576 matches found
CVE-2019-16897
In K7 Antivirus Premium 16.0.xxx through 16.0.0120; K7 Total Security 16.0.xxx through 16.0.0120; and K7 Ultimate Security 16.0.xxx through 16.0.0120, the module K7TSHlpr.dll improperly validates the administrative privileges of the user, allowing arbitrary registry writes in the K7AVOptn.dll...
Design/Logic Flaw
In K7 Antivirus Premium 16.0.xxx through 16.0.0120; K7 Total Security 16.0.xxx through 16.0.0120; and K7 Ultimate Security 16.0.xxx through 16.0.0120, the module K7TSHlpr.dll improperly validates the administrative privileges of the user, allowing arbitrary registry writes in the K7AVOptn.dll...
CVE-2019-16897
In K7 Antivirus Premium 16.0.xxx through 16.0.0120; K7 Total Security 16.0.xxx through 16.0.0120; and K7 Ultimate Security 16.0.xxx through 16.0.0120, the module K7TSHlpr.dll improperly validates the administrative privileges of the user, allowing arbitrary registry writes in the K7AVOptn.dll...
CVE-2018-18505
An earlier fix for an Inter-process Communication IPC vulnerability, CVE-2011-3079, added authentication to communication between IPC endpoints and server parents during IPC process creation. This authentication is insufficient for channels created after the IPC process is started, leading to the...
ptrace Sudo Token Privilege Escalation Exploit
This Metasploit module attempts to gain root privileges by blindly injecting into the session user's running shell processes and executing commands by calling system, in the hope that the process has valid cached sudo tokens with root privileges. The system must have gdb installed and permit...
Mozilla: Sandbox escape using Prompt:Open
Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing...
Mozilla: Sandbox escape using Prompt:Open
Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing...
BlueStacks App Player Input Validation Error Vulnerability
BlueStacks App Player is a suite of software from the Chinese company BlueStacks that supports making Android applications run on Windows systems. An input validation error vulnerability exists in BlueStacks App Player version 2, version 3, and version 4 before 4.90. An attacker can exploit this...
UBUNTU-CVE-2019-11708
Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing...
pacemaker: Insufficient local IPC client-server authentication on the client's side can lead to local privesc
A flaw was found in the way pacemaker's client-server authentication was implemented. A local attacker could use this flaw, and combine it with other IPC weaknesses, to achieve local privilege escalation...
pacemaker: Insufficient local IPC client-server authentication on the client's side can lead to local privesc
A flaw was found in the way pacemaker's client-server authentication was implemented. A local attacker could use this flaw, and combine it with other IPC weaknesses, to achieve local privilege escalation...
Fedora Update for libqb FEDORA-2019-e2d5de3342
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 29 Update: libqb-1.0.5-1.fc29
libqb provides high-performance, reusable features for client-server architecture, such as logging, tracing, inter-process communication IPC, and polling...
[SECURITY] Fedora 30 Update: libqb-1.0.5-1.fc30
libqb provides high-performance, reusable features for client-server architecture, such as logging, tracing, inter-process communication IPC, and polling...
CVE-2019-9799
Insufficient bounds checking of data during inter-process communication might allow a compromised content process to be able to read memory from the parent process under certain conditions. This vulnerability affects Firefox 66...
CVE-2019-9799
Insufficient bounds checking of data during inter-process communication might allow a compromised content process to be able to read memory from the parent process under certain conditions. This vulnerability affects Firefox 66...
CVE-2019-9799
CVE-2019-9799 affects Mozilla Firefox before 66.0. The issue is caused by insufficient bounds checking of data during inter-process communication, which can allow a compromised content process to read memory from the parent process under certain conditions. Connected advisories/plugins corroborat...
CVE-2019-9799
Insufficient bounds checking of data during inter-process communication might allow a compromised content process to be able to read memory from the parent process under certain conditions. This vulnerability affects Firefox 66...
CVE-2019-9799
Insufficient bounds checking of data during inter-process communication might allow a compromised content process to be able to read memory from the parent process under certain conditions. This vulnerability affects Firefox 66...
UBUNTU-CVE-2018-16877
A flaw was found in the way pacemaker's client-server authentication was implemented in versions up to and including 2.0.0. A local attacker could use this flaw, and combine it with other IPC weaknesses, to achieve local privilege escalation...