Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000963)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000963 advisory. The scmcheckcreds function in net/core/scm.c in the Linux kernel before 3.11 performs a capability check in an incorrect namespace, which allows local users to gain...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002383)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002383 advisory. The scmcheckcreds function in net/core/scm.c in the Linux kernel before 3.11 performs a capability check in an incorrect namespace, which allows local users to gain...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002000)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002000 advisory. The scmcheckcreds function in net/core/scm.c in the Linux kernel before 3.11 performs a capability check in an incorrect namespace, which allows local users to gain...

📄 Microsoft Windows 10 Famille 10.0.19045.5487 Privilege Escalation

Microsoft Windows 10 Famille version 10.0.19045.5487 suffers from a parent PID spoofing privilege escalation vulnerability. ============================================================================================================================================= | Title : Microsoft Windows 10...

EUVD-2013-4194

Malware in sbrugna...

SUSE CVE-2013-4300

The scmcheckcreds function in net/core/scm.c in the Linux kernel before 3.11 performs a capability check in an incorrect namespace, which allows local users to gain privileges via PID spoofing...

Ursnif Malware Banks on News Events for Phishing Attacks

Ursnif aka Gozi, Dreambot, ISFB is one of the most widespread banking trojans. It has been observed evolving over the past few years. Ursnif has shown incredible theft capabilities. In 2020 Ursnif rose to prominence becoming one of the top ten most prolific pieces of malware. Among its core...

The Return of Raining SYSTEM Shells with Citrix Workspace app

TL;DR Back in July I documented a new Citrix Workspace vulnerability that allowed attackers to remotely execute arbitrary commands under the SYSTEM account. Well after some further investigation on the initial fix I discovered a new vector that quite frankly should not exist at all since the...

Windows‌ ‌Exploitation‌ ‌Tricks:‌ ‌Spoofing‌ ‌Named‌ ‌Pipe‌ ‌Client‌ ‌PID‌

Posted by James Forshaw, Project Zero While researching the Access Mode Mismatch in IO Manager bug class I came across an interesting feature in named pipes which allows a server to query the connected clients PID. This feature was introduced in Vista and is exposed to servers through the...

CVE-2013-4300

The scmcheckcreds function in net/core/scm.c in the Linux kernel before 3.11 performs a capability check in an incorrect namespace, which allows local users to gain privileges via PID spoofing...

DEBIAN-CVE-2013-4300

The scmcheckcreds function in net/core/scm.c in the Linux kernel before 3.11 performs a capability check in an incorrect namespace, which allows local users to gain privileges via PID spoofing...

CVE-2013-4300

The scmcheckcreds function in net/core/scm.c in the Linux kernel before 3.11 performs a capability check in an incorrect namespace, which allows local users to gain privileges via PID spoofing...

Design/Logic Flaw

The scmcheckcreds function in net/core/scm.c in the Linux kernel before 3.11 performs a capability check in an incorrect namespace, which allows local users to gain privileges via PID spoofing...

CVE-2013-4300

The scmcheckcreds function in net/core/scm.c in the Linux kernel before 3.11 performs a capability check in an incorrect namespace, which allows local users to gain privileges via PID spoofing...

CVE-2013-4300

CVE-2013-4300 affects the Linux kernel (pre-3.11). The vulnerability arises from a faulty capability check in scm_check_creds() in net/core/scm.c that uses an incorrect namespace, enabling local users to gain privileges via PID spoofing. Impact: local privilege escalation with complete confidenti...

CVE-2013-4300

The scmcheckcreds function in net/core/scm.c in the Linux kernel before 3.11 performs a capability check in an incorrect namespace, which allows local users to gain privileges via PID spoofing...

CVE-2013-4300

The scmcheckcreds function in net/core/scm.c in the Linux kernel before 3.11 performs a capability check in an incorrect namespace, which allows local users to gain privileges via PID spoofing...

Design/Logic Flaw

kernel/signal.c in the Linux kernel before 2.6.39 allows local users to spoof the uid and pid of a signal sender via a sigqueueinfo system call...

kernel signal spoofing issue

kernel/signal.c in the Linux kernel before 2.6.39 allows local users to spoof the uid and pid of a signal sender via a sigqueueinfo system call...

kernel signal spoofing issue

kernel/signal.c in the Linux kernel before 2.6.39 allows local users to spoof the uid and pid of a signal sender via a sigqueueinfo system call...