecified Vulnerability in CloudBees Jenkins Support Core Plugin

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software release/testing projects and some of the timed tasks . Support Core Plugin is used in one of them to...