PT-2020-3774 · Cisco · Cisco Ucs 6400 Series Fabric Interconnects +1

Name of the Vulnerable Software and Affected Versions: Cisco UCS 6400 Series Fabric Interconnects affected versions not specified Cisco UCS Manager Software affected versions not specified Description: The issue is related to the improper handling of CLI command parameters in the local management...

Microsoft .NET Framework Multiple Vulnerabilities (KB4570506)

This host is missing an important security update according to Microsoft KB4570506 Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

CVE-2020-0257

In SpecializeCommon of comandroidinternalosZygote.cpp, there is a permissions bypass due to an incomplete cleanup. This could lead to local escalation of privilege in isolated processes with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

Input validation

In SpecializeCommon of comandroidinternalosZygote.cpp, there is a permissions bypass due to an incomplete cleanup. This could lead to local escalation of privilege in isolated processes with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2020-14979

The WinRing0.sys and WinRing0x64.sys drivers 1.2.0 in EVGA Precision X1 through 1.0.6 allow local users, including low integrity processes, to read and write to arbitrary memory locations. This allows any user to gain NT AUTHORITY\SYSTEM privileges by mapping \Device\PhysicalMemory into the calli...

Prometheus Blackbox Exporter Code Issue Vulnerability

Prometheus Blackbox Exporter is a blackbox exporter released by the Linux Foundation in the United States that allows blackbox probing of endpoints over HTTP, HTTPS, DNS, TCP and ICMP. A code issue vulnerability exists in Prometheus Blackbox Exporter 0.17.0 and earlier versions. The vulnerability...

Sandbox Restrictions Bypass

firefox is vulnerable to sandbox restrictions bypass. The content processes did not sufficiently lockdown access control which could result in a sandbox escape...

DLInjector-GUI - DLL Injector Graphical User Interface

DLInjector for Graphical User Interface. Faster DLL Injector for processes. It targets the process name to identify the target. The process does not need to be open to define the target. DLInjector waits until the process executed. USAGE DLInjector usage a very simple. Firstly, enter the target...

ASB-A-156741968

In SpecializeCommon of comandroidinternalosZygote.cpp, there is a permissions bypass due to an incomplete cleanup. This could lead to local escalation of privilege in isolated processes with no additional execution privileges needed. User interaction is not needed for exploitation...

OSV-2020-1441 Heap-buffer-overflow in void apply_sao_internal<unsigned short>

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=21935 Crash type: Heap-buffer-overflow READ 1 Crash state: void applysaointernal void applysao threadtasksao::work...

[SECURITY] Fedora 31 Update: bashtop-0.9.24-1.fc31

Resource monitor written in Bash that shows usage and stats for processor, memory, disks, network and processes...

Security Bulletin: CVE-2020-4260 Secure properties can be revealed using a generic process

Summary IBM UrbanCode Deploy UCD could allow a user with special permissions to obtain sensitive information via generic processes. Vulnerability Details CVEID: CVE-2020-4260 DESCRIPTION: IBM UrbanCode Deploy UCD could allow a user with special permissions to obtain sensitive information via...

Security Bulletin: CVE-2020-4260 SOME SECURE PROPERTIES CAN BE REVEALED VIA GENERIC PROCESSES

Summary CVE-2020-4260 SECURE PROPERTIES CAN BE REVEALED VIA GENERIC PROCESSES. Some secure properties can be revealed through a specially configured generic processes. Vulnerability Details CVEID: CVE-2020-4260 DESCRIPTION: IBM UrbanCode Deploy UCD 7.0.5 could allow a user with special permission...

[SECURITY] Fedora 32 Update: bashtop-0.9.24-1.fc32

Resource monitor written in Bash that shows usage and stats for processor, memory, disks, network and processes...

Microsoft Windows/Windows Server Elevation of Privilege Vulnerability (CNVD-2021-90802)

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation, an operating system for personal devices, and Microsoft Windows Server, a server operating system. An elevation of privilege vulnerability exists in Microsoft Windows/Windows Server, which stems from a...

Fedora: Security Advisory for bashtop (FEDORA-2020-ff38f3a401)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Graceful Logoff from a Published Application Renders the Session in Active State

Graceful logoffs from a published application launched in a seamless, fixed window, or as an RDP Initial Program, might result in the session not closing and the user being logged off. Sessions can be reset or exited correctly by manually resetting them, or by terminating remnant user processes i...

Graceful Logoff from a Published Application Renders the Session in Active State

Graceful logoffs from a published application launched in a seamless, fixed window, or as an RDP Initial Program, might result in the session not closing and the user being logged off. Sessions can be reset or exited correctly by manually resetting them, or by terminating remnant user processes i...

hw: Vector Register Data Sampling

A flaw was found in Intel processors where a local attacker is able to gain information about registers used for vector calculations by observing register states from other processes running on the system. This results in a race condition where store buffers, which were not cleared, could be read...

cri-o: infra container reparented to systemd following OOM Killer killing it's conmon

A flaw was found in cri-o, as a result of all pod-related processes being placed in the same memory cgroup. This can result in container management conmon processes being killed if a workload process triggers an out-of-memory OOM condition for the cgroup. An attacker could abuse this flaw to get...