2285 matches found
CVE-2017-11063
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, as a result of a race condition between two userspace processes that interact with the driver concurrently, a null pointer dereference can potentially occur...
P3Scan Design Vulnerabilities
P3Scan is a proxy server for email that scans for worms, Trojans and other malicious emails. A security vulnerability exists in daemon in P3Scan 3.0rc1 and earlier versions, which stems from the creation of the p3scan.pid file after the program has downgraded an account to non-root privileges. A...
Huawei FusionCompute Denial of Service Vulnerability
Huawei FusionCompute is an enterprise-grade, open server virtualization solution from Huawei, China, based on the Xen open source design. The solution provides automation, advanced integration and management capabilities for virtualized data centers. A denial of service vulnerability exists in...
CVE-2016-5868
drivers/net/ethernet/msm/rndisipa.c in the Qualcomm networking driver in Android allows remote attackers to execute arbitrary code via a crafted application compromising a privileged process...
The vulnerability of the rzpnk.sys driver, a IOCTL handler for configuring a cloud-based system, allows a hacker to open a descriptor for arbitrary processes.
The vulnerability of the rzpnk.sys driver, a IOCTL handler for configuring a cloud-based system, is related to deficiencies in access control for the ZwOpenProcess procedure. Exploiting this vulnerability allows a malicious actor to open a descriptor for an arbitrary process remotely...
CVE-2017-14681
The daemon in P3Scan 3.0rc1 and earlier creates a p3scan.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for p3scan.pid modification before a root script executes a "kill cat...
Command injection
The daemon in P3Scan 3.0rc1 and earlier creates a p3scan.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for p3scan.pid modification before a root script executes a "kill cat...
CVE-2017-14681
The daemon in P3Scan 3.0rc1 and earlier creates a p3scan.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for p3scan.pid modification before a root script executes a "kill cat...
CVE-2017-14681
Removed by vendor...
Kannel Privilege Escalation Vulnerability
Kannel is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:kannel:kannel"; if...
CVE-2017-14609
The server daemons in Kannel 1.5.0 and earlier create a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill cat /pathname"...
CVE-2017-14610
bareos-dir, bareos-fd, and bareos-sd in bareos-core in Bareos 16.2.6 and earlier create a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root scrip...
CVE-2017-14609
The server daemons in Kannel 1.5.0 and earlier create a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill cat /pathname"...
CVE-2017-14610
bareos-dir, bareos-fd, and bareos-sd in bareos-core in Bareos 16.2.6 and earlier create a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root scrip...
Command injection
The server daemons in Kannel 1.5.0 and earlier create a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill cat /pathname"...
CVE-2017-14609
The server daemons in Kannel 1.5.0 and earlier create a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill cat /pathname"...
CVE-2017-14609
The server daemons in Kannel 1.5.0 and earlier create a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill cat /pathname"...
CVE-2017-14610
bareos-dir, bareos-fd, and bareos-sd in bareos-core in Bareos 16.2.6 and earlier create a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root scrip...
CVE-2017-14609
CVE-2017-14609 affects Kannel 1.5.0 and earlier. The vulnerability stems from a daemon that creates a PID file after dropping privileges to a non-root account, potentially enabling local users to terminate arbitrary processes by modifying the non-root account’s PID file before a root script runs ...
CVE-2017-14610
Removed by vendor...