usbguard: Fix unauthorized access via D-Bus

A flaw was found in usbguard. The vulnerability occurs due to the No default access control listACL on some D-Bus methods and leads to unauthorized access. This flaw allows an attacker to access and escape policy configuration...

Trojan.Win32.DarkNeuron.gen MVID-2022-0661 Named Pipe NULL DACL

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/d891c9374ccb2a4cae2274170e8644d8.txt Contact: [email protected] Media: twitter.com/malvuln Backup media: infosec.exchange/@malvuln Threat: Trojan.Win32.DarkNeuron.gen Vulnerability: Named...

Microsoft Windows ALPC 竞争条件问题漏洞

Microsoft Windows ALPC is an inter-process communication tool for high-speed messaging from Microsoft Corporation USA. A vulnerability exists in Microsoft Windows ALPC due to a competitive condition issue. The following products and editions are affected:Windows Server 2008 for 32-bit Systems...

Cisco AnyConnect Secure Mobility Client for Windows DLL Hijacking Vulnerability

Cisco AnyConnect Secure Mobility Client for Windows interprocess communication IPC channel allows for insufficient validation of resources that are loaded by the application at run time. An attacker with valid credentials on Windows could execute code on the affected machine with SYSTEM privilege...

VulnCheck KEV: CVE-2020-3433

Cisco AnyConnect Secure Mobility Client for Windows interprocess communication IPC channel allows for insufficient validation of resources that are loaded by the application at run time. An attacker with valid credentials on Windows could execute code on the affected machine with SYSTEM...

ROS-20221013-01

A vulnerability in the D-Bus interprocess communication system is related to the reachability of an assertion in debug builds caused by a syntactically invalid type signature with improperly nested brackets and curly braces. Exploitation of the vulnerability could allow an attacker to execute a...

PT-2022-33475 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.2 Description: The issue is related to the prevention of double freeing of ipc control data via load bytes in the ASoC SOF ipc3-topology. The actual impact and attack plausibility have not yet been proven...

OESA-2022-1900 pacemaker security update

Pacemaker is an advanced, scalable High-Availability cluster resource manager. Security Fixes: An ACL bypass flaw was found in pacemaker. An attacker having a local account on the cluster and in the haclient group could use IPC communication with various daemons directly to perform certain tasks...

CVE-2022-24952

Several denial of service vulnerabilities exist in Eternal Terminal prior to version 6.2.0, including a DoS triggered remotely by an invalid sequence number and a local bug triggered by invalid input sent directly to the IPC socket...

Eternal Terminal 竞争条件问题漏洞

Eternal Terminal is a remote shell by Jason Gauci Personal Developer. A security vulnerability exists in Eternal Terminal versions prior to 6.2.0, which stems from a vulnerability that allows a local attacker to hijack Eternal Terminal's IPC sockets to gain access to Eternal Terminal clients that...

CVE-2022-34866

Passage Drive versions v1.4.0 to v1.5.1.0 and Passage Drive for Box version v1.0.0 contain an insufficient data verification vulnerability for interprocess communication. By running a malicious program, an arbitrary OS command may be executed with LocalSystem privilege of the Windows system where...

CVE-2022-34866

Passage Drive versions v1.4.0 to v1.5.1.0 and Passage Drive for Box version v1.0.0 contain an insufficient data verification vulnerability for interprocess communication. By running a malicious program, an arbitrary OS command may be executed with LocalSystem privilege of the Windows system where...

Design/Logic Flaw

Passage Drive versions v1.4.0 to v1.5.1.0 and Passage Drive for Box version v1.0.0 contain an insufficient data verification vulnerability for interprocess communication. By running a malicious program, an arbitrary OS command may be executed with LocalSystem privilege of the Windows system where...

CVE-2022-34866

Passage Drive versions v1.4.0 to v1.5.1.0 and Passage Drive for Box version v1.0.0 contain an insufficient data verification vulnerability for interprocess communication. By running a malicious program, an arbitrary OS command may be executed with LocalSystem privilege of the Windows system where...

PT-2022-22402 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Passage Drive versions v1.4.0 to v1.5.1.0 Passage Drive for Box version v1.0.0 Description: The issue is related to insufficient data verification for interprocess communication, which can be exploited by running a malicious program. This...

Passage Drive vulnerable to insufficient data verification

Overview Passage Drive provided by Yokogawa Rental & Lease Corporation contains an insufficient data verification vulnerability for interprocess communication CWE-20. Yokogawa Rental & Lease Corporation reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and...

CVE-2022-24540

Windows ALPC Elevation of Privilege Vulnerability...

Microsoft Windows ALPC 竞争条件问题漏洞

Microsoft Windows ALPC is an inter-process communication tool for high-speed messaging from Microsoft Corporation USA. A Competing Conditions Issue vulnerability exists in Microsoft Windows ALPC, which can be exploited by a local attacker to elevate privileges on a system...

cri-o: pod with access to 'hostIPC' and 'hostNetwork' kernel namespace allows sysctl from the list of safe sysctls to be applied to the host

An incorrect sysctls validation vulnerability was found in CRI-O. The sysctls from the list of "safe" sysctls specified for the cluster 0 will be applied to the host if an attacker can create a pod with a hostIPC and hostNetwork kernel namespace...

UBUNTU-CVE-2021-23556

The package guake before 3.8.5 are vulnerable to Exposed Dangerous Method or Function due to the exposure of executecommand and executecommandbyuuid methods via the d-bus interface, which makes it possible for a malicious user to run an arbitrary command via the d-bus method. Note: Exploitation...