81 matches found
SUSE-SU-2019:13976-1 Security update for supportutils
This update for supportutils fixes the following issues: Security vulnerabilities fixed: - CVE-2018-19636: Local root exploit via inclusion of attacker controlled shell script bsc1117751 - CVE-2018-19640: Users can kill arbitrary processes bsc1118463 - CVE-2018-19638: User can overwrite arbitrary...
Code injection
AVEVA Software, LLC InduSoft Web Studio prior to Version 8.1 SP3 and InTouch Edge HMI formerly InTouch Machine Edition prior to Version 2017 Update. An unauthenticated remote user could use a specially crafted database connection configuration file to execute an arbitrary process on the server...
CVE-2019-6545
AVEVA Software, LLC InduSoft Web Studio prior to Version 8.1 SP3 and InTouch Edge HMI formerly InTouch Machine Edition prior to Version 2017 Update. An unauthenticated remote user could use a specially crafted database connection configuration file to execute an arbitrary process on the server...
CVE-2019-6545
AVEVA Software, LLC InduSoft Web Studio prior to Version 8.1 SP3 and InTouch Edge HMI formerly InTouch Machine Edition prior to Version 2017 Update. An unauthenticated remote user could use a specially crafted database connection configuration file to execute an arbitrary process on the server...
Stack overflow
InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI formerly InTouch Machine Edition versions prior to 2017 SP2. A remote attacker could send a carefully crafted packet to exploit a stack-based buffer overflow vulnerability during tag, alarm, or event related actions such as read...
CVE-2017-14102
MIMEDefang 2.80 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill cat /pathname" command, as...
CVE-2017-9769
A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse 2.20.15.1104 that is forwarded to ZwOpenProcess allowing a handle to be opened to an arbitrary process...
CVE-2017-9769
A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse 2.20.15.1104 that is forwarded to ZwOpenProcess allowing a handle to be opened to an arbitrary process...
CVE-2017-9769
CVE-2017-9769 affects Razer Synapse, where a crafted IOCTL sent to the rzpnk.sys driver is forwarded to ZwOpenProcess, allowing opening a handle to an arbitrary process and enabling local privilege escalation. Public materials describe reading/writing memory and potential code execution via a hoo...
CVE-2017-9769
A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse 2.20.15.1104 that is forwarded to ZwOpenProcess allowing a handle to be opened to an arbitrary process...
CVE-2017-9769
A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse 2.20.15.1104 that is forwarded to ZwOpenProcess allowing a handle to be opened to an arbitrary process. Recent assessments: zeroSteiner at November 21, 2019 11:14pm UTC reported: Analysis The Razer rzpnk.sys driver...
CVE-2017-11747
CVE-2017-11747 affects Tinyproxy (1.8.4 and older): main.c creates /run/tinyproxy/tinyproxy.pid after dropping privileges to a non-root account, allowing local users to modify the PID file and potentially kill the process via a root script that executes kill cat /run/tinyproxy/tinyproxy.pid. Seve...
Microsoft Windows - COM Session Moniker Privilege Escalation (MS17-012) Exploit
Exploit for windows platform in category local exploits / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1021 Windows: COM Session Moniker EoP Platform: Tested on Windows 10 14393, Server 2012 R2 Class: Elevation of Privilege Summary: When activating an object using the session...
Microsoft Windows - COM Session Moniker Privilege Escalation (MS17-012)
Microsoft Windows - COM Session Moniker Privilege Escalation MS17-012 / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1021 Windows: COM Session Moniker EoP Platform: Tested on Windows 10 14393, Server 2012 R2 Class: Elevation of Privilege Summary: When activating an object usi...
LEN-7814 Lenovo Solution Center Arbitrary Process Termination or Code Execution by Unprivileged Local Users - Lenovo Support MY
No description provided...
Interpretation of the Lenovo preinstalled programs LSC of the three CVE high-risk vulnerabilities-vulnerability warning-the black bar safety net
! Lenovo PC comes with the program Lenovo Solution Center LSC once in the last year was broke serious security issues. Recently, the program of the plurality of security lead to a three CVE high-risk vulnerabilities three vulnerabilities allow the attacker to achieve providing the right to operat...
kernel: partial ASLR bypass through TLS base addresses leak
An information leak flaw was found in the way the Linux kernel changed certain segment registers and thread-local storage TLS during a context switch. A local, unprivileged user could use this flaw to leak the user space TLS base address of an arbitrary process...
gollum-grit_adapter Search Functionality Allows Arbitrary Command Execution
The gollum-gritadapter gem contains a flaw that can allow arbitrary command execution. Grit implements its search functionality by shelling out to git grep. In turn, git grep takes a -O or --open-files-in-pages option that will pipe the results of grep to an arbitrary process. By failing to...
Mandriva Linux Security Advisory : python (MDVSA-2014:135)
Updated python and python-simplejson package fixes security vulnerability Python are susceptible to arbitrary process memory reading by a user or adversary due to a bug in the json module caused by insufficient bounds checking. The bug is caused by allowing the user to supply a negative value tha...
Updated python & python3 packages fix two vulnerabilities
Updated python and python3 packages fix security vulnerabilities: Python 2 and 3 are susceptible to arbitrary process memory reading by a user or adversary due to a bug in the json module caused by insufficient bounds checking. The bug is caused by allowing the user to supply a negative value tha...