CVE-2016-9489

In ManageEngine Applications Manager 12 and 13 before build 13200, an authenticated user is able to alter all of their own properties, including own group, i.e. changing their group to one with higher privileges like "ADMIN". A user is also able to change properties of another user, e.g. change...

Ubuntu 16.10 : linux vulnerabilities (USN-3147-1)

Andreas Gruenbacher and Jan Kara discovered that the filesystem implementation in the Linux kernel did not clear the setgid bit during a setxattr call. A local attacker could use this to possibly elevate group privileges. CVE-2016-7097 Marco Grassi discovered that the driver for Areca RAID...