Qualcomm IPC Input Validation Error Vulnerability

Qualcomm IPC is a Qualcomm Incorporated USA support component used in chips. A security vulnerability exists in Qualcomm IPC that stems from a lack of checking the validity and boundary compliance of parameters read from shared memory...

FOSCAM FHD X1 Security Vulnerability

FOSCAM X1 is a webcam from the Chinese company Foscam FOSCAM. A security vulnerability exists in FOSCAM FHD X1 1.14.2.4 which allows an attacker to exploit the vulnerability with physical UART access to log in via ipc. Security factor password...

pacemaker: ACL restrictions bypass

An ACL bypass flaw was found in Pacemaker. This flaw allows an attacker with a local account on the cluster and in the haclient group to use IPC communication with various daemons to directly perform certain tasks that would be prevented if they had gone through configured ACLs. The highest threa...

Apple macOS elevation of privilege vulnerability (CNVD-2020-70954)

Apple macOS is a specialized operating system developed by Apple for Mac computers. An elevation of privilege vulnerability exists in Apple macOS version 6.0.2. The vulnerability stems from a flaw in the XPC interface in AnyDesk on macOS versions 6.0.2 and above, which fails to properly validate ...

CVE-2020-27614

AnyDesk for macOS versions 6.0.2 and older have a vulnerability in the XPC interface that does not properly validate client requests and allows local privilege escalation...

Apple macOS 安全漏洞

Apple macOS is a specialized operating system developed by Apple for Mac computers. An elevation of privilege vulnerability exists in Apple macOS version 6.0.2. The vulnerability stems from a flaw in the XPC interface in AnyDesk on macOS versions 6.0.2 and above, which fails to properly validate ...

Binarynights Forklift Security Breach

Binarynights Forklift is a file resource management software from the American company Binarynights. The software references the FINDER file manager and directly manages FTP/SFTP/WebDAV, Amazon S3, iDisk, BLUETOOH and other resources. A security vulnerability exists in BinaryNights ForkLift 3.x...

USN-4623-1 pacemaker vulnerability

Ken Gaillot discovered that Pacemaker incorrectly handled IPC communications permissions. A local attacker could possibly use this issue to bypass ACL restrictions and execute arbitrary code as root...

CVE-2020-3556

A vulnerability in the interprocess communication IPC channel of Cisco AnyConnect Secure Mobility Client Software could allow an authenticated, local attacker to cause a targeted AnyConnect user to execute a malicious script. The vulnerability is due to a lack of authentication to the IPC listene...

CVE-2020-27123

A vulnerability in the interprocess communication IPC channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to read arbitrary files on the underlying operating system of an affected device. The vulnerability is due to an exposed IPC function. ...

CVE-2020-27123

CVE-2020-27123 affects Cisco AnyConnect Secure Mobility Client for Windows. A vulnerability in the Interprocess Communication (IPC) channel, due to an exposed IPC function, lets an authenticated, local attacker craft an IPC message to the AnyConnect process to read arbitrary files on the underlyi...

Cisco AnyConnect Secure Mobility Client for Windows Arbitrary File Read Vulnerability

Cisco AnyConnect Secure Mobility Client for Windows is a Windows-based secure mobility client from Cisco that provides secure access to networks and applications from any device. An arbitrary file read vulnerability exists in the Interprocess Communication IPC channel of Cisco AnyConnect Secure...

CVE-2020-27123

A vulnerability in the interprocess communication IPC channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to read arbitrary files on the underlying operating system of an affected device. The vulnerability is due to an exposed IPC function. ...

CVE-2020-3434

A vulnerability in the interprocess communication IPC channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected device. To exploit this vulnerability, the attacker would need to have valid...

CVE-2020-3435

A vulnerability in the interprocess communication IPC channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to overwrite VPN profiles on an affected device. To exploit this vulnerability, the attacker would need to have valid credentials on th...

CVE-2020-3433 Cisco AnyConnect Secure Mobility Client for Windows DLL Hijacking Vulnerability

A vulnerability in the interprocess communication IPC channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows...

CVE-2020-3433 Cisco AnyConnect Secure Mobility Client for Windows DLL Hijacking Vulnerability

A vulnerability in the interprocess communication IPC channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows...

Cisco AnyConnect Secure Mobility Client for Windows Profile Modification (cisco-sa-anyconnect-profile-7u3PERKF)

According to its self-reported version, Cisco AnyConnect Secure Mobility Client is affected by a vulnerability in the interprocess communication IPC channel due to insufficient validation of user-supplied input. An authenticated, local attacker can exploit this, by sending a crafted IPC message t...

Cisco AnyConnect Secure Mobility Client for Windows DoS

According to its self-reported version, Cisco AnyConnect Secure Mobility Client is affected a vulnerability in the interprocess communication IPC channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to cause a denial of service DoS condition ...

Cisco AnyConnect Secure Mobility Client for Windows Code Issue Vulnerability

Cisco AnyConnect Secure Mobility Client for Windows is a Windows-based secure mobility client from Cisco that provides secure access to networks and applications from any device. A code issue vulnerability exists in the IPC channel in Cisco AnyConnect Secure Mobility Client for Windows prior to...