20 matches found
Absolute Secure Access 缓冲区错误漏洞
Absolute Secure Access is an application developed by Absolute Corporation. It provides secure service edge SSE services optimized for mixed and mobile work environments. Versions of Absolute Secure Access prior to 14.50 contained a buffer error vulnerability. This vulnerability could lead to...
CVE-2020-37020 SonarQube 8.3.1 - Unquoted Service Path
SonarQube 8.3.1 contains an unquoted service path vulnerability that allows local attackers to gain SYSTEM privileges by exploiting the service executable path. Attackers can replace the wrapper.exe in the service path with a malicious executable to execute code with highest system privileges...
EUVD-2001-0567
Malware in sbrugna...
EUVD-2023-42720
Malicious code in bioql PyPI...
EUVD-2023-30973
Malicious code in bioql PyPI...
EUVD-2021-6972
Malicious code in bioql PyPI...
EUVD-2024-25280
Malicious code in bioql PyPI...
SAMSUNG PackageInstallerCN 安全漏洞
SAMSUNG PackageInstallerCN is a package installer from Samsung South Korea. A security vulnerability exists in SAMSUNG PackageInstallerCN prior to version 15.0.11.0, which stems from mishandling of insufficient privileges, and could allow a local attacker to bypass user interaction for installati...
Security Bulletin: Multiple vulnerabilities present in IBM Answer Retrieval for Watson Discovery versions 2.15 and earlier
Summary This fix upgrades to Node.js 18.19.1. Node.js is used by all IBM Answer Retrieval for Watson Discovery user interfaces. There are two categories of vulnerabilities addressed. The first allows remote attackers to gain access to the system, bypassing security restrictions. The second makes...
SUSE CVE-2004-1151
Multiple buffer overflows in the 1 sys32nisyscall and 2 sys32vm86warning functions in sysia32.c for Linux 2.6.x may allow local attackers to modify kernel memory and gain privileges...
SUSE-SU-2022:2809-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-36557: Fixed a race condition between the VTDISALLOCATE ioctl and closing/opening of ttys could lead to a use-after-free bnc1201429. - CVE-2020-36558:...
kernel: timer tree corruption leads to missing wakeup and system freeze
A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the timerqueueadd function in lib/timerqueue.c. This flaw allows a local attacker with special user privileges to cause a denial of service, slowing and eventually stopping the system while runnin...
CVE-2020-10010
A path handling issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. A local attacker may be able to elevate their privileges...
CVE-2020-9900
An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. A local attacker may be able to elevate their privileges...
Broadcom Brocade SANnav Trust Management Issues Vulnerability (CNVD-2019-41467)
Broadcom Brocade SANnav is a suite of SAN management platforms from Broadcom USA. A trust management issue vulnerability exists in Broadcom Brocade SANnav versions prior to 2.0, which stems from the program's use of hard-coded passwords. A local attacker could exploit this vulnerability to access...
The vulnerability of the Mac OS X operating system allows a hacker to bypass password expiration.
The vulnerability of the Screen Lock function in the Mac OS X operating system exists due to improper handling of user profile passwords. Exploiting this vulnerability can allow an intruder acting locally to reset passwords that have expired...
Linux Kernel 2.4.x/2.6.x Bluetooth Signed Buffer Index Vulnerability (4)
No description provided by source. source: http://www.securityfocus.com/bid/12911/info A local signed-buffer-index vulnerability affects the Linux kernel because it fails to securely handle signed values when validating memory indexes. A local attacker may leverage this issue to gain escalated...
[SECURITY] [DSA-385-1] New hztty packages fix buffer overflows
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 385-1 [email protected] http://www.debian.org/security/ Matt Zimmerman September 18th, 2003 http://www.debian.org/security/faq -...
IBM AIX enq buffer overflow in -M argument
Overview There is a buffer overflow in the enq command that may allow a local attacker to gain root privileges. Description The enq command is used to add entries to a queue, usually for printing. There is a buffer overflow in the -M argument to the enq command. --- Impact An attacker with access...
CVE-2001-0588
sendmail 8.9.3, as included with the MMDF 2.43.3b package in SCO OpenServer 5.0.6, can allow a local attacker to gain additional privileges via a buffer overflow in the first argument to the command...