2646 matches found
GlassWire: Uncontrolled Search Path Element allows DLL hijacking for priv esc to SYSTEM
GlassWire contains a DLL hijacking vulnerability that could allow an authenticated attacker to execute arbitrary code on the targeted system. The vulnerability exists due to GlassWire loading DLL files from the PATH environment variable without verification. The machine should have at least one...
FreeBSD : FreeBSD -- posix_spawnp(3) buffer overflow (f8b46415-c264-11ea-8659-901b0ef719ab)
posixspawnp spawns a new thread with a limited stack allocated on the heap before delegating to execvp for the final execution within that thread. execvp would previously make unbounded allocations on the stack, directly proportional to the length of the user-controlled PATH environment variable...
FreeBSD -- posix_spawnp(3) buffer overflow
Problem Description: posixspawnp spawns a new thread with a limited stack allocated on the heap before delegating to execvp for the final execution within that thread. execvp would previously make unbounded allocations on the stack, directly proportional to the length of the user-controlled PATH...
Qmail SMTP 1.03 - Bash Environment Variable Injection
Exploit Title: Qmail SMTP 1.03 - Bash Environment Variable Injection Date: 2020-07-03 Exploit Author: 1F98D Original Authors: Mario Ledo, Mario Ledo, Gabriel Follon Version: Qmail 1.03 Tested on: Debian 9.11 x64 CVE: CVE-2014-6271 References: http://seclists.org/oss-sec/2014/q3/649...
Apple macOS Catalina ksh shell command execution vulnerability
Apple macOS Catalina is a specialized operating system developed for Mac computers. A security vulnerability in the Apple macOS Catalina ksh handling environment variable allows local attackers to exploit the vulnerability to submit a special request that can execute arbitrary SHELL commands...
Google chrome-launcher OS command injection vulnerability
Google chrome-launcher is a launcher for launching the Chrome browser from Node.js by Google USA. An operating system command injection vulnerability exists in Google chrome-launcher all versions, which can be exploited to execute arbitrary commands by controlling the $ HOME environment variable ...
CVE-2020-7645
All versions of chrome-launcher allow execution of arbitrary commands, by controlling the $HOME environment variable in Linux operating systems...
CVE-2020-7645
All versions of chrome-launcher allow execution of arbitrary commands, by controlling the $HOME environment variable in Linux operating systems...
CVE-2020-7645
All versions of chrome-launcher allow execution of arbitrary commands, by controlling the $HOME environment variable in Linux operating systems...
Linux: Strictly define variable LD_LIBRARY_PATH
Check whether variable LDLIBRARYPATH or any equivalent variable exists in the user environmentroot or other environments. If yes, the variable should refer to the /lib, /usr/lib, /var/lib, /usr/X11R6/lib library only. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be...
glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries
A vulnerability was discovered in glibc where the LDPREFERMAP32BITEXEC environment variable is not ignored when running binaries with the setuid flag on x8664 architectures. This allows an attacker to force system to utilize only half of the memory making the system think the software is 32-bit...
Scientific Linux Security Update : cups on 7.x i686/x86_64 (2020:1050)
The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2020:1050-1 advisory. - In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions. CVE-2018-4180,...
CVE-2020-11944
Abe aka bitcoin-abe through 0.7.2, and 0.8pre, allows XSS in call in abe.py because the PATHINFO environment variable is mishandled during a PageNotFound exception...
CVE-2020-11944
Abe aka bitcoin-abe through 0.7.2, and 0.8pre, allows XSS in call in abe.py because the PATHINFO environment variable is mishandled during a PageNotFound exception...
Lk Scraper - An Fully Configurable Linkedin Scrape (Scrape Anything Within Linkedin)
Scrapes Any Linkedin Data Installation $ pip install git+git://github.com/jqueguiner/lkscraper Setup Using Docker compose $ docker-compose up -d $ docker-compose run lkscraper python3 Using Docker only forselenium server First, you need to run a selenium server $ docker run -d -p 4444:4444...
CVE-2016-1000107
A flaw was found in the Inets application in Erlang version 22.1 and possibly earlier, where it follows RFC 3875 section 4.1.18 and does not protect applications from the presence of untrusted client data in the HTTPPROXY environment variable. This flaw allows remote attackers to redirect an...
procps: Local privilege escalation in top
If the HOME environment variable is unset or empty, top will read its configuration file from the current working directory without any security check. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege escalation by exploiting one of...
CVE-2016-5386
An input-validation flaw was discovered in the Go programming language built in CGI implementation, which set the environment variable "HTTPPROXY" using the incoming "Proxy" HTTP-request header. The environment variable "HTTPPROXY" is used by numerous web clients, including Go's net/http package,...
CVE-2019-14868
In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those...
Access Restriction Bypass
The Common UNIX Printing System CUPS is vulnerable to local privilege escalation to root due to insecure environment variable handling...