Lucene search
+L

72 matches found

opensuse
opensuse
added 2018/07/28 3:17 p.m.125 views

Security update for the Linux Kernel (important)

The openSUSE Leap 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-13406: An integer overflow in the uvesafbsetcmap function could have result in local attackers being able to crash the kernel or potentially elevate privileges...

7.2CVSS0.7AI score0.93838EPSS
Exploits26References306
prion
prion
added 2018/06/05 1:29 p.m.23 views

Null pointer dereference

The Linux Kernel versions 4.14, 4.15, and 4.16 has a null pointer dereference which can result in an out of memory OOM killing of large mlocked processes. The issue arises from an oom killed process's final thread calling exitmmap, which calls munlockvmapagesall for mlocked vmas.This can happen...

4.9CVSS6.3AI score0.00493EPSS
Exploits0References10Affected Software1
cve
cve
added 2018/06/05 1:0 p.m.128 views

CVE-2018-1000200

CVE-2018-1000200 (Linux kernel) is detailed in connected Nessus/OpenVAS entries as affecting Linux kernel versions 4.14, 4.15, and 4.16. The vulnerability is a NULL pointer dereference that can trigger an out-of-memory (OOM) kill of large memory-locked (mlocked) processes. The root cause involves...

5.5CVSS6.2AI score0.00493EPSS
Exploits0References10Affected Software1
debiancve
debiancve
added 2018/06/05 1:0 p.m.50 views

CVE-2018-1000200

The Linux Kernel versions 4.14, 4.15, and 4.16 has a null pointer dereference which can result in an out of memory OOM killing of large mlocked processes. The issue arises from an oom killed process's final thread calling exitmmap, which calls munlockvmapagesall for mlocked vmas.This can happen...

5.5CVSS6.6AI score0.00493EPSS
Exploits0
hackread
hackread
added 2018/04/21 5:30 p.m.72 views

SquirtDanger malware steal passwords & take screenshots of user activity

By Waqas SquirtDanger is Capable of Draining Crypto-wallets, Killing Process, Stealing Passwords This is a post from HackRead.com Read the original post: SquirtDanger malware steal passwords & take screenshots of user activity...

1.7AI score
Exploits0
cve
cve
added 2018/03/12 4:0 a.m.52 views

CVE-2017-18226

CVE-2017-18226 affects Gentoo net-im/jabberd2 up to version 2.6.1, where the process creates/uses /var/run/jabber owned by the jabber user. This ownership could allow local attackers to modify a PID file and kill a root-owned process by exploiting a window between PID-file modification and the ro...

5.5CVSS5.7AI score0.00253EPSS
Exploits0References1Affected Software1
fireeye
fireeye
added 2018/02/15 11:30 a.m.1683 views

CVE-2017-10271 Used to Deliver CryptoMiners: An Overview of Techniques Used Post-Exploitation and Pre-Mining

Introduction FireEye researchers recently observed threat actors abusing CVE-2017-10271 to deliver various cryptocurrency miners. CVE-2017-10271 is a known input validation vulnerability that exists in the WebLogic Server Security Service WLS Security in Oracle WebLogic Server versions 12.2.1.2.0...

9.3CVSS8.6AI score0.99993EPSS
Exploits100
prion
prion
added 2017/09/13 5:29 p.m.18 views

Code injection

It was found that rhnsd PID files are created as world-writable that allows local attackers to fill the disks or to kill selected processes...

4.9CVSS5.4AI score0.00252EPSS
Exploits0References1
redhatcve
redhatcve
added 2017/09/12 3:18 p.m.19 views

CVE-2017-7560

It was found that rhnsd PID files are created as world-writable that allows local attackers to fill the disks or to kill selected processes...

5.5CVSS4.1AI score0.00252EPSS
Exploits0References1
osv
osv
added 2017/09/01 5:29 a.m.6 views

CVE-2017-14102

MIMEDefang 2.80 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill cat /pathname" command, as...

7.8CVSS6.6AI score
Exploits0References2
debiancve
debiancve
added 2017/07/30 4:0 p.m.40 views

CVE-2017-11747

main.c in Tinyproxy 1.8.4 and earlier creates a /run/tinyproxy/tinyproxy.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for tinyproxy.pid modification before a root script executes a...

5.5CVSS5.4AI score0.00292EPSS
Exploits0
amazon
amazon
added 2017/04/27 12:0 a.m.36 views

Medium: util-linux

Issue Overview: Sending SIGKILL to other processes with root privileges via su: A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions.CVE-2017-26...

5.5CVSS5.8AI score0.00279EPSS
Exploits0
redhat
redhat
added 2017/04/12 12:25 p.m.7 views

util-linux: Sending SIGKILL to other processes with root privileges via su

A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions...

5.5CVSS7.3AI score0.00279EPSS
Exploits0References4
oraclelinux
oraclelinux
added 2017/03/27 12:0 a.m.37 views

coreutils security and bug fix update

8.4-46.0.1 - clean up empty file if cp is failed Orabug 15973168 8.4-46 - pure rebuild to bring back support for aclextendedfilenofollow on x8664 8.4-45 - su: deny killing other processes with root privileges CVE-2017-2616 8.4-44 - fix the functionality of 'sort -h -k ...' in multi-byte locales...

5.5CVSS1.5AI score0.00279EPSS
Exploits0
myhack58
myhack58
added 2016/04/02 12:0 a.m.48 views

Recent js blackmailer anti-killing skills analysis-vulnerability warning-the black bar safety net

Recently many users reflect the computer in a blackmailer virus, also known as the“Locky ransomware”, the computer in documents, pictures and other important information is virus encryption. Such viral vectors for the js script by js script download remote server of the pe file, and that this pe...

7.5AI score
Exploits0
exploitdb
exploitdb
added 2015/09/08 12:0 a.m.24 views

IBM AIX High Availability Cluster Multiprocessing (HACMP) - Local Privilege Escalation

IBM AIX High Availability Cluster Multiprocessing HACMP LPE to root 0day Let's kill some more bugs today and force vendor improvement : """ $ cat /tmp/su !/bin/sh /bin/sh $ chmod +x /tmp/su $ PATH=/tmp /usr/es/sbin/cluster/utilities/clpasswd /usr/bin/whoami root """ References:...

7AI score
Exploits0
cve
cve
added 2012/10/01 6:0 p.m.58 views

CVE-2012-4833

CVE-2012-4833 affects IBM AIX 6.1 and 7.1 (and related VIOS) where fuser/ -k is improperly restricted, allowing a local attacker to kill another user’s processes and cause a denial of service. The connected Nessus advisories (e.g., U854841/U854868/U854603 for bos.rte.filesystem and IV28756/IV2874...

2.1CVSS6AI score0.00385EPSS
Exploits0References9Affected Software2
prion
prion
added 2011/11/26 3:57 a.m.19 views

Command injection

IBM WebSphere MQ 6.0 on OpenVMS, when the default rights of the MQM group are established, does not properly verify User Authorization File UAF data, which allows local users to kill listener processes and the command server via a control command...

1.9CVSS6.7AI score0.00278EPSS
Exploits0References3Affected Software1
seebug
seebug
added 2011/10/24 12:0 a.m.21 views

Google Chrome PoC, killing thread

No description provided by source. -' pigtail23 -' -' www.remoteshell.de -.OO .- OO.- OO .-/ -. .' \ ,--' ,----'/ '. / ,---. ,--',--. .----. .----. ...--'' | OO' .-OO |'--...| \ /.\ | OO| -',-. |.-, | | |.' | | | | | .-, --. .--''-'|.' | | | | |OO .' .' | | ..'| |/ | | './ | | | .-. || |/| ' |...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2011/10/22 12:0 a.m.12 views

Google Chrome - Killing Thread (PoC)

Google Chrome - Killing Thread PoC -' pigtail23 -' -' www.remoteshell.de -.OO .- OO.- OO .-/ | '-' | | | | | | | | |'-| |'| |\ -' / --' --' -----' --' --' --' --' -----' ------' ---'' October 22, 2011 Ohh nice! What u doing google? Thx 4 ur bug! 0o Google Chrome PoC, killing thread. Exploitable o...

0.1AI score
Exploits0
Rows per page
Query Builder