@mdslab/iotronic-lightning-rod (>=2.3.1 <=2.3.6), @servicenow/cli-archetype-dev (>=17.0.2 <=24.0.1) +14 more potentially affected by CVE-2019-10783 via lsof (=0.1.0)

lsof NPM version =0.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on lsof and may be impacted: - @mdslab/iotronic-lightning-rod =2.3.1, =17.0.2, =17.0.2, =17.0.2, =0.1.0, =0.0.2, =0.0.1, =0.2.2, =0.11.0, =0.3.5, =0.0.1, =2.0.9, =2.0.12 and more Sour...

The vulnerability of the file viewing utilities used by lsof processes allows a malicious user to elevate their privileges to the level of the root user.

The vulnerability of the file viewing utilities used by lsof processes arises from buffer overflows. Exploiting this vulnerability can allow an attacker, operating locally, to elevate their privileges to that of a root user...

Android sof elevation of privilege vulnerability

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. lsof is a component that displays all open file processes. A power lifting vulnerability exists in Android's lsof. A local attacker can exploit the vulnerability with the help of ...

[SECURITY] New version of lsof fixes buffer overflow

We have received reports that the lsof package is distributed in Debian GNU/Linux 2.0 contains a buffer overflow. Using this overflow it is possible for local users to gain root-access. We have fixed this problem in version 4.37-3. We recommend you upgrade your lsof package immediately. wget url...