17 matches found
EUVD-2008-3791
Malware in sbrugna...
EUVD-2020-18318
Malware in sbrugna...
EUVD-2008-3792
Malware in sbrugna...
CVE-2025-20206 Cisco Secure Client for Windows with VPN Posture (HostScan) Module DLL Hijacking Vulnerability
A vulnerability in the interprocess communication IPC channel of Cisco Secure Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device if the Secure Firewall Posture Engine, formerly HostScan, is installed on Cisco Secure Client. This...
OESA-2022-1901 pacemaker security update
Pacemaker is an advanced, scalable High-Availability cluster resource manager. Security Fixes: An ACL bypass flaw was found in pacemaker. An attacker having a local account on the cluster and in the haclient group could use IPC communication with various daemons directly to perform certain tasks...
Exploit for Improper Access Control in Samsung Livewallpaperservice
Improper access control vulnerability in LiveWallpaperService...
AlmaLinux 8 : pacemaker (ALSA-2020:5487)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2020:5487 advisory. - An ACL bypass flaw was found in pacemaker. An attacker having a local account on the cluster and in the haclient group could use IPC communication with various...
NewStart CGSL CORE 5.05 / MAIN 5.05 : pacemaker Vulnerability (NS-SA-2021-0160)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has pacemaker packages installed that are affected by a vulnerability: - An ACL bypass flaw was found in pacemaker. An attacker having a local account on the cluster and in the haclient group could use IPC communication with...
pacemaker: ACL restrictions bypass
An ACL bypass flaw was found in Pacemaker. This flaw allows an attacker with a local account on the cluster and in the haclient group to use IPC communication with various daemons to directly perform certain tasks that would be prevented if they had gone through configured ACLs. The highest threa...
CVE-2020-25654
An ACL bypass flaw was found in pacemaker. An attacker having a local account on the cluster and in the haclient group could use IPC communication with various daemons directly to perform certain tasks that they would be prevented by ACLs from doing if they went through the configuration...
CVE-2020-25654
An ACL bypass flaw was found in pacemaker. An attacker having a local account on the cluster and in the haclient group could use IPC communication with various daemons directly to perform certain tasks that they would be prevented by ACLs from doing if they went through the configuration...
Authorization Bypass
pacemaker is vulnerable to authorization bypass. The vulnerability exists through an ACL bypass flaw, where users can use IPC communication with the various daemons directly to bypass ACL restrictions...
Debian: Security Advisory (DLA-2447-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2020-25654
An ACL bypass flaw was found in Pacemaker. This flaw allows an attacker with a local account on the cluster and in the haclient group to use IPC communication with various daemons to directly perform certain tasks that would be prevented if they had gone through configured ACLs. The highest threa...
CVE-2020-25654
An ACL bypass flaw was found in pacemaker. An attacker having a local account on the cluster and in the haclient group could use IPC communication with various daemons directly to perform certain tasks that they would be prevented by ACLs from doing if they went through the configuration...
CVE-2018-18505
An earlier fix for an Inter-process Communication IPC vulnerability, CVE-2011-3079, added authentication to communication between IPC endpoints and server parents during IPC process creation. This authentication is insufficient for channels created after the IPC process is started, leading to the...
Mozilla Thunderbird < 60.5
The version of Thunderbird installed on the remote Windows host is prior to 60.5. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2019-03 advisory. - A use-after-free vulnerability can occur while playing a sound notification in Thunderbird. The memory storing the...