Lucene search
+L

491 matches found

Positive Technologies
Positive Technologies
added 2019/07/24 12:0 a.m.6 views

PT-2019-17776 · Freebsd · Freebsd

Name of the Vulnerable Software and Affected Versions: FreeBSD versions prior to 12.0-RELEASE-p8 FreeBSD versions prior to 11.3-RELEASE-p1 FreeBSD versions prior to 11.2-RELEASE-p12 Description: The issue allows a malicious local user to gain root privileges or escape from a jail by causing the...

7.8CVSS7.7AI score0.00536EPSS
Exploits0References6
FreeBSD
FreeBSD
added 2019/07/24 12:0 a.m.26 views

FreeBSD -- File description reference count leak

Problem Description: If a process attempts to transmit rights over a UNIX-domain socket and an error causes the attempt to fail, references acquired on the rights are not released and are leaked. This bug can be used to cause the reference counter to wrap around and free the corresponding file...

7.8CVSS0.8AI score0.00536EPSS
Exploits0
canvas
canvas
added 2019/04/23 4:29 p.m.101 views

Immunity Canvas: SNAPD_UID_OVERWRITE

Name| snapduidoverwrite ---|--- CVE| CVE-2019-7304 Exploit Pack| CANVAS Description| snapduidoverwrite Notes| CVE Name: CVE-2019-7304 VENDOR: snapd team NOTES: The snapd service runs as an REST API using a Unix Domain Socket, is possible to send request when the uid is 0 root, the vulnerability i...

10CVSS9.4AI score0.57478EPSS
Exploits10
NVD
NVD
added 2019/02/12 5:29 a.m.15 views

CVE-2019-5596

In FreeBSD 11.2-STABLE after r338618 and before r343786, 12.0-STABLE before r343781, and 12.0-RELEASE before 12.0-RELEASE-p3, a bug in the reference count implementation for UNIX domain sockets can cause a file structure to be incorrectly released potentially allowing a malicious local user to ga...

8.8CVSS8.7AI score0.01229EPSS
Exploits4References2
Cvelist
Cvelist
added 2019/02/12 5:0 a.m.32 views

CVE-2019-5596

In FreeBSD 11.2-STABLE after r338618 and before r343786, 12.0-STABLE before r343781, and 12.0-RELEASE before 12.0-RELEASE-p3, a bug in the reference count implementation for UNIX domain sockets can cause a file structure to be incorrectly released potentially allowing a malicious local user to ga...

8.7AI score0.01229EPSS
Exploits4References2
NVD
NVD
added 2018/08/29 7:29 p.m.12 views

CVE-2018-6597

The Alcatel A30 device with a build fingerprint of TCL/5046G/MICKEY6US:7.0/NRD90M/J63:user/release-keys contains a hidden privilege escalation capability to achieve command execution as the root user. They have made modifications that allow a user with physical access to the device to obtain a ro...

7.2CVSS7AI score0.005EPSS
Exploits0References1
Prion
Prion
added 2018/08/29 7:29 p.m.20 views

Privilege escalation

The Alcatel A30 device with a build fingerprint of TCL/5046G/MICKEY6US:7.0/NRD90M/J63:user/release-keys contains a hidden privilege escalation capability to achieve command execution as the root user. They have made modifications that allow a user with physical access to the device to obtain a ro...

7.2CVSS7.1AI score0.005EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/08/29 7:0 p.m.20 views

CVE-2018-6597

The Alcatel A30 device with a build fingerprint of TCL/5046G/MICKEY6US:7.0/NRD90M/J63:user/release-keys contains a hidden privilege escalation capability to achieve command execution as the root user. They have made modifications that allow a user with physical access to the device to obtain a ro...

7AI score0.005EPSS
Exploits0References1
0day.today
0day.today
added 2018/08/02 12:0 a.m.38 views

Imperva SecureSphere 11.5 / 12.0 / 13.0 - Privilege Escalation Exploit

Exploit for linux platform in category local exploits Title: Imperva SecureSphere = v13 - Privilege Escalation Author: 0x09AL Tested on: Imperva SecureSphere 11.5,12.0,13.0 Vendor: https://www.imperva.com/ Vulnerability Description There is a program named PCE.py which runs as root and starts a...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2018/08/02 12:0 a.m.44 views

Imperva SecureSphere 11.5 12.0 13.0 - Privilege Escalation

Imperva SecureSphere 11.5 12.0 13.0 - Privilege Escalation Title: Imperva SecureSphere = v13 - Privilege Escalation Author: 0x09AL Date: 01/08/2018 Tested on: Imperva SecureSphere 11.5,12.0,13.0 Vendor: https://www.imperva.com/ Vulnerability Description There is a program named PCE.py which runs ...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2018/08/02 12:0 a.m.41 views

Imperva SecureSphere 11.5 / 12.0 / 13.0 Privilege Escalation

Title: Imperva SecureSphere = v13 - Privilege Escalation Author: 0x09AL Date: 01/08/2018 Tested on: Imperva SecureSphere 11.5,12.0,13.0 Vendor: https://www.imperva.com/ Vulnerability Description There is a program named PCE.py which runs as root and starts a unix domain socket listener in...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/02 12:0 a.m.27 views

Imperva SecureSphere 11.5 / 12.0 / 13.0 - Privilege Escalation

Title: Imperva SecureSphere = v13 - Privilege Escalation Author: 0x09AL Date: 01/08/2018 Tested on: Imperva SecureSphere 11.5,12.0,13.0 Vendor: https://www.imperva.com/ Vulnerability Description There is a program named PCE.py which runs as root and starts a unix domain socket listener in...

7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2018/06/19 1:20 a.m.30 views

CVE-2018-12027

An Insecure Permissions vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 causes information disclosure in the following situation: given a Passenger-spawned application process that reports that it listens on a certain Unix domain socket, if any of the parent directories of sa...

8.8CVSS0.7AI score0.01088EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2018/06/17 8:29 p.m.22 views

CVE-2018-12027

An Insecure Permissions vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 causes information disclosure in the following situation: given a Passenger-spawned application process that reports that it listens on a certain Unix domain socket, if any of the parent directories of sa...

8.8CVSS7.2AI score0.01088EPSS
Exploits0References3
NVD
NVD
added 2018/06/17 8:29 p.m.28 views

CVE-2018-12027

An Insecure Permissions vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 causes information disclosure in the following situation: given a Passenger-spawned application process that reports that it listens on a certain Unix domain socket, if any of the parent directories of sa...

8.8CVSS8.3AI score0.01088EPSS
Exploits0References2
Prion
Prion
added 2018/06/17 8:29 p.m.25 views

Information disclosure

An Insecure Permissions vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 causes information disclosure in the following situation: given a Passenger-spawned application process that reports that it listens on a certain Unix domain socket, if any of the parent directories of sa...

6.5CVSS8.1AI score0.01088EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2018/06/17 8:29 p.m.4 views

UBUNTU-CVE-2018-12027

An Insecure Permissions vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 causes information disclosure in the following situation: given a Passenger-spawned application process that reports that it listens on a certain Unix domain socket, if any of the parent directories of sa...

8.8CVSS7.3AI score0.01088EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2018/06/17 8:0 p.m.51 views

CVE-2018-12027

An Insecure Permissions vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 causes information disclosure in the following situation: given a Passenger-spawned application process that reports that it listens on a certain Unix domain socket, if any of the parent directories of sa...

8.8CVSS8.3AI score0.01088EPSS
Exploits0
Cvelist
Cvelist
added 2018/06/17 8:0 p.m.40 views

CVE-2018-12027

An Insecure Permissions vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 causes information disclosure in the following situation: given a Passenger-spawned application process that reports that it listens on a certain Unix domain socket, if any of the parent directories of sa...

8.3AI score0.01088EPSS
Exploits0References2
RubySec
RubySec
added 2018/06/12 12:0 a.m.29 views

Insecure Permissions in Phusion Passenger

"An Insecure Permissions vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 causes information disclosure in the following situation: given a Passenger-spawned application process that reports that it listens on a certain Unix domain socket, if any of the parent directories of...

8.8CVSS6.3AI score0.01088EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder