211 matches found
PT-2025-38638
Name of the Vulnerable Software and Affected Versions Starch versions 0.14 and earlier Description Starch generates session IDs insecurely. The default session ID generator returns a SHA-1 hash seeded with a counter, the epoch time, the built-in rand function, the PID, and internal Perl reference...
Linux Distros Unpatched Vulnerability : CVE-2017-14610
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bareos-dir, bareos-fd, and bareos-sd in bareos-core in Bareos 16.2.6 and earlier create a PID file after dropping privileges to a non-root account, which might...
CVE-2025-9934
A vulnerability was found in TOTOLINK X5000R 9.1.0cu.2415B20250515. This affects the function sub410C34 of the file /cgi-bin/cstecgi.cgi. Performing manipulation of the argument pid results in command injection. Remote exploitation of the attack is possible. The exploit has been made public and...
FreeBSD : p5-Authen-SASL -- Insecure source of randomness (defe9a20-781e-11f0-97c4-40b034429ecf)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the defe9a20-781e-11f0-97c4-40b034429ecf advisory. p5-Authen-SASL project reports: Authen::SASL::Perl::DIGESTMD5 versions 2.04 through 2.1800 for Perl...
DEBIAN-CVE-2025-40924
Catalyst::Plugin::Session before version 0.44 for Perl generates session ids insecurely. The session id is generated from a usually SHA-1 hash of a simple counter, the epoch time, the built-in rand function, the PID and the current Catalyst context. This information is of low entropy. The PID wil...
UBUNTU-CVE-2025-40924
Catalyst::Plugin::Session before version 0.44 for Perl generates session ids insecurely. The session id is generated from a usually SHA-1 hash of a simple counter, the epoch time, the built-in rand function, the PID and the current Catalyst context. This information is of low entropy. The PID wil...
UBUNTU-CVE-2025-40923
Plack-Middleware-Session before version 0.35 for Perl generates session ids insecurely. The default session id generator returns a SHA-1 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epoch time may be guessed, if i...
PT-2025-6417 · Amd +1 · Amd Crash Defender +1
Name of the Vulnerable Software and Affected Versions: AMD Crash Defender affected versions not specified Description: The issue is related to improper input validation in AMD Crash Defender, which could allow an attacker to provide the Windows system process ID to a kernel-mode driver. This coul...
AMD Graphics Driver 输入验证错误漏洞
AMD Graphics Driver is an integrated graphics driver from UltraMicroelectronics AMD. AMD Graphics Driver suffers from an input validation error vulnerability that stems from incorrect input validation could allow an attacker to provide the Windows® system process ID to the kernel-mode driver, whi...
PT-2024-38682 · Unknown · Sensei Mac Cleaner
Name of the Vulnerable Software and Affected Versions: Sensei Mac Cleaner affected versions not specified Description: The issue allows an attacker to perform multiple operations as the root user, including arbitrary file deletion and writing, loading and unloading daemons, manipulating file...
Vivo Fibra Askey RTF8225VW Command Execution
--- Exploit 1 Documentation on the Vivo Fibra Modem Exploit I discovered an exploit that allows access to the sh shell on the Vivo Fibra modem. This method essentially involves terminating the aspsh shell and invoking sh using the output of cat /dev/null. Using the pipe | is crucial for this...
Apache bRPC 输入验证错误漏洞
Apache bRPC is the United States Apache Apache Foundation's industrial-grade RPC framework for building reliable and high-performance services. An input validation error vulnerability exists in Apache bRPC that stems from improper input validation in the product and can be exploited by an attacke...
Shimo VPN 授权问题漏洞
Shimo VPN is a VPN Virtual Private Network software for macOS platform. Mailbutler GmbH Shimo VPN Client for macOS version v5.0.4 suffers from a security vulnerability that stems from a vulnerability in the help tool that allows attackers to bypass authentication via PID reuse...
SUSE CVE-2011-1784
The pidfilewrite function in core/pidfile.c in keepalived 1.2.2 and earlier uses 0666 permissions for the 1 keepalived.pid, 2 checkers.pid, and 3 vrrp.pid files in /var/run/, which allows local users to kill arbitrary processes by writing a PID to one of these files...
SUSE CVE-2014-1832
Phusion Passenger 4.0.37 allows local users to write to certain files and directories via a symlink attack on 1 controlprocess.pid or a 2 generation- file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-1831...
SUSE CVE-2017-14159
slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill cat /pathname" command, ...
SUSE CVE-2019-2389
Incorrect scoping of kill operations in MongoDB Server's packaged SysV init scripts allow users with write access to the PID file to insert arbitrary PIDs to be killed when the root user stops the MongoDB process via SysV init. This issue affects MongoDB Server v4.0 versions prior to 4.0.11;...
SUSE CVE-2019-15790
Apport reads and writes information on a crashed process to /proc/pid with elevated privileges. Apport then determines which user the crashed process belongs to by reading /proc/pid through getpidinfo in data/apport. An unprivileged user could exploit this to read information about a privileged...
SUSE CVE-2020-15702
TOCTOU Race Condition vulnerability in apport allows a local attacker to escalate privileges and execute arbitrary code. An attacker may exit the crashed process and exploit PID recycling to spawn a root process with the same PID as the crashed process, which can then be used to escalate...
SUSE CVE-2020-28935
NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack. When writing the PID file, Unbound and NSD create the file if it is not there, or open an existing file for...