Lucene search
K

81 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

QNX 6.x 'ptrace()' Arbitrary Process Modification Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4919/info The QNX implementation of 'ptrace' is reportedly insecure. An unprivileged process may attach to a setuid program without restriction. Since the attaching process may view or edit memory, an attacker may exploit...

7.1AI score
Exploits0
UbuntuCve
UbuntuCve
added 2014/06/26 12:0 a.m.41 views

CVE-2014-4616

Array index error in the scanstring function in the json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the idx argument to the rawdecode function...

5.9CVSS6.9AI score0.08125EPSS
Exploits1References2
Hacker One
Hacker One
added 2014/05/16 11:14 p.m.58 views

Internet Bug Bounty: Python vulnerability: reading arbitrary process memory

Python 2 and 3 are susceptible to arbitrary process memory reading by a user or adversary due to a bug in the json module caused by insufficient bounds checking. The sole prerequisites of this attack are that the attacker is able to control or influence the two parameters of the default scanstrin...

4.3CVSS6.4AI score0.08125EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2013/01/08 4:10 a.m.62 views

Low: Red Hat Security Advisory: OpenIPMI security, bug fix, and enhancement update

Updated OpenIPMI packages that fix one security issue, multiple bugs, and add one enhancement are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which give...

3.6CVSS6.1AI score0.00434EPSS
Exploits0References7
Prion
Prion
added 2011/02/23 7:0 p.m.18 views

Directory traversal

The setup scripts in 389 Directory Server 1.2.x aka Red Hat Directory Server 8.2.x, when multiple unprivileged instances are configured, use 0777 permissions for the /var/run/dirsrv directory, which allows local users to cause a denial of service daemon outage or arbitrary process termination by...

4.7CVSS6.9AI score0.00294EPSS
Exploits0References4Affected Software2
Prion
Prion
added 2011/02/18 8:0 p.m.20 views

Design/Logic Flaw

The taskshowregs function in arch/s390/kernel/traps.c in the Linux kernel before 2.6.38-rc4-next-20110216 on the s390 platform allows local users to obtain the values of the registers of an arbitrary process by reading a status file under /proc/...

2.1CVSS6.5AI score0.00403EPSS
Exploits0References10Affected Software1
securityvulns
securityvulns
added 2008/07/29 12:0 a.m.55 views

iDefense Security Advisory 07.28.08: Hewlett-Packard OVIS Probe Builder Arbitrary Process Termination Vulnerability

iDefense Security Advisory 07.28.08 http://labs.idefense.com/intelligence/vulnerabilities/ Jul 28, 2008 I. BACKGROUND Hewlett-Packard's Internet Services provides end-user emulation of major business applications and a single integrated view of the Internet infrastructure. For more information,...

7.8CVSS0.1AI score0.03071EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2008/06/30 3:29 p.m.5 views

httpd scoreboard lack of PID protection

Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the workerscore and processscore arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka "SIGUSR1 killer."...

4.7CVSS7.3AI score0.03298EPSS
Exploits2References4
UbuntuCve
UbuntuCve
added 2008/06/16 7:41 p.m.23 views

CVE-2008-1379

Integer overflow in the fbShmPutImage function in the MIT-SHM extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to read arbitrary process memory via crafted values for a Pixmap width and height...

6.8CVSS7.3AI score0.01387EPSS
Exploits0References2
NVD
NVD
added 2008/06/16 7:41 p.m.19 views

CVE-2008-1379

Integer overflow in the fbShmPutImage function in the MIT-SHM extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to read arbitrary process memory via crafted values for a Pixmap width and height...

6.8CVSS7.5AI score0.01387EPSS
Exploits0References52
OSV
OSV
added 2008/06/16 7:41 p.m.7 views

CVE-2008-1379

Integer overflow in the fbShmPutImage function in the MIT-SHM extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to read arbitrary process memory via crafted values for a Pixmap width and height...

6.8CVSS6.6AI score0.01387EPSS
Exploits0References52
Debian CVE
Debian CVE
added 2007/06/20 10:0 p.m.36 views

CVE-2007-3304

Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the workerscore and processscore arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka "SIGUSR1 killer."...

4.7CVSS6.2AI score0.03298EPSS
Exploits2
Exploit DB
Exploit DB
added 2004/11/05 12:0 a.m.18 views

Monolith Lithtech Game Engine - Multiple Remote Format String Vulnerabilities

// source: https://www.securityfocus.com/bid/11610/info Lithtech game engine is prone to multiple remote format-string vulnerabilities because of incorrect usage of 'printf'-type functions. Format specifiers can be supplied directly to vulnerable functions from external data. A denial-of-service...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2004/02/22 12:0 a.m.32 views

Dell TrueMobile 1300 WLAN System 3.10.39.0 Tray Applet - Local Privilege Escalation

source: https://www.securityfocus.com/bid/9714/info It has been reported that a privilege escalation vulnerability exists in the Dell TrueMobile 1300 Wireless System Tray Applet. The issue is due to the software starting with SYSTEM privileges, to enable access to the wireless hardware, and...

7AI score
Exploits0
exploitpack
exploitpack
added 2003/10/02 12:0 a.m.17 views

Microsoft Windows XP2000 - PostThreadMessage() Arbitrary Process Killing

Microsoft Windows XP2000 - PostThreadMessage Arbitrary Process Killing // source: https://www.securityfocus.com/bid/8747/info A vulnerability has been discovered in the Microsoft Windows operating system. The flaw lies in the way that processes handle messages sent from another process via the...

0.2AI score
Exploits0
OSV
OSV
added 2003/06/27 12:0 a.m.139 views

DSA-332 linux-kernel-2.4.17 - several vulnerabilities

Bulletin has no description...

10CVSS5.2AI score0.73006EPSS
Exploits20
Exploit DB
Exploit DB
added 2002/06/03 12:0 a.m.39 views

QNX 6.x - 'ptrace()' Arbitrary Process Modification

source: https://www.securityfocus.com/bid/4919/info The QNX implementation of 'ptrace' is reportedly insecure. An unprivileged process may attach to a setuid program without restriction. Since the attaching process may view or edit memory, an attacker may exploit this issue to escalate privileges...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2001/05/24 12:0 a.m.9 views

Microsoft Windows Server 2000 - Debug Registers

Microsoft Windows Server 2000 - Debug Registers // source: https://www.securityfocus.com/bid/2764/info A vulnerability exists in the handling of debug registers in Windows 2000. It is possible for unprivileged processes to create breakpoints for arbitrary processes. This can be used to 'kill'...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2001/05/24 12:0 a.m.26 views

Microsoft Windows Server 2000 - Debug Registers

// source: https://www.securityfocus.com/bid/2764/info A vulnerability exists in the handling of debug registers in Windows 2000. It is possible for unprivileged processes to create breakpoints for arbitrary processes. This can be used to 'kill' arbitrary processes without administrative...

7.4AI score
Exploits0
CVE
CVE
added 2001/05/07 4:0 a.m.67 views

CVE-2001-0040

The CVE concerns apcupsd, where during startup the daemon creates /var/run/apcupsd.pid with world-writable permissions (mode 666). This allows a local attacker to overwrite the PID file with arbitrary process IDs, causing legitimate processes to be killed when apcupsd restarts or stops. The Mandr...

2.1CVSS6.3AI score0.00858EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder