CVE-2022-22750

By generally accepting and passing resource handles across processes, a compromised content process might have confused higher privileged processes to interact with handles that the unprivileged process should not have access to. This bug only affects Firefox for Windows and MacOS. Other operatin...

CVE-2002-2042

ptrace in the QNX realtime operating system RTOS 4.25 and 6.1.0 allows programs to attach to privileged processes, which could allow local users to execute arbitrary code by modifying running processes...

UBUNTU-CVE-2025-46805

Screen version 5.0.0 and older version 4 releases have a TOCTOU race potentially allowing to send SIGHUP, SIGCONT to privileged processes when installed setuid-root...

[SECURITY] Fedora 38 Update: polkit-122-3.fc38.1

polkit is a toolkit for defining and handling authorizations. It is used for allowing unprivileged processes to speak to privileged processes...

SUSE CVE-2018-6080

Lack of access control checks in Instrumentation in Google Chrome prior to 65.0.3325.146 allowed a remote attacker who had compromised the renderer process to obtain memory metadata from privileged processes...

SUSE CVE-2022-22750

By generally accepting and passing resource handles across processes, a compromised content process might have confused higher privileged processes to interact with handles that the unprivileged process should not have access to.This bug only affects Firefox for Windows and MacOS. Other operating...

Moderate: Red Hat Security Advisory: polkit security update

An update for polkit is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

RLSA-2022:1546 Moderate: polkit security update

The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones. Security Fixes: polkit: file descriptor leak allows an unprivileged user to cause a crash...

Fedora: Security Advisory for polkit (FEDORA-2022-5e6d5fe680)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 35 Update: polkit-0.120-1.fc35.2

polkit is a toolkit for defining and handling authorizations. It is used for allowing unprivileged processes to speak to privileged processes...

[SECURITY] Fedora 34 Update: polkit-0.117-3.fc34.2

polkit is a toolkit for defining and handling authorizations. It is used for allowing unprivileged processes to speak to privileged processes...

Google Android 安全漏洞

Android is a Linux-based open source operating system developed by Google Inc. and the Open Handset Alliance OHA. an elevation of privilege vulnerability exists in the Framework component of Google Android. An attacker could exploit this vulnerability to execute arbitrary code in the context of a...

kernel: fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent

A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while filtering signal handlers. A local attacker is able to abuse this flaw to bypass checks to send any signal to a privileged process...

Fedora: Security Advisory for polkit (FEDORA-2021-3f8d6016c9)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-1528

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges on an affected system. This vulnerability exists because the affected software does not properly restrict access to privileged processes. An attacker could exploit this...

A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while filtering signal handlers. A local attacker is able to abuse this flaw to bypass checks to send any signal to a privileged process.

...

DEBIAN-CVE-2020-35508

A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while filtering signal handlers. A local attacker is able to abuse this flaw to bypass checks to send any signal to a privileged process...

AZL-6528 CVE-2020-35508 affecting package kernel for versions less than 5.10.78.1-1

A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while filtering signal handlers. A local attacker is able to abuse this flaw to bypass checks to send any signal to a privileged process...

CVE-2020-10140

Acronis True Image 2021 fails to properly set ACLs of the C:\ProgramData\Acronis directory. Because some privileged processes are executed from the C:\ProgramData\Acronis, an unprivileged user can achieve arbitrary code execution with SYSTEM privileges by placing a DLL in one of several paths...

Code injection

Acronis True Image 2021 fails to properly set ACLs of the C:\ProgramData\Acronis directory. Because some privileged processes are executed from the C:\ProgramData\Acronis, an unprivileged user can achieve arbitrary code execution with SYSTEM privileges by placing a DLL in one of several paths...