FreeBSD -- Kernel memory disclosure in freebsd32_ioctl

Problem Description: Due to insufficient initialization of memory copied to userland in the components listed above small amounts of kernel memory may be disclosed to userland processes. Impact: A user who can invoke 32-bit FreeBSD ioctls may be able to read the contents of small portions of kern...

PT-2019-3037 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to an elevation of privilege vulnerability that exists when reparse points are created by sandboxed processes, allowing sandbox escape. This could enable an attacker to...

McAfee Agent 5.6.x < 5.6.1 HF3 Privilege Escalation Vulnerability (SB10288)

The version of McAfee Agent, formerly McAfee ePolicy Orchestrator ePO Agent, installed on the remote host is 5.6.x prior to 5.6.1 HF3. It is, therefore, affected by a privilege escalation vulnerability. An authenticated, local administrator can exploit this issue, via carefully constructed file i...

CVE-2019-3592

Privilege escalation vulnerability in McAfee Agent MA before 5.6.1 HF3, allows local administrator users to potentially disable some McAfee processes by manipulating the MA directory control and placing a carefully constructed file in the MA directory...

[SECURITY] Fedora 29 Update: qemu-3.0.1-4.fc29

QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: Full system emulation. In this mode, QEMU emulates a full system for example a PC, including a processor and various peripherials. It can be used ...

CVE-2017-9327

Secret data of processes managed by CM is not secured by file permissions...

F5 Networks BIG-IP : iControl REST vulnerability (K22384173)

Undisclosed requests can cause iControl REST processes to crash. The attack can only come from an authenticated user; all roles are capable of performing the attack. Unauthenticated users cannot perform this attack.CVE-2019-6641 Impact BIG-IP When this vulnerability is exploited, the restjavad...

CVE-2019-12817

arch/powerpc/mm/mmucontextbook3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. Only a subset of powerpc systems are affected...

Mozilla -- multiple vulnerabilities

Mozilla Foundation reports: CVE-2019-11708: sandbox escape using Prompt:Open Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When...

Debian DLA-1823-1 : linux security update (SACK Panic) (SACK Slowness)

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2019-3846, CVE-2019-10126 huangwen reported multiple buffer overflows in the Marvell wifi mwifiex driver, which a local user could use to cause...

MegaCortex continues trend of targeted ransomware attacks

MegaCortex is a relatively new ransomware family that continues the 2019 trend of threat actors developing ransomware specifically for targeted attacks on enterprises. While GandCrab apparently shut its doors, several other bespoke, artisanal ransomware families have taken its place, including...

CVE-2019-5216

There is a race condition vulnerability on Huawei Honor V10 smartphones versions earlier than Berkeley-AL20 9.0.0.156C00E156R2P14T8, Honor 10 smartphones versions earlier than Columbia-AL10B 9.0.0.156C00E156R1P20T8 and Honor Play smartphones versions earlier than Cornell-AL00A...

Malicious Package

Overview Version 0.0.3 of angluar-cli contains malicious code as a postinstall script. The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. When installed the package attempts to remove files and stop processes related to McAfee...

Design/Logic Flaw

rkt through version 1.30.0 does not isolate processes in containers that are run with rkt enter. Processes run with rkt enter are given all capabilities during stage 2 the actual environment in which the applications run. Compromised containers could exploit this flaw to access host resources...

Denial Of Service (DoS)

pacemaker is vulnerable to denial of service attacks. Local unauthenticated user can cause a system hang due to insufficient verification inflicted preference of uncontrolled processes...

Hidden Bee: Let’s go down the rabbit hole

Some time ago, we discussed the interesting malware, Hidden Bee. It is a Chinese miner, composed of userland components, as well as of a bootkit part. One of its unique features is a custom format used for some of the high-level elements this format was featured in my recent presentation at SAS...

pacemaker: Insufficient verification inflicted preference of uncontrolled processes can lead to DoS

A flaw was found in pacemaker. An insufficient verification inflicted preference of uncontrolled processes can lead to DoS...

[SECURITY] Fedora 28 Update: qemu-2.11.2-5.fc28

QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: Full system emulation. In this mode, QEMU emulates a full system for example a PC, including a processor and various peripherials. It can be used ...

[SECURITY] Fedora 29 Update: qemu-3.0.1-3.fc29

QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: Full system emulation. In this mode, QEMU emulates a full system for example a PC, including a processor and various peripherials. It can be used ...

EulerOS Virtualization 3.0.1.0 : util-linux (EulerOS-SA-2019-1462)

According to the version of the util-linux packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use thi...