UBUNTU-CVE-2021-3283

HashiCorp Nomad and Nomad Enterprise up to 0.12.9 exec and java task drivers can access processes associated with other tasks on the same node. Fixed in 0.12.10, and 1.0.3...

CVE-2021-3283

HashiCorp Nomad and Nomad Enterprise up to 0.12.9 exec and java task drivers can access processes associated with other tasks on the same node. Fixed in 0.12.10, and 1.0.3...

CVE-2021-3283

HashiCorp Nomad and Nomad Enterprise up to 0.12.9 exec and java task drivers can access processes associated with other tasks on the same node. Fixed in 0.12.10, and 1.0.3...

flatpak: sandbox escape via spawn portal

A flaw was found in Flatpak. The Flatpak portal D-Bus service passes caller-specified environment variables to non-sandboxed processes on the host system, and in particular to the flatpak run command that is used to launch the new sandbox instance. A malicious or compromised Flatpak app could set...

flatpak: sandbox escape via spawn portal

A flaw was found in Flatpak. The Flatpak portal D-Bus service passes caller-specified environment variables to non-sandboxed processes on the host system, and in particular to the flatpak run command that is used to launch the new sandbox instance. A malicious or compromised Flatpak app could set...

flatpak: sandbox escape via spawn portal

A flaw was found in Flatpak. The Flatpak portal D-Bus service passes caller-specified environment variables to non-sandboxed processes on the host system, and in particular to the flatpak run command that is used to launch the new sandbox instance. A malicious or compromised Flatpak app could set...

HashiCorp Nomad and Nomad Enterprise up to Security Breach

Hashicorp Nomad and Hashicorp Nomad Enterprise are both products of Hashicorp, Inc.Hashicorp Nomad is a distributed, data center-aware cluster and application scheduler. It supports the deployment of microservices, batch, containerized and non-containerized applications.Hashicorp Nomad Enterprise...

SharpEDRChecker - Checks Running Processes, Process Metadata, DLLs Loaded Into Your Current Process And The Each DLLs Metadata, Common Inst all Directories, Installed Services And Each Service Binaries Metadata, Installed Drivers And Each Drivers Metadata, All For The Presence Of Known Defensive Products Such As AV's, EDR's And Logging Tools

New and improved C Implementation of Invoke-EDRChecker. Checks running processes, process metadata, Dlls loaded into your current process and each DLLs metadata, common install directories, installed services and each service binaries metadata, installed drivers and each drivers metadata, all for...

IBM Planning Analytics Information Disclosure Vulnerability (CNVD-2021-06944)

IBM Planning Analytics is a suite of business planning and analytics solutions from IBM USA. The solution supports automated execution of processes such as business planning, budgeting and analysis. A security vulnerability exists in IBM Planning Analytics version 2.0 that allows web pages to be...

Debian DSA-4830-1 : flatpak - security update

Simon McVittie discovered a bug in the flatpak-portal service that can allow sandboxed applications to execute arbitrary code on the host system a sandbox escape. The Flatpak portal D-Bus service flatpak-portal, also known by its D-Bus service name org.freedesktop.portal.Flatpak allows apps in a...

Huawei Smartphone Buffer Error Vulnerability

Huawei Emui is an Android-based mobile operating system from China's Huawei.Honor Magic Ui is an Android-based mobile operating system from China's Honor. A buffer error vulnerability exists in Huawei smartphones, which can be exploited by an attacker to make application processes abnormal...

Microsoft Skype Authorization Issues Vulnerability

Microsoft Skype is a communication application from Microsoft USA. The program provides video calls and voice calls to other devices over the Internet for computers and mobile devices such as cell phones. A security vulnerability exists in Microsoft Skype through 8.59.0.77 on macOS that allows...

Security Bulletin: Communication between burst buffer processes not properly secured

Summary The bbProxy and bbServer processes did not properly use SSL send/receive primitives to communicate across the internal networks. Vulnerability Details Third Party Entry: PSIRT-ADV0023982 DESCRIPTION: Created from Advisory: ADV0023982 CVSS Base score: 5.3 CVSS Vector:...

Command Execution Vulnerability in Hua An Securities Hui Win pc Software

Hua An Securities Hui Win pc version is a stock financial terminal newly launched by Hua An Securities. Huaan Securities Hui Win pc software has a command execution vulnerability, which can be exploited by attackers to inject executable DLL files into client processes and execute arbitrary...

pentest-wiki

This repository is an information gathering library for penetration testers and researchers, containing various tools and documentation for gathering information about a target organization. The repository includes scripts and guides for performing whois searches, querying whois databases, and...

VulnCheck KEV: CVE-2021-1905

Multiple Qualcomm Chipsets contain a use after free vulnerability due to improper handling of memory mapping of multiple processes simultaneously...

PT-2020-6443 · Qualcomm · Qualcomm Snapdragon Wearables +7

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon Auto affected versions not specified Qualcomm Snapdragon Compute affected versions not specified Qualcomm Snapdragon Connectivity affected versions not specified Qualcomm Snapdragon Consumer IOT affected versions not...

Palo Alto Networks PAN-OS 8.1.x < 8.1.16 / 9.0.x < 9.0.10 / 9.1.x < 9.1.4 / 10.0.x < 10.0.1 Command Injection Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is 8.1.x prior to 8.1.16 or 9.0.x prior to 9.0.10 or 9.1.x prior to 9.1.4 or 10.0.x prior to 10.0.1. It is, therefore, affected by a vulnerability. - An OS command injection and memory corruption vulnerability in the PAN-OS...

CVE-2020-2000

An OS command injection and memory corruption vulnerability in the PAN-OS management web interface that allows authenticated administrators to disrupt system processes and potentially execute arbitrary code and OS commands with root privileges. This issue impacts: PAN-OS 8.1 versions earlier than...

Memory corruption

An OS command injection and memory corruption vulnerability in the PAN-OS management web interface that allows authenticated administrators to disrupt system processes and potentially execute arbitrary code and OS commands with root privileges. This issue impacts: PAN-OS 8.1 versions earlier than...