499 matches found
CVE-2018-7716
PrivateVPN 2.0.31 for macOS suffers from a root privilege escalation vulnerability with its com.privat.vpn.helper privileged helper tool. This privileged helper tool implements an XPC service that allows arbitrary installed applications to connect and send messages. The XPC service extracts the...
CVE-2018-7715
PrivateVPN 2.0.31 for macOS suffers from a root privilege escalation vulnerability with its com.privat.vpn.helper privileged helper tool. This privileged helper tool implements an XPC service that allows arbitrary installed applications to connect and send messages. The XPC service extracts the...
CVE-2018-7715
CVE-2018-7715 affects PrivateVPN 2.0.31 for macOS via the com.privat.vpn.helper XPC service. The XPC interface allows arbitrary installed apps to connect and send a message containing a path string intended to point to PrivateVPN’s internal openvpn binary. If no connection has been established ye...
CVE-2018-7493
CVE-2018-7493 affects CactusVPN for macOS (version 6.0 and earlier) via a privileged helper tool. The tool exposes an XPC interface that allows arbitrary applications to execute system commands as root, enabling root privilege escalation. Connected sources (CNVD/NVD entries) corroborate the root-...
CVE-2018-7281
CactusVPN 5.3.6 for macOS contains a root privilege escalation vulnerability through a setuid root binary called runme. The binary takes a single command line argument and passes this argument to a system call, thus allowing low privileged users to execute commands as root...
CVE-2018-7311
PrivateVPN 2.0.31 for macOS suffers from a root privilege escalation vulnerability. The software installs a privileged helper tool that runs as the root user. This privileged helper tool is installed as a LaunchDaemon and implements an XPC service. The XPC service is responsible for handling new...
CVE-2018-7281
CactusVPN 5.3.6 for macOS contains a root privilege escalation vulnerability through a setuid root binary called runme. The binary takes a single command line argument and passes this argument to a system call, thus allowing low privileged users to execute commands as root...
CVE-2018-7281
CVE-2018-7281 affects CactusVPN 5.3.6 for macOS . A setuid root binary named runme takes a single command line argument and passes it to a system() call, enabling a low-privileged user to execute commands with root privileges . This is a root privilege escalation vulnerability. The provided docum...
macOS Kernel - Use-After-Free Due to Lack of Locking in AppleEmbeddedOSSupportHostClient::registerNotificationPort
macOS Kernel - Use-After-Free Due to Lack of Locking in AppleEmbeddedOSSupportHostClient::registerNotificationPort / AppleEmbeddedOSSupportHost.kext is presumably involved in the communication with the OS running on the touch bar on new MBP models. Here's the userclient's registerNotificationPort...
CVE-2017-14179
Apport before 2.13 does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion, possibly gain root privileges, or escape from containers...
Hashicorp vagrant-vmware-fusion 4.0.24 - Local root Privilege Escalation Exploit
Exploit for macOS platform in category local exploits I have previously disclosed a couple of bugs in Hashicorp's vagrant-vmware-fusion plugin for vagrant. Unfortunately the 4.0.23 release which was supposed to fix the previous bug I reported didn't address the issue, so Hashicorp quickly put out...
macOS High Sierra - Root Privilege Escalation (CVE-2017-13872)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Mac OS X Root Privilege Escalation', 'Description' = %q This module exploits a serious flaw in MacOSX High Sierra. Any user can login with user...
Mac OS X Root Privilege Escalation
This module exploits a serious flaw in MacOSX High Sierra. Any user can login with user "root", leaving an empty password. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Mac OS X Root Privileg...
Design/Logic Flaw
The webupgrade function on the Cohu 3960HD does not verify the firmware upgrade files or process, allowing an attacker to upload a specially crafted postinstall.sh file that will be executed with "root" privileges...
Debian DSA-4023-1 : slurm-llnl - security update
Ryan Day discovered that the Simple Linux Utility for Resource Management SLURM, a cluster resource management and job scheduling system, does not properly handle SPANK environment variables, allowing a user permitted to submit jobs to execute code as root during the Prolog or Epilog. All systems...
SchedMD Slurm Elevation of Privilege Vulnerability
SchedMD Slurm is SchedMD's open source and highly scalable cluster management and job scheduling system for large and small Linux clusters. A security vulnerability exists in SchedMD Slurm versions prior to 16.05.11, 17.x versions prior to 17.02.9, and 17.11.x versions prior to 17.11.0rc2. An...
Sera 1.2 Local Root / Password Disclosure
Sera is a free app for mac and iOS that lets you unlock your mac automatically when your iphone is within a configured proximity. Unfortunately to facilitate this it stores the users login password in their home directory at: /Library/Preferences/no.ignitum.SeraOSX.plist This makes root privilege...
UBUNTU-CVE-2017-15566
Insecure SPANK environment variable handling exists in SchedMD Slurm before 16.05.11, 17.x before 17.02.9, and 17.11.x before 17.11.0rc2, allowing privilege escalation to root during Prolog or Epilog execution...
D-link ten vulnerabilities 0Day studies attach detailed procedures-vulnerability warning-the black bar safety net
Security researcher Pierre Kim recently revealed the D-Link DIR 850LAC1200-Type Dual-Band Gigabit cloud router is exposed 10 a safety score comprisesXSSattack invasion, shortage of proper firmware cover, back door and root mention the right. Here are 10 Safety scores are: Firmware to. The firmwar...
Code injection
syscheck/seechanges.c in OSSEC 2.7 through 2.8.1 on NIX systems allows local users to execute arbitrary code as root...