22 matches found
EUVD-1999-0716
Malware in sbrugna...
Security Bulletin: IBM App Connect Enterprise Certified Container operands are vulnerable to priviledge escalation [CVE-2022-43915]
Summary IBM App Connect Enterprise Certified Container operands are vulnerable to privilege escalation due to not limiting the unshare command. This bulletin provides patch information to address the reported vulnerability. CVE-2022-43915 Vulnerability Details CVEID:CVE-2022-43915 DESCRIPTION: IB...
Security Bulletin: IBM QRadar WinCollect Agent is vulnerable to priviledge escalation (CVE-2023-26278)
Summary IBM QRadar WinCollect Agent is vulnerable to priviledge escalation. IBM has addressed the relevant vulnerability Vulnerability Details CVEID:CVE-2023-26278 DESCRIPTION: IBM QRadar WinCollect Agent could allow a local authenticated attacker to gain elevated privileges on the system. CVSS...
RHEL 8 : kernel-rt (RHSA-2023:1584)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1584 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...
SUSE SLES12 Security Update : kernel (Live Patch 31 for SLE 12 SP5) (SUSE-SU-2023:1653-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:1653-1 advisory. This update for the Linux Kernel 4.12.14-122121 fixes several issues. The following security issues were fixed: - CVE-2023-26545: Fixed double...
SUSE SLES15 Security Update : kernel RT (Live Patch 1 for SLE 15 SP4) (SUSE-SU-2023:1576-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:1576-1 advisory. This update for the Linux Kernel 5.14.21-150400155 fixes several issues. The following security issues were fixed: - CVE-2023-26545: Fixed doub...
CVE-2023-0266
A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRVCTLIOCTLELEMREAD|WRITE32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgrading past...
FreeBSD-SA-22:06.ioctl
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-22:06.ioctl Security Advisory The FreeBSD Project Topic: mpr/mps/mpt driver ioctl heap out-of-bounds write Category: core Module: mpr, mps, mpt Announced:...
CVE-2022-0343 Local Priviledge escalation in Perfetto Dev scripts
A local attacker, as a different local user, may be able to send a HTTP request to 127.0.0.1:10000 after the user typically a developer manually invoked the ./tools/run-dev-server script. It is recommended to upgrade to any version beyond 24.2...
Security Bulletin: IBM Cognos Analytics with Watson 11.2.1 has addressed multiple vulnerabilities
Summary Security vulnerabilities have been addressed in IBM Cognos Analytics with Watson 11.2.1 Vulnerability Details CVEID: CVE-2017-12620 DESCRIPTION: Apache OpenNLP could allow a remote attacker to obtain sensitive information, caused by an XXE attack when loading models or dictionaries that...
SilverStripe Priviledge escalation through cache pollution
In SilverStripe through 4.3.3, there is access escalation for CMS users with limited access through permission cache pollution...
CVE-2018-10900
NetworkManager VPNC plugin (networkmanager-vpnc) before version 1.2.6 is vulnerable to a local privilege-escalation flaw. A newline character in a configuration parameter can inject a Password helper directive into the VPNC configuration, causing NetworkManager to execute arbitrary commands as ro...
CVE-2016-8533
CVE-2016-8533 describes a remote privilege-escalation in HPE Matrix Operating Environment 7.6 (and SIM 7.6 per CNVD) that can be exploited over the network to raise privileges. CVSSv3 score is 8.8 HIGH (network, low privileges required, no user interaction). The root cause is not explicitly detai...
CVE-2016-3823
The secure-session feature in the mm-video-v4l2 venc component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 mishandles heap pointers, which allows attackers to gain privileges via a crafted application, aka internal bug 28815329...
Pligg 2.0.1 SQL Injection / Command Execution
!/usr/bin/python Exploit Title: Pligg useremail; 62. $subject = $mainsmarty-getconfigvars"PLIGGVisualName".' '.$mainsmarty-getconfigvars"PLIGGPassEmailSubject"; 63. 64. $body = sprintf 65. $mainsmarty-getconfigvars"PLIGGPassEmailPassBody", 66. $mainsmarty-getconfigvars"PLIGGVisualName", 67...
Pligg CMS 2.0.1 - Multiple Vulnerabilities
!/usr/bin/python Exploit Title: Pligg useremail; 62. $subject = $mainsmarty-getconfigvars"PLIGGVisualName".' '.$mainsmarty-getconfigvars"PLIGGPassEmailSubject"; 63. 64. $body = sprintf 65. $mainsmarty-getconfigvars"PLIGGPassEmailPassBody", 66. $mainsmarty-getconfigvars"PLIGGVisualName", 67...
Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 : pam vulnerabilities (USN-1140-1)
Marcus Granado discovered that PAM incorrectly handled configuration files with non-ASCII usernames. A remote attacker could use this flaw to cause a denial of service, or possibly obtain login access with a different users username. This issue only affected Ubuntu 8.04 LTS. CVE-2009-0887 It was...
The Rat CMS Alpha 2 - download.php Priviledge Escalation
The Rat CMS Alpha 2 - download.php Priviledge Escalation ---------------------------- The Rat Cms Alpha 2 Priviledge Escalation ---------------------------- Autore: x0r Email: [email protected] Download:...
The Rat CMS Alpha 2 - 'download.php' Priviledge Escalation
---------------------------- The Rat Cms Alpha 2 Priviledge Escalation ---------------------------- Autore: x0r Email: [email protected] Download: http://downloads.sourceforge.net/the-rat-cms/trcmsprealpha2.zip?modtime=1174590953&bigmirror=0 ---------------------------- Bug In: /admin/.php So...
smf114-sql.txt
!/usr/bin/python """ ================================================================================================= / | |\ \ / | / |/ | | |/ \ | | | |||| /| / / ================================================================================================= This was a priv8 Exploit...