Lucene search
K

473 matches found

NVD
NVD
added 2018/05/04 5:29 p.m.22 views

CVE-2018-10739

An issue was discovered in Shanghai 2345 Security Guard 3.7.0. 2345MPCSafe.exe allows local users to bypass intended process protections, and consequently terminate process, because WMSYSCOMMAND is not properly considered...

5.5CVSS5.4AI score0.00357EPSS
Exploits1References1
Prion
Prion
added 2018/05/04 5:29 p.m.20 views

Design/Logic Flaw

An issue was discovered in Shanghai 2345 Security Guard 3.7.0. 2345MPCSafe.exe allows local users to bypass intended process protections, and consequently terminate process, because WMSYSCOMMAND is not properly considered...

2.1CVSS5.4AI score0.00357EPSS
Exploits1References1Affected Software1
FireEye
FireEye
added 2018/02/15 4:30 p.m.170 views

CVE-2017-10271 Used to Deliver CryptoMiners: An Overview of Techniques Used Post-Exploitation and Pre-Mining

Introduction FireEye researchers recently observed threat actors abusing CVE-2017-10271 to deliver various cryptocurrency miners. CVE-2017-10271 is a known input validation vulnerability that exists in the WebLogic Server Security Service WLS Security in Oracle WebLogic Server versions 12.2.1.2.0...

9.3CVSS8.6AI score0.99993EPSS
Exploits100References4
CNVD
CNVD
added 2018/02/05 12:0 a.m.2 views

Damon database suffers from an override modification process vulnerability (CNVD-2018-03645)

DM7 is a new-generation database product designed by Damon on the basis of summarizing the R&D and application experience of DM series products, absorbing the advantages of mainstream database products, and adopting JAVA-like virtual machine technology. DM7 database has the loophole of oversteppi...

6.8AI score
Exploits0
CNVD
CNVD
added 2017/10/10 12:0 a.m.2 views

Kannel Arbitrary Process Termination Vulnerability

Kannel is an open source WAP and SMS gateway from the Kannel team. A security vulnerability exists in Kannel 1.5.0 and earlier versions, which stems from a program that creates a PID file after downgrading an account to a non-root account. A local attacker can exploit the vulnerability to termina...

7.8CVSS7.3AI score0.00407EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2017/09/13 4:48 p.m.20 views

CVE-2016-3104

mongod in MongoDB 2.6, when using 2.4-style users, and 2.4 allow remote attackers to cause a denial of service memory consumption and process termination by leveraging in-memory database representation when authenticating against a non-existent database...

7.5CVSS5.2AI score0.02489EPSS
Exploits0References1
OSV
OSV
added 2017/08/23 9:29 p.m.2 views

CVE-2017-13649

UnrealIRCd 4.0.13 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill cat /pathname" command. NOTE: t...

5.5CVSS6AI score0.00284EPSS
Exploits0References2
OSV
OSV
added 2017/07/30 4:29 p.m.5 views

CVE-2017-11746

Tenshi 0.15 creates a tenshi.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for tenshi.pid modification before a root script executes a "kill cat /pathname/tenshi.pid" command...

7.5CVSS7.4AI score
Exploits0References2
OSV
OSV
added 2017/07/30 4:29 p.m.2 views

DEBIAN-CVE-2017-11747

main.c in Tinyproxy 1.8.4 and earlier creates a /run/tinyproxy/tinyproxy.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for tinyproxy.pid modification before a root script executes a...

5.5CVSS6.7AI score0.00292EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2017/04/14 6:59 p.m.20 views

CVE-2016-3104

mongod in MongoDB 2.6, when using 2.4-style users, and 2.4 allow remote attackers to cause a denial of service memory consumption and process termination by leveraging in-memory database representation when authenticating against a non-existent database...

7.5CVSS7.1AI score0.02489EPSS
Exploits0References2
OSV
OSV
added 2017/04/14 6:59 p.m.13 views

CVE-2016-3104

mongod in MongoDB 2.6, when using 2.4-style users, and 2.4 allow remote attackers to cause a denial of service memory consumption and process termination by leveraging in-memory database representation when authenticating against a non-existent database...

7.5CVSS6.8AI score
Exploits0References3
Debian CVE
Debian CVE
added 2017/04/14 6:0 p.m.38 views

CVE-2016-3104

Removed by vendor...

7.5CVSS7.6AI score0.02489EPSS
Exploits0
Packet Storm
Packet Storm
added 2017/03/30 12:0 a.m.40 views

Linux Kernel (Ubuntu 14.04 LTS) SIGIO Signal

Title: Linux Kernel Ubuntu 14.04 LTS - Send a SIGIO Signal to process + Credits / Discovery: Nassim Asrir + Author Email: [email protected] || https://www.linkedin.com/in/nassim-asrir-b73a57122/ + Author Company: Henceforth + CVE: CVE-2017-7319 Vulnerable Version: =================== Kernel:...

Exploits1
Cvelist
Cvelist
added 2017/03/17 10:0 p.m.25 views

CVE-2017-3879

A Denial of Service vulnerability in the remote login functionality for Cisco NX-OS Software running on Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause a process used for login to terminate unexpectedly and the login attempt to fail. There is no impact to...

5.3AI score0.02048EPSS
Exploits0References3
NVD
NVD
added 2017/02/13 9:59 p.m.17 views

CVE-2016-8344

An issue was discovered in Honeywell Experion Process Knowledge System PKS platform: Experion PKS, Release 3xx and prior, Experion PKS, Release 400, Experion PKS, Release 410, Experion PKS, Release 430, and Experion PKS, Release 431. Experion PKS does not properly validate input. By sending a...

4.3CVSS4.1AI score0.01546EPSS
Exploits0References2
CVE
CVE
added 2017/02/13 9:0 p.m.46 views

CVE-2016-8344

CVE-2016-8344 affects Honeywell Experion PKS (Release 3xx and prior; 400, 410, 430, 431) where input is not properly validated. A specially crafted packet could cause the process to terminate, and a successful exploit would prevent firmware uploads to Series-C devices. Exploitation is listed as r...

4.3CVSS4.3AI score0.01546EPSS
Exploits0References2Affected Software1
Exploit DB
Exploit DB
added 2017/01/29 12:0 a.m.47 views

Linux - Multi/Dual mode execve("/bin/sh", NULL, 0) Shellcode (37 bytes)

Linux - Multi/Dual mode execve"/bin/sh", NULL, 0 Shellcode 37 bytes. Shellcode exploit for Linux platform / Copyright © 2017 Odzhan. All Rights Reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:...

7.4AI score
Exploits0
Lenovo
Lenovo
added 2017/01/19 12:0 a.m.3 views

LEN-7814 Lenovo Solution Center Arbitrary Process Termination or Code Execution by Unprivileged Local Users - Lenovo Support MY

No description provided...

6.5AI score
Exploits0
NVD
NVD
added 2016/10/13 2:59 p.m.19 views

CVE-2016-3638

SAP SLD Registration Program aka SLDREG allows local users to cause a denial of service memory corruption and process termination via a crafted HOST parameter, aka SAP Security Note 2125623...

5.5CVSS5.5AI score0.00495EPSS
Exploits0References5
CVE
CVE
added 2016/10/13 2:0 p.m.41 views

CVE-2016-3638

SAP SLD Registration Program (SLDREG) is the affected component. The issue enables a local attacker to cause a denial of service via a crafted HOST parameter, due to memory corruption and process termination. The root cause is the handling of the HOST parameter within SLDREG. The impact is a loca...

5.5CVSS5.4AI score0.00495EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder