CVE-2018-0438

A vulnerability in the Cisco Umbrella Enterprise Roaming Client ERC could allow an authenticated, local attacker to elevate privileges to Administrator. To exploit the vulnerability, the attacker must authenticate with valid local user credentials. This vulnerability is due to improper...

CVE-2018-0437

A vulnerability in the Cisco Umbrella Enterprise Roaming Client ERC could allow an authenticated, local attacker to elevate privileges to Administrator. To exploit the vulnerability, the attacker must authenticate with valid local user credentials. This vulnerability is due to improper...

Input validation

A vulnerability in the Cisco Umbrella Enterprise Roaming Client ERC could allow an authenticated, local attacker to elevate privileges to Administrator. To exploit the vulnerability, the attacker must authenticate with valid local user credentials. This vulnerability is due to improper...

CVE-2018-0438 Cisco Umbrella Enterprise Roaming Client Privilege Escalation Vulnerability

A vulnerability in the Cisco Umbrella Enterprise Roaming Client ERC could allow an authenticated, local attacker to elevate privileges to Administrator. To exploit the vulnerability, the attacker must authenticate with valid local user credentials. This vulnerability is due to improper...

USN-3775-1 linux vulnerabilities

It was discovered that the paravirtualization implementation in the Linux kernel did not properly handle some indirect calls, reducing the effectiveness of Spectre v2 mitigations for paravirtual guests. A local attacker could use this to expose sensitive information. CVE-2018-15594 It was...

Input validation

Emerson AMS Device Manager v12.0 to v13.5. Non-administrative users are able to change executable and library files on the affected products...

H2 Database 1.4.196 - Remote Code Execution Exploit

Exploit for java platform in category web applications Exploit Title: H2 Database 1.4.196 - Remote Code Execution Exploit Author: h4ckNinja Vendor Homepage: https://www.h2database.com/ Software Link: http://www.h2database.com/h2-2018-03-18.zip Version: 1.4.196 and 1.4.197 Tested on: macOS/Linux...

CVE-2018-17776

PCProtect Anti-Virus v4.8.35 has "Everyone: F" permission for %PROGRAMFILESX86%\PCProtect, which allows local users to gain privileges by replacing an executable file with a Trojan horse...

Slack: Linux Desktop application slack executable does not use pie / no ASLR

The slack binary from the Linux desktop application is no position independent executable: $ file usr/lib/slack/slack usr/lib/slack/slack: ELF 64-bit LSB executable, x86-64, version 1 SYSV, dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 2.6.32, stripped pie executables...

VPNFilter’s Arsenal Expands With Newly Discovered Modules

Researchers have discovered new modules in VPNFilter – the malware behind the widespread campaign in May that infected 75 router brands – revealing that its capabilities are much more widespread and sophisticated than previously thought. After reverse-engineering seven additional third-stage...

Debian DSA-4299-1 : texlive-bin - security update

Nick Roessler from the University of Pennsylvania has found a buffer overflow in texlive-bin, the executables for TexLive, the popular distribution of TeX document production system. This buffer overflow can be used for arbitrary code execution by crafting a special type1 font .pfb and provide it...

GNU Binutils Binary File Descriptor Library Denial of Service Vulnerability

GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utilities developed by the GNU Project to work with object files in a variety of formats, with connectors, assemblers, and other tools for object files and archives.The Binary File Descriptor BFD library a.k.a...

DEBIAN-CVE-2018-17360

An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.31. a heap-based buffer over-read in bfdgetl32 in libbfd.c allows an attacker to cause a denial of service through a crafted PE file. This vulnerability can be triggered by the executabl...

UBUNTU-CVE-2018-17360

An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.31. a heap-based buffer over-read in bfdgetl32 in libbfd.c allows an attacker to cause a denial of service through a crafted PE file. This vulnerability can be triggered by the executabl...

DEBIAN-CVE-2018-17358

An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.31. An invalid memory access exists in bfdstabsectionfindnearestline in syms.c. Attackers could leverage this vulnerability to cause a denial of service application crash via a crafted E...

UBUNTU-CVE-2018-17358

An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.31. An invalid memory access exists in bfdstabsectionfindnearestline in syms.c. Attackers could leverage this vulnerability to cause a denial of service application crash via a crafted E...

CVE-2018-6690

Accessing, modifying, or executing executable files vulnerability in Microsoft Windows client in McAfee Application and Change Control MACC 8.0.0 Hotfix 4 and earlier allows authenticated users to execute arbitrary code via file transfer from external system...

Solaris libnspr NSPR_LOG_FILE Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Solaris libnspr NSPRLOGFILE Privilege Escalation', 'Description' = %q This module exploits an arbitrary file write vulnerability in the Netscape...

The vulnerability of Emerson DeltaV DCS industrial control stations, related to errors in checking the path to the catalog, allows a intruder to replace the executable files.

The vulnerability of Emerson DeltaV DCS industrial control systems lies in errors during the verification of the catalog path. Exploiting this vulnerability allows a malicious actor to replace the executable files...

Design/Logic Flaw

In FreeBSD before 11.2-RELEASE, an application which calls setrlimit to increase RLIMITSTACK may turn a read-only memory region below the stack into a read-write region. A specially crafted executable could be exploited to execute arbitrary code in the user context...