FreeBSD 安全漏洞

FreeBSD is a Unix-like operating system developed by the FreeBSD Foundation. There is a security vulnerability in FreeBSD, which stems from the setcred system call. This call copies a user-supplied supplementary group list into a fixed-size kernel stack buffer without verifying the length. This...

users crate for Rust 安全漏洞

users crate for Rust is an open source library for Rust by ogham. A security vulnerability exists in users crate for Rust that stems from mishandling of group lists, which could lead to elevated privileges...

SUSE SLES15 Security Update : slurm (SUSE-SU-2024:0287-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0287-1 advisory. - An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. There is Improper Enforcement of Message Integrity During Transmissio...

SUSE CVE-2023-49938

An issue was discovered in SchedMD Slurm 22.05.x and 23.02.x. There is Incorrect Access Control: an attacker can modified their extended group list that is used with the sbcast subsystem, and open files with an unauthorized set of extended groups. The fixed versions are 22.05.11 and 23.02.7...

Improper access control

An issue was discovered in SchedMD Slurm 22.05.x and 23.02.x. There is Incorrect Access Control: an attacker can modified their extended group list that is used with the sbcast subsystem, and open files with an unauthorized set of extended groups. The fixed versions are 22.05.11 and 23.02.7...

UBUNTU-CVE-2023-49938

An issue was discovered in SchedMD Slurm 22.05.x and 23.02.x. There is Incorrect Access Control: an attacker can modified their extended group list that is used with the sbcast subsystem, and open files with an unauthorized set of extended groups. The fixed versions are 22.05.11 and 23.02.7...

Unspecified Vulnerability in IBM InfoSphere Information Server (CNVD-2022-68284)

IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. A security vulnerability exists in IBM InfoSphere Information Server version 11.7 that stems fro...

Domain Password Audit Tool: DPAT

Domain Password Audit Tool This is a python script that will generate password use statistics from password hashes dumped from a domain controller and a password crack file such as oclHashcat.pot generated from the oclHashcat tool during password cracking. The report is an HTML report with...

OpenAFS buffer overflow vulnerability (CNVD-2015-05290)

OpenAFS is a distributed file system that allows sharing of archives and resources between systems over LANs and WANs. A buffer overflow vulnerability exists in OpenAFS 1.6.12 and earlier versions of the Solaris kernel extension. A local attacker can exploit this vulnerability to cause a denial o...

sudo: incorrect handling of RunAs specification with both user and group lists

Sudo 1.7.0 through 1.7.4p3, when a Runas group is configured, does not properly handle use of the -u option in conjunction with the -g option, which allows local users to gain privileges via a command line containing a "-u root" sequence...