CVE-2021-25363

Summary: CVE-2021-25363 describes an improper access control in Samsung’s ActivityManagerService prior to the SMR APR-2021 Release 1, enabling untrusted applications to access running processes and delete local files. Affected scope (from provided sources): Samsung SMR (system patch package) prio...

CVE-2020-14106

The application in the mobile phone can unauthorized access to the list of running processes in the mobile phone, Xiaomi Mobile Phone MIUI 2021.01.26...

CVE-2020-14106

The application in the mobile phone can unauthorized access to the list of running processes in the mobile phone, Xiaomi Mobile Phone MIUI 2021.01.26...

CVE-2020-14106

The application in the mobile phone can unauthorized access to the list of running processes in the mobile phone, Xiaomi Mobile Phone MIUI 2021.01.26...

Xiaomi MIUI 安全漏洞

Xiaomi MIUI is a set of Android-based smartphone operating systems developed by China's Xiaomi Technology Xiaomi. An information disclosure vulnerability exists in Xiaomi Mobile Phone MIUI versions prior to 2021.01.26. The vulnerability can be exploited by an attacker to obtain a list of running...

Watch Out! Mission Critical SAP Applications Are Under Active Attack

Cyber attackers are actively setting their sights on unsecured SAP applications in an attempt to steal information and sabotage critical processes, according to new research. "Observed exploitation could lead in many cases to full control of the unsecured SAP application, bypassing common securit...

Malicious Cyber Activity Targeting Critical SAP Applications

SAP systems running outdated or misconfigured software are exposed to increased risks of malicious attacks. SAP applications help organizations manage critical business processes—such as enterprise resource planning, product lifecycle management, customer relationship management, and supply chain...

LinkedIn Spear-Phishing Campaign Targets Job Hunters

A threat group called Golden Chickens is delivering the fileless backdoor moreeggs through a spear-phishing campaign targeting professionals on LinkedIn with fake job offers, according to researchers at eSentire. The phishing emails try to trick a victim into clicking on a malicious .ZIP file by...

CVE-2020-27935

Multiple issues were addressed with improved logic. This issue is fixed in iOS 14.2 and iPadOS 14.2, macOS Big Sur 11.0.1, watchOS 7.1, tvOS 14.2. A sandboxed process may be able to circumvent sandbox restrictions...

A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while filtering signal handlers. A local attacker is able to abuse this flaw to bypass checks to send any signal to a privileged process.

...

CVE-2021-23348

creationtimestamp| type| source ---|---|--- 2021-03-31 03:49:43+00:00| published-proof-of-concept| https://github.com/rrainn/PortProcesses/security/advisories/GHSA-vm67-7vmg-66vm...

CVE-2020-25581

In FreeBSD 12.2-STABLE before r369312, 11.4-STABLE before r369313, 12.2-RELEASE before p4 and 11.4-RELEASE before p8 due to a race condition in the jailremove2 implementation, it may fail to kill some of the processes...

Race condition

In FreeBSD 12.2-STABLE before r369312, 11.4-STABLE before r369313, 12.2-RELEASE before p4 and 11.4-RELEASE before p8 due to a race condition in the jailremove2 implementation, it may fail to kill some of the processes...

CVE-2020-25581

Removed by vendor...

DEBIAN-CVE-2020-35508

A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while filtering signal handlers. A local attacker is able to abuse this flaw to bypass checks to send any signal to a privileged process...

AZL-6528 CVE-2020-35508 affecting package kernel for versions less than 5.10.78.1-1

A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while filtering signal handlers. A local attacker is able to abuse this flaw to bypass checks to send any signal to a privileged process...

Cisco Access Point Software Arbitrary Code Execution Vulnerability

A vulnerability in the boot logic of Cisco Access Points Software could allow an authenticated, local attacker to execute unsigned code at boot time. The vulnerability is due to an improper check that is performed by the area of code that manages system startup processes. An attacker could exploi...

[SECURITY] Fedora 34 Update: libksysguard-5.21.3.1-1.fc34

KSysGuard library provides API to read and manage processes running on the system...

Akamai Launch Cohort 2 of Accelerator Program for Early-Stage Innovations in Water

Akamai Technologies India Pvt. Ltd. has chosen the grantees for Cohort 2 of Accelerator Program for Early-Stage Innovations in Water. The Accelerator Program enables grantees to ideate their technology-based solutions for water conservation. This year, two grantees -- SmartTerra and Jaljeevika --...

USN-4808-1: Tinyproxy vulnerability

It was discovered that Tinyproxy created its pid file with insecure permissions. An attacker could use the vulnerability to cause arbitrary processes to be killed, resulting in a denial of service...