CVE-2019-12522

A flaw was found in squid. When Squid is run as root, it spawns its child processes as a lesser user, by default the user nobody. This is done via the leavesuid call. leavesuid leaves the Saved UID as 0. This makes it trivial for an attacker who has compromised the child process to escalate their...

WebKit AudioArray::allocate Data Race / Out-Of-Bounds Access Vulnerability

WebKit: Data race in AudioArray::allocate can lead to OOB access VULNERABILITY DETAILS Source/WebCore/platform/audio/AudioArray.h: void allocateChecked n ... while !isAllocationGood // Initially we try to allocate the exact size, but if it's not aligned // then we'll have to reallocate and from...

CVE-2020-4260

IBM UrbanCode Deploy UCD 7.0.5 could allow a user with special permissions to obtain sensitive information via generic processes. IBM X-Force ID: 175639...

Information disclosure

IBM UrbanCode Deploy UCD 7.0.5 could allow a user with special permissions to obtain sensitive information via generic processes. IBM X-Force ID: 175639...

CVE-2020-7277

Protection mechanism failure in all processes in McAfee Endpoint Security ENS for Windows prior to 10.7.0 April 2020 Update allows local users to stop certain McAfee ENS processes, reducing the protection offered...

CVE-2020-7277 McAfee processes not protected

Protection mechanism failure in all processes in McAfee Endpoint Security ENS for Windows prior to 10.7.0 April 2020 Update allows local users to stop certain McAfee ENS processes, reducing the protection offered...

Ps-Tools - An Advanced Process Monitoring Toolkit For Offensive Operations

Having a good technical understanding of the systems we land on during an engagement is a key condition for deciding what is going to be the next step within an operation. Collecting and analysing data of running processes from compromised systems gives us a wealth of information and helps us to...

Information Disclosure

kernel is vulnerable to information disclosure. The vulnerability exists as /proc/PID/io is world-readable by default. Previously, these files could be read without any further restrictions. A local, unprivileged user could read these files, belonging to other, possibly privileged processes to...

Information Disclosure

kernel is vulnerable to information disclosure. The vulnerability exists as a flaw was found in the AGPGART driver. The agpgenericallocpage and agpgenericallocpages functions did not zero out the memory pages they allocate, which may later be available to user-space processes. This flaw could...

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists as a flaw was found in the handling of zombie processes. A local user could create processes that would not be properly reaped, possibly causing a denial of service...

Denial Of Service (DoS)

httpd is vulnerable to denial of service DoS. The vulnerability exists as the Apache HTTP Server did not verify that a process was an Apache child process before sending it signals. A local attacker with the ability to run scripts on the Apache HTTP Server could manipulate the scoreboard and caus...

Avira Operations Free Antivirus Code Injection Vulnerability

Avira Operations Free Antivirus is a suite of antivirus programs from Avira Operations. A security vulnerability exists in Avira Operations Free Antivirus versions prior to 15.0.2004.1825, which stems from a self-protection feature that does not prohibit write operations by external processes. Th...

Update Rollup 6 for System Center 2012 R2 Operations Manager

Update Rollup 6 for System Center 2012 R2 Operations Manager Introduction This article describes the issues that are fixed in Update Rollup 6 for Microsoft System Center 2012 R2 Operations Manager. Additionally, this article contains the installation instructions for Update Rollup 6 for System...

CVE-2017-18671

An issue was discovered on Samsung mobile devices with L5.0/5.1, M6.0, and N7.x software. Intents related to Wi-Fi have incorrect exception handling, leading to a crash of system processes. The Samsung ID is SVE-2017-8389 May 2017...

Code injection

An issue was discovered on Samsung mobile devices with KK4.4, L5.0/5.1, M6.0, and N7.x software. An attacker can crash system processes via a Serializable object because of missing exception handling. The Samsung IDs are SVE-2017-8109, SVE-2017-8110, SVE-2017-8115, SVE-2017-8118, and SVE-2017-811...

CVE-2017-18659

An issue was discovered on Samsung mobile devices with KK4.4, L5.0/5.1, M6.0, and N7.x software. Attackers can crash system processes via a broadcast to AdaptiveDisplayColorService. The Samsung ID is SVE-2017-8290 July 2017...

CVE-2017-18671

The CVE affects Samsung mobile devices running Android L/M/N. Root cause: Wi‑Fi related intents with incorrect exception handling. Consequence: crash of system processes. No exploitation details are provided in the documents. Samsung lists a security update reference (SVE-2017-8389) as context fo...

kernel: powerpc: local user can read vector registers of other users' processes via a Facility Unavailable exception

A flaw in the Linux kernel on the PowerPC platform, was found where a local user can read vector registers of other user processes via a Facility Unavailable exception. An attacker must start a transaction when the FPU operation begins or there is no leakage. Vector registers will become corrupte...

CVE-2020-11587

An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an API request and get the content of ETL Processes running on the server...

CVE-2020-11587

An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an API request and get the content of ETL Processes running on the server...