674 matches found
Memory corruption
In canvas rendering, a compromised content process could have caused a surface to change unexpectedly, leading to a memory leak of a privileged process. This memory leak could be used to effect a sandbox escape if the correct data was leaked. This vulnerability affects Firefox 118...
UBUNTU-CVE-2023-5168
A compromised content process could have provided malicious data to FilterNodeD2D1 resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. This bug only affects Firefox on Windows. Other operating systems are unaffected. This vulnerability affects...
CVE-2023-5173
In a non-standard configuration of Firefox, an integer overflow could have occurred based on network traffic possibly under influence of a local unprivileged webpage, leading to an out-of-bounds write to privileged process memory. This bug only affects Firefox if a non-standard preference allowin...
CVE-2023-5170
In canvas rendering, a compromised content process could have caused a surface to change unexpectedly, leading to a memory leak of a privileged process. This memory leak could be used to effect a sandbox escape if the correct data was leaked. This vulnerability affects Firefox 118...
CVE-2023-5169
A compromised content process could have provided malicious data in a PathRecording resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. This vulnerability affects Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3...
CVE-2023-5169
A compromised content process could have provided malicious data in a PathRecording resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. This vulnerability affects Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3...
CVE-2023-5168
A compromised content process could have provided malicious data to FilterNodeD2D1 resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. This bug only affects Firefox on Windows. Other operating systems are unaffected. This vulnerability affects...
Mozilla Firefox Security Vulnerability
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox that stems from a memory leak in the presence of a privileged process...
xrdp -- unchecked access to font glyph info
xrdp team reports: Access to the font glyphs in xrdppainter.c is not bounds-checked. Since some of this data is controllable by the user, this can result in an out-of-bounds read within the xrdp executable. The vulnerability allows an out-of-bounds read within a potentially privileged process. On...
Mozilla Thunderbird < 115.3
The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 115.3. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-43 advisory. - Memory safety bugs present in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2. Some of these bugs...
Mozilla Thunderbird < 115.3
The version of Thunderbird installed on the remote Windows host is prior to 115.3. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-43 advisory. - Memory safety bugs present in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2. Some of these bugs showed...
Mozilla Firefox < 118.0
The version of Firefox installed on the remote Windows host is prior to 118.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-41 advisory. - Memory safety bugs present in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2. Some of these bugs showed evidenc...
Mozilla Firefox < 118.0
The version of Firefox installed on the remote macOS or Mac OS X host is prior to 118.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-41 advisory. - Memory safety bugs present in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2. Some of these bugs show...
RUSTSEC-2023-0018 Race Condition Enabling Link Following and Time-of-check Time-of-use (TOCTOU)
The removedirall crate is a Rust library that offers additional features over the Rust standard library fs::removedirall function. It was possible to trick a privileged process doing a recursive delete in an attacker controlled directory into deleting privileged files, on all operating systems. F...
K12130880: BIG-IP APM client for Linux and macOS vulnerability CVE-2018-15332
Security Advisory Description The svpn component of the F5 BIG-IP APM client prior to version 7.1.7.2 for Linux and macOS runs as a privileged process and can allow an unprivileged user to get ownership of files owned by root on the local client host in a race condition. CVE-2018-15332 Impact A...
K54431371: BIG-IP APM client for Linux and macOS vulnerability CVE-2018-5546
Security Advisory Description The svpn and policyserver components of the F5 BIG-IP APM client prior to version 7.1.7.1 for Linux and macOS runs as a privileged process and can allow an unprivileged user to get ownership of files owned by root on the local client host. CVE-2018-5546 Impact A...
SUSE CVE-2016-8405
An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising ...
SUSE CVE-2017-0627
An information disclosure vulnerability in the kernel UVC driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10,...
SUSE CVE-2019-11483
Sander Bos discovered Apport mishandled crash dumps originating from containers. This could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user...
SUSE CVE-2019-15790
Apport reads and writes information on a crashed process to /proc/pid with elevated privileges. Apport then determines which user the crashed process belongs to by reading /proc/pid through getpidinfo in data/apport. An unprivileged user could exploit this to read information about a privileged...