CVE-2018-1000200

The Linux Kernel versions 4.14, 4.15, and 4.16 has a null pointer dereference which can result in an out of memory OOM killing of large mlocked processes. The issue arises from an oom killed process's final thread calling exitmmap, which calls munlockvmapagesall for mlocked vmas.This can happen...

CVE-2018-1000200

The Linux Kernel versions 4.14, 4.15, and 4.16 has a null pointer dereference which can result in an out of memory OOM killing of large mlocked processes. The issue arises from an oom killed process's final thread calling exitmmap, which calls munlockvmapagesall for mlocked vmas.This can happen...

CVE-2018-1000200

The Linux Kernel versions 4.14, 4.15, and 4.16 has a null pointer dereference which can result in an out of memory OOM killing of large mlocked processes. The issue arises from an oom killed process's final thread calling exitmmap, which calls munlockvmapagesall for mlocked vmas.This can happen...

CVE-2018-1000200

The Linux Kernel versions 4.14, 4.15, and 4.16 has a null pointer dereference which can result in an out of memory OOM killing of large mlocked processes. The issue arises from an oom killed process's final thread calling exitmmap, which calls munlockvmapagesall for mlocked vmas.This can happen...

Arbitrary file deletion

The Gentoo app-backup/burp package before 2.1.32 sets the ownership of the PID file directory to the burp account, which might allow local users to kill arbitrary processes by leveraging access to this account for PID file modification before a root script sends a SIGKILL...

CVE-2017-18284

The Gentoo app-backup/burp package before 2.1.32 sets the ownership of the PID file directory to the burp account, which might allow local users to kill arbitrary processes by leveraging access to this account for PID file modification before a root script sends a SIGKILL...

CVE-2017-18284

The CVE-2017-18284 entry concerns Gentoo app-backup/burp prior to version 2.1.32, where the PID file directory is owned by the burp user. This may allow a local attacker with access to the burp account to modify the PID file and terminate arbitrary processes before a root script issues a SIGKILL....

CVE-2017-18284

The Gentoo app-backup/burp package before 2.1.32 sets the ownership of the PID file directory to the burp account, which might allow local users to kill arbitrary processes by leveraging access to this account for PID file modification before a root script sends a SIGKILL...

[SECURITY] Fedora 28 Update: procps-ng-3.3.12-2.fc28

The procps package contains a set of system utilities that provide system information. Procps includes ps, free, skill, pkill, pgrep, snice, tload, top, uptime, vmstat, w, watch and pwdx. The ps command displays a snapshot of running processes. The top command provides a repetitive update of the...

openSUSE: Security Advisory for php5 (openSUSE-SU-2018:1317-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE SLES11 Security Update : php53 (SUSE-SU-2018:1294-1)

This update for php53 fixes the following issues: Security issues fixed : - CVE-2018-10545: Fix access controls in FPM child processes bsc1091367. - CVE-2018-10547: Fix Reflected XSS on the PHAR 403 and 404 error pages bsc1091362. - CVE-2018-10546: Fix an infinite loop exists in ext/iconv/iconv.c...

CVE-2017-6021

In Schneider Electric ClearSCADA 2014 R1 build 75.5210 and prior, 2014 R1.1 build 75.5387 and prior, 2015 R1 build 76.5648 and prior, and 2015 R2 build 77.5882 and prior, an attacker with network access to the ClearSCADA server can send specially crafted sequences of commands and data packets to...

openSUSE Security Update : php7 (openSUSE-2018-441)

This update for php7 fixes the following issues : Security issues fixed : - CVE-2018-10545: Fix access controls in FPM child processes bsc1091367. - CVE-2018-10547: Fix Reflected XSS on the PHAR 403 and 404 error pages bsc1091362. - CVE-2018-10546: Fix an infinite loop exists in ext/iconv/iconv.c...

CVE-2018-10962

An issue was discovered in Shanghai 2345 Security Guard 3.7.0. 2345MPCSafe.exe, 2345SafeTray.exe, and 2345Speedup.exe allow local users to bypass intended process protections, and consequently terminate processes, because mouseevent is not properly considered...

Design/Logic Flaw

An issue was discovered in Shanghai 2345 Security Guard 3.7.0. 2345MPCSafe.exe, 2345SafeTray.exe, and 2345Speedup.exe allow local users to bypass intended process protections, and consequently terminate processes, because mouseevent is not properly considered...

CVE-2018-10962

An issue was discovered in Shanghai 2345 Security Guard 3.7.0. 2345MPCSafe.exe, 2345SafeTray.exe, and 2345Speedup.exe allow local users to bypass intended process protections, and consequently terminate processes, because mouseevent is not properly considered...

CVE-2018-10962

An issue was discovered in Shanghai 2345 Security Guard 3.7.0. 2345MPCSafe.exe, 2345SafeTray.exe, and 2345Speedup.exe allow local users to bypass intended process protections, and consequently terminate processes, because mouseevent is not properly considered...

John Summers Q&A - Evanta Global CIO Executive Summit

Akamai's John Summers, VP & CTO, spoke at the recent Evanta Global CIO Executive Summit, a gathering of 75 major organization CIOs. His session was titled, "Cloud Security - Adopt Zero Trust and Put Asset-Level Safeguards in Place." Here are some of the key questions he addressed. How do you...

CVE-2017-2611

Jenkins before versions 2.44, 2.32.2 is vulnerable to an insufficient permission check for periodic processes SECURITY-389. The URLs /workspaceCleanup and /fingerprintCleanup did not perform permission checks, allowing users with read access to Jenkins to trigger these background processes that a...

CVE-2017-2611

Jenkins before versions 2.44, 2.32.2 is vulnerable to an insufficient permission check for periodic processes SECURITY-389. The URLs /workspaceCleanup and /fingerprintCleanup did not perform permission checks, allowing users with read access to Jenkins to trigger these background processes that a...