100 matches found
Astra Linux - уязвимость в linux
A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while filtering signal handlers. A local attacker is able to abuse this flaw to bypass checks to send any signal to a privileged process...
CPython 安全漏洞
CPython is a Python interpreter implemented in C language by the Python Foundation. CPython has a security vulnerability, which stems from the profiling.sampling module and the asyncio introspection feature. This vulnerability may allow access to addresses within privileged processes during readi...
[SECURITY] Fedora 42 Update: polkit-126-3.fc42.2
polkit is a toolkit for defining and handling authorizations. It is used for allowing unprivileged processes to speak to privileged processes...
[SECURITY] Fedora 43 Update: polkit-126-6.fc43.2
polkit is a toolkit for defining and handling authorizations. It is used for allowing unprivileged processes to speak to privileged processes...
CVE-2026-2640
During an internal security assessment, a potential vulnerability was discovered in Lenovo PC Manager that could allow a local authenticated user to terminate privileged processes...
[SECURITY] Fedora 44 Update: polkit-127-2.fc44.1
polkit is a toolkit for defining and handling authorizations. It is used for allowing unprivileged processes to speak to privileged processes...
EUVD-2026-11365
During an internal security assessment, a potential vulnerability was discovered in Lenovo PC Manager that could allow a local authenticated user to terminate privileged processes...
EUVD-2026-11361
An input validation vulnerability was reported in the LenovoProductivitySystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticated user to terminate arbitrary processes with elevated privileges...
CVE-2026-2640
During an internal security assessment, a potential vulnerability was discovered in Lenovo PC Manager that could allow a local authenticated user to terminate privileged processes...
CVE-2026-1717
An input validation vulnerability was reported in the LenovoProductivitySystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticated user to terminate arbitrary processes with elevated privileges...
CVE-2026-2640
During an internal security assessment, a potential vulnerability was discovered in Lenovo PC Manager that could allow a local authenticated user to terminate privileged processes...
CVE-2026-2640
CVE-2026-2640 affects Lenovo PC Manager. A local authenticated user could terminate privileged processes. CVSS metrics from Lenovo PSIRT: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (3.1) and CVSS v4.0: AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/SC:N/VI:N/SI:N/VA:H. No explicit root cause, affected component version,...
CVE-2026-2640
During an internal security assessment, a potential vulnerability was discovered in Lenovo PC Manager that could allow a local authenticated user to terminate privileged processes...
CVE-2026-2640
During an internal security assessment, a potential vulnerability was discovered in Lenovo PC Manager that could allow a local authenticated user to terminate privileged processes...
CVE-2026-1717
CVE-2026-1717 affects the LenovoProductivitySystemAddin used in Lenovo Vantage and Lenovo Baiying. An input validation vulnerability allows a local authenticated user to terminate arbitrary processes with elevated privileges. The advisory provides two CVSS assessments: CVSSv3.1 base score 5.5 (LO...
Lenovo PC Manager 安全漏洞
Lenovo PC Manager is a PC management software developed by Lenovo Corporation. There is a security vulnerability in Lenovo PC Manager, which stems from the possibility for locally authenticated users to terminate privileged processes...
[SECURITY] Fedora 43 Update: polkit-126-6.fc43.1
polkit is a toolkit for defining and handling authorizations. It is used for allowing unprivileged processes to speak to privileged processes...
Unity Linux 20.1070e Security Update: screen (UTSA-2026-005208)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005208 advisory. Screen version 5.0.0 and older version 4 releases have a TOCTOU race potentially allowing to send SIGHUP, SIGCONT to privileged processes when installed setuid-root...
CVE-2025-41726 Beckhoff: Arbitrary code execution within privileged processes
A low privileged remote attacker can execute arbitrary code by sending specially crafted calls to the web service of the Device Manager or locally via an API and can cause integer overflows which then may lead to arbitrary code execution within privileged processes...
CVE-2025-41726 Beckhoff: Arbitrary code execution within privileged processes
A low privileged remote attacker can execute arbitrary code by sending specially crafted calls to the web service of the Device Manager or locally via an API and can cause integer overflows which then may lead to arbitrary code execution within privileged processes...