Authorization Bypass

Linux kernel is vulnerable to authorization bypass. When creating audit records for parameters to executed children processes, an attacker can convince the Linux kernel audit subsystem can create corrupt records which may allow an attacker to misrepresent or evade logging of executing commands...

Information Disclosure

rhevm-log-collector is vulnerable to information disclosure attacks. The vulnerability exists as the rhevm-log-collector package in Red Hat Enterprise Virtualization 3.4 uses the PostgreSQL database password on the command line when calling sosreport, which allows local users to obtain sensitive...

Denial Of Service (DoS)

openipmi is vulnerable to denial of service DoS attacks. The vulnerability exists as ipmievd aka the IPMI event daemon in OpenIPMI, as used in the ipmitool package 1.8.11 in Red Hat Enterprise Linux RHEL 6, Debian GNU/Linux, Fedora 16, and other products uses 0666 permissions for its ipmievd.pid...

CVE-2018-16888

It was discovered systemd does not correctly check the content of PIDFile files before using it to kill processes. When a service is run from an unprivileged user e.g. User field set in the service file, a local attacker who is able to write to the PIDFile of the mentioned service may use this fl...

CVE-2018-16888

It was discovered systemd does not correctly check the content of PIDFile files before using it to kill processes. When a service is run from an unprivileged user e.g. User field set in the service file, a local attacker who is able to write to the PIDFile of the mentioned service may use this fl...

CVE-2018-16888

It was discovered systemd does not correctly check the content of PIDFile files before using it to kill processes. When a service is run from an unprivileged user e.g. User field set in the service file, a local attacker who is able to write to the PIDFile of the mentioned service may use this fl...

CVE-2018-16888

CVE-2018-16888 affects systemd. When a service runs as an unprivileged user, a local attacker who can write to the service’s PIDFile may trick systemd into killing other services and/or privileged processes. Vulnerable versions are those before v237. Remediation: update systemd to a fixed version...

[SECURITY] Fedora 29 Update: polkit-0.115-4.2.fc29

polkit is a toolkit for defining and handling authorizations. It is used for allowing unprivileged processes to speak to privileged processes...

MemITM - Tool To Make In Memory Man In The Middle

The MemITM Mem In The Middle tool has been developped in order to easily intercept "messages" in Windows processes memory. We developped a lot of custom memory interception tools in order to capture network messages before encryption, or IPC messages, and to be able to inspect them or alter them ...

PHP 7.2.x < 7.2.4 Dumpable FPM Child Processes

According to its banner, the version of PHP running on the remote web server is 7.2.x prior to 7.2.4. It is, therefore, affected by opcache access controls bypass via dumpable FPM child processes. Note that the scanner has not tested for these issues but has instead relied only on the application...

Microsoft Windows Data Sharing Service Elevation of Privilege Vulnerability (CNVD-2019-16175)

Microsoft Windows 10 and others are a series of operating systems released by Microsoft Corporation in the U.S. Windows Data Sharing Service is one of the data sharing service components used in it. An elevation of privilege vulnerability exists in Microsoft Windows Data Sharing Service, which ca...

Microsoft Windows Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when Windows improperly handles authentication requests. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially crafted application on...

Denial Of Service (DoS)

libsystemd.so is vulnerable to denial of service. It does not perform any checks on the contents of the PIDFile file of a service, which would allow a local attacker to trick the systemd into killing privileged processes by tampering with the PIDFile of a service...

CVE-2018-16888

It was discovered systemd does not correctly check the content of PIDFile files before using it to kill processes. When a service is run from an unprivileged user e.g. User field set in the service file, a local attacker who is able to write to the PIDFile of the mentioned service may use this fl...

SUSE SLES12 Security Update : php7 (SUSE-SU-2018:1176-1)

This update for php7 fixes the following issues: Security issues fixed : - CVE-2018-10545: Fix access controls in FPM child processes bsc1091367. - CVE-2018-10547: Fix Reflected XSS on the PHAR 403 and 404 error pages bsc1091362. - CVE-2018-10546: Fix an infinite loop exists in ext/iconv/iconv.c...

SUSE SLES12 Security Update : php5 (SUSE-SU-2018:1291-1)

This update for php5 fixes the following issues: Security issues fixed : - CVE-2018-10545: Fix access controls in FPM child processes bsc1091367. - CVE-2018-10547: Fix Reflected XSS on the PHAR 403 and 404 error pages bsc1091362. - CVE-2018-10546: Fix an infinite loop exists in ext/iconv/iconv.c...

CVE-2018-6337

folly::secureRandom will re-use a buffer between parent and child processes when fork is called. That will result in multiple forked children producing repeat or similar results. This affects HHVM 3.26 prior to 3.26.3 and the folly library between v2017.12.11.00 and v2018.08.09.00...

PT-2018-17487 · Facebook · Folly +1

Name of the Vulnerable Software and Affected Versions: HHVM versions prior to 3.26.3 folly library versions between v2017.12.11.00 and v2018.08.09.00 Description: The issue is related to the folly::secureRandom function, which re-uses a buffer between parent and child processes when fork is calle...

Linux/x86 - Kill All Processes Shellcode (14 bytes)

Exploit Title: Linux/x86 - Kill All Processes Shellcode 14 bytes Exploit Author: strider Vendor Homepage: None Software Link: None Tested on: Debian 9 Stretch i386/ Kali Linux i386 CVE : None Shellcode Length: 14 Description: Linux/x86 kill 9 -1 14 bytes...

The vulnerability of the pgrep function in console-based applications for monitoring and terminating system processes in Props-ng allows a attacker to cause a service failure.

The vulnerability of the pgrep function in console-based applications for monitoring and terminating system processes in Props-ng is related to an error that causes buffer overflows. Exploiting this vulnerability can allow a malicious actor to trigger a service failure through specially crafted...