CVE-2019-14891

A flaw was found in cri-o, as a result of all pod-related processes being placed in the same memory cgroup. This can result in container management conmon processes being killed if a workload process triggers an out-of-memory OOM condition for the cgroup. An attacker could abuse this flaw to get...

CVE-2010-4177

mysql-gui-tools mysql-query-browser and mysql-admin before 5.0r14+openSUSE-2.3 exposes the password of a user connected to the MySQL server in clear text form via the list of running processes...

Windows Certificate Dialog Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in the Windows Certificate Dialog when it does not properly enforce user privileges. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete...

CVE-2013-1820

tuned before 2.x allows local users to kill running processes due to insecure permissions with tuned's ktune service...

CVE-2013-1820

tuned before 2.x allows local users to kill running processes due to insecure permissions with tuned's ktune service...

CVE-2013-1820

tuned before 2.x allows local users to kill running processes due to insecure permissions with tuned's ktune service...

CVE-2013-1820

CVE-2013-1820 concerns the tuned daemon (tuned before 2.x) where insecure permissions on tuned’s ktune service allow local users to kill running processes. Multiple sources (NVD entry, Debian/Ubuntu advisories, Red Hat/Nessus plugins) confirm the vulnerability stems from improper access control o...

macOS XNU - Missing Locking in checkdirs_callback() Enables Race with fchdir_common()

On macOS, when a new mount point is created, the kernel uses checkdirs to, as a comment above the function explains: "Scan all active processes to see if any of them have a current or root directory onto which the new filesystem has just been mounted. If so, replace them with the new mount point....

The vulnerability of the ihevcd_parse_sps function (ihevcd_parse_headers.c) in the Android operating system allows a hacker to cause a system failure for critical system processes.

The vulnerability of the ihevcdparsesps function ihevcdparseheaders.c in the Android operating system is related to an infinite loop being entered. Exploiting this vulnerability could allow a malicious actor to cause a critical system process to fail remotely...

Video_Converter app denial of service vulnerability

Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany.VideoConverter app is a video file format converter. A denial of service vulnerability exists in VideoConverter app version 0.1.0 for Nextcloud, which...

Design/Logic Flaw

The VideoConverter app 0.1.0 for Nextcloud allows denial of service CPU and memory consumption via multiple concurrent conversions because many FFmpeg processes may be running at once. The workload is not queued for serial execution...

Microsoft to Reward Hackers for Finding Bugs in Open Source Election Software

Fair elections are the lifelines of democracy, but in recent years election hacking has become a hot topic worldwide. Whether it's American voting machines during the 2016 presidential election or India's EVMs during 2014 general elections, the integrity, transparency, and security of electronic...

CVE-2019-3805

A flaw was discovered in wildfly that would allow local users, who are able to execute init.d script, to terminate arbitrary processes on the system. An attacker could exploit this by modifying the PID file in /var/run/jboss-eap/ allowing the init.d script to terminate any process as root...

Juniper Junos CVE-2019-0060 Denial of Service Vulnerability

Description Juniper Junos is prone to a denial-of-service vulnerability. Attackers can exploit this issue to cause a process crash, denying service to legitimate users. The following versions of Juniper Junos are affected: Juniper Junos 15.1X49 versions prior to 15.1X49-D171, 15.1X49-D180 are...

How security orchestration improves detection and response

Working together in perfect harmony like the wind and percussion sections of a symphony orchestra requires both rigorous practice and a skilled conductor. Wouldn’t it be great if our cybersecurity solutions did the same to better protect organizations? The methods and tools used to accomplish thi...

Processes, Logs And Configuration Files Participating in Citrix ADM High Availability

The following processes participate in Citrix ADM HA operations: /usr/local/bin/python /mps/mashbmonit.py This process is run by both nodes. It is responsible for sending and receiving heartbeats and healthchecks. By default, it uses UDP port 5005. The configuration file for this process...

Apple Safari APPLE-SA-2019-9-26-9 Multiple security Vulnerabilities

Description Apple Safari is prone to is prone to multiple security vulnerabilities. An attacker may exploit these issues to carry out phishing-style attacks or to obtain sensitive information that may aid in further attacks. Technologies Affected Apple Safari 1.0.0 Apple Safari 1.0.0 Apple Safari...

CVE-2019-3689

The nfs-utils package in SUSE Linux Enterprise Server 12 before and including version 1.3.0-34.18.1 and in SUSE Linux Enterprise Server 15 before and including version 2.1.1-6.10.2 the directory /var/lib/nfs is owned by statd:nogroup. This directory contains files owned and managed by root. If...

UBUNTU-CVE-2019-3689

The nfs-utils package in SUSE Linux Enterprise Server 12 before and including version 1.3.0-34.18.1 and in SUSE Linux Enterprise Server 15 before and including version 2.1.1-6.10.2 the directory /var/lib/nfs is owned by statd:nogroup. This directory contains files owned and managed by root. If...

kernel: ppc: unrelated processes being able to read/write to each other's virtual memory

A flaw was found in the way the Linux kernel's memory subsystem on certain 64-bit PowerPCs with the hash page table MMU handled memory above 512TB. A local, unprivileged user could use this flaw to escalate their privileges on the system...