528 matches found
Exploit for CVE-2024-55968
CVE-2024-55968 LPE Exploit POC for CVE-2024-55968 Vulnerab...
PT-2024-36621 · Dtex · Dtex Dec-M
Name of the Vulnerable Software and Affected Versions: DTEX DEC-M DTEX Forwarder version 6.1.1 Description: An issue was discovered in the com.dtexsystems.helper service, which handles privileged operations within the macOS DTEX Event Forwarder agent. The service fails to implement critical clien...
PT-2024-38682 · Unknown · Sensei Mac Cleaner
Name of the Vulnerable Software and Affected Versions: Sensei Mac Cleaner affected versions not specified Description: The issue allows an attacker to perform multiple operations as the root user, including arbitrary file deletion and writing, loading and unloading daemons, manipulating file...
Uaudio com.uaudio.bsd.helper 安全漏洞
Uaudio com.uaudio.bsd.helper is an application from Uaudio, Inc. A security vulnerability exists in Uaudio com.uaudio.bsd.helper, which stems from the failure to implement critical client authentication in XPC inter-process communication, allowing an unauthorized client to leverage the service's...
PT-2024-34335 · Fortinet · Forticlientwindows
Name of the Vulnerable Software and Affected Versions: Fortinet FortiClientWindows versions 6.4.x through 7.4.0 Description: A use of a hard-coded cryptographic key in Fortinet FortiClientWindows may allow a low-privileged user to decrypt interprocess communication via a monitoring named pipe...
kernel: ipc: fix memory leak in init_mqueue_fs()
In the Linux kernel, the following vulnerability has been resolved: ipc: fix memory leak in initmqueuefs When setupmqsysctls failed in initmqueuefs, mqueueinodecachep is not released. In order to fix this issue, the release path is reordered...
tipc: guard against string buffer overrun
...
PT-2024-25075 · Lplh · Lplh
Name of the Vulnerable Software and Affected Versions: LPLH affected versions not specified Description: The issue occurs due to memory corruption while parsing IPC frequency table parameters for LPLH when the size is greater than the expected size. This results in memory issues. Recommendations:...
PT-2024-10227
Name of the Vulnerable Software and Affected Versions MacOS affected versions not specified Description The issue is related to insufficient access control in the XPC service of MacOS operating systems. Exploitation of this issue may allow an attacker to execute arbitrary code and elevate their...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the skb cb in the tipc component not being reacquired after tipcmsgvalidate, resulting in a post-release reu...
DEBIAN-CVE-2024-45752
logiops through 0.3.4, in its default configuration, allows any unprivileged user to configure its logid daemon via an unrestricted D-Bus service, including setting malicious keyboard macros. This allows for privilege escalation with minimal user interaction...
kernel: ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry
A flaw was found in the Linux kernel’s IPC system. This flaw allows an attacker to use a specially crafted program to cause a rare race condition, leading to a denial of service...
Qualcomm Chipsets 安全漏洞
Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from a post-release reuse issue contained in a Qualcomm IPC component...
UBUNTU-CVE-2024-42271
In the Linux kernel, the following vulnerability has been resolved: net/iucv: fix use after free in iucvsockclose iucvseverpath is called from process context and from bh context. iucv-path is used as indicator whether somebody else is taking care of severing the path or it is already removed /...
kernel: TIPC message reassembly use-after-free remote code execution vulnerability
A use-after-free UAF flaw exists in the Linux Kernel within the reassembly of fragmented TIPC messages, specifically in the tipcbufappend function. The issue results due to a lack of checks in the error handling cleanup and can trigger a UAF on "struct skbuff", which may lead to remote code...
ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension
...
UBUNTU-CVE-2024-3056
A flaw was found in Podman. This issue may allow an attacker to create a specially crafted container that, when configured to share the same IPC with at least one other container, can create a large number of IPC resources in /dev/shm. The malicious container will continue to exhaust resources...
CrowdStrike Explains Friday Incident Crashing Millions of Windows Devices
Cybersecurity firm CrowdStrike on Wednesday blamed an issue in its validation system for causing millions of Windows devices to crash as part of a widespread outage late last week. "On Friday, July 19, 2024 at 04:09 UTC, as part of regular operations, CrowdStrike released a content configuration...
kernel: TIPC message reassembly use-after-free remote code execution vulnerability
A use-after-free UAF flaw exists in the Linux Kernel within the reassembly of fragmented TIPC messages, specifically in the tipcbufappend function. The issue results due to a lack of checks in the error handling cleanup and can trigger a UAF on "struct skbuff", which may lead to remote code...
kernel: TIPC message reassembly use-after-free remote code execution vulnerability
A use-after-free UAF flaw exists in the Linux Kernel within the reassembly of fragmented TIPC messages, specifically in the tipcbufappend function. The issue results due to a lack of checks in the error handling cleanup and can trigger a UAF on "struct skbuff", which may lead to remote code...