26 matches found
sudo: LPE via host option
A privilege escalation vulnerability was found in Sudo. In certain configurations, unauthorized users can gain elevated system privileges via the Sudo host option -h or --host. When using the default sudo security policy plugin sudoers, the host option is intended to be used in conjunction with t...
sudo: LPE via host option
A privilege escalation vulnerability was found in Sudo. In certain configurations, unauthorized users can gain elevated system privileges via the Sudo host option -h or --host. When using the default sudo security policy plugin sudoers, the host option is intended to be used in conjunction with t...
sudo: LPE via host option
A privilege escalation vulnerability was found in Sudo. In certain configurations, unauthorized users can gain elevated system privileges via the Sudo host option -h or --host. When using the default sudo security policy plugin sudoers, the host option is intended to be used in conjunction with t...
sudo: LPE via host option
A privilege escalation vulnerability was found in Sudo. In certain configurations, unauthorized users can gain elevated system privileges via the Sudo host option -h or --host. When using the default sudo security policy plugin sudoers, the host option is intended to be used in conjunction with t...
sudo: LPE via host option
A privilege escalation vulnerability was found in Sudo. In certain configurations, unauthorized users can gain elevated system privileges via the Sudo host option -h or --host. When using the default sudo security policy plugin sudoers, the host option is intended to be used in conjunction with t...
sudo: LPE via host option
A privilege escalation vulnerability was found in Sudo. In certain configurations, unauthorized users can gain elevated system privileges via the Sudo host option -h or --host. When using the default sudo security policy plugin sudoers, the host option is intended to be used in conjunction with t...
CVE-2022-30759
In Nokia One-NDS aka Network Directory Server through 20.9, some Sudo permissions can be exploited by some users to escalate to root privileges and execute arbitrary commands...
CVE-2022-30759
In Nokia One-NDS aka Network Directory Server through 20.9, some Sudo permissions can be exploited by some users to escalate to root privileges and execute arbitrary commands...
MS15-046: Description of the security update for Word 2013: May 12, 2015
Describes an update that resolves vulnerabilities in Microsoft Office that could allow remote code execution when an Office file that is located in the same network directory as a specially crafted library file is opened.IntroductionThis update resolves vulnerabilities in Microsoft Office that...
MS15-033: Description of the security update for Word 2013: April 14, 2015
Describes an update that resolves vulnerabilities in Microsoft Office that could allow remote code execution when an Office file that is located in the same network directory as a specially crafted library file is opened.IntroductionThis update resolves vulnerabilities in Microsoft Office that...
MS15-022: Description of the security update for Word 2013: March 10, 2015
Resolves vulnerabilities in Microsoft Office that could allow remote code execution when an Office file that is located in the same network directory as a specially crafted library file is opened.View products that this article applies to.IntroductionThis update resolves vulnerabilities in...
MS15-022: Description of the security update for Office 2013: March 10, 2015
Resolves vulnerabilities in Microsoft Office that could allow remote code execution when an Office file that is located in the same network directory as a specially crafted library file is opened.IntroductionThis update resolves vulnerabilities in Microsoft Office that could allow remote code...
CVE-2017-2381
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "sudo" component. It allows remote authenticated users to gain privileges by leveraging membership in the admin group on a network directory server...
CVE-2017-2381
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "sudo" component. It allows remote authenticated users to gain privileges by leveraging membership in the admin group on a network directory server...
MS14-023: Description of the security update for Office 2013: May 13, 2014
Resolves vulnerabilities in Microsoft Office that could allow remote code execution when an Office file that is located in the same network directory as a specially crafted library file is opened.View products that this article applies to.IntroductionThis update resolves vulnerabilities in...
Microsoft PowerPoint Insecure Library Loading (MS11-094; CVE-2011-3396)
A remote code execution vulnerability has been reported in Microsoft PowerPoint. The vulnerability is due to an error in the way Microsoft PowerPoint restricts the path used for loading external libraries. A remote attacker could exploit this vulnerability by enticing a user to open a legitimate...
MS11-075: Vulnerability in Microsoft Active Accessibility could allow remote code execution: October 11, 2011
Resolves a vulnerability in the Microsoft Active Accessibility component that could allow remote code execution if an attacker convinces a user to open a legitimate file that is located in the same network directory as a specially crafted dynamic link library DLL file.INTRODUCTIONMicrosoft has...
Firefox sensor.dll Insecure Library Loading
Added: 09/13/2011 CVE: CVE-2011-2980 BID: 49217 OSVDB: 74583 Background Firefox is a freely available web browser for multiple platforms including Windows, Linux, and Mac OS. Problem A library loading vulnerability in Mozilla Firefox and Thunderbird allows arbitrary command execution when a user...
Firefox sensor.dll Insecure Library Loading
Added: 09/13/2011 CVE: CVE-2011-2980 BID: 49217 OSVDB: 74583 Background Firefox is a freely available web browser for multiple platforms including Windows, Linux, and Mac OS. Problem A library loading vulnerability in Mozilla Firefox and Thunderbird allows arbitrary command execution when a user...
Firefox sensor.dll Insecure Library Loading
Added: 09/13/2011 CVE: CVE-2011-2980 BID: 49217 OSVDB: 74583 Background Firefox is a freely available web browser for multiple platforms including Windows, Linux, and Mac OS. Problem A library loading vulnerability in Mozilla Firefox and Thunderbird allows arbitrary command execution when a user...