Lucene search
+L

13 matches found

Ubuntu
Ubuntu
added 2022/12/01 1:8 a.m.53 views

USN-5753-1: snapd vulnerability

The Qualys Research Team discovered that a race condition existed in the snapd snap-confine binary when preparing the private /tmp mount for a snap. A local attacker could possibly use this issue to escalate privileges and execute arbitrary code...

7.8CVSS7.7AI score0.00384EPSS
Exploits2
GithubExploit
GithubExploit
added 2022/06/24 11:50 a.m.294 views

Exploit for Off-by-one Error in Sudo_Project Sudo

CVE-2021-3156: Heap-Based Buffer Overflow in Sudo Baron Samed...

7.8CVSS8.7AI score0.99295EPSS
Exploits81
Qualys Blog
Qualys Blog
added 2022/06/21 1:20 a.m.24 views

Defending Against Scheduled Task Attacks in Windows Environments

Scheduling tasks is one of the most popular attack techniques used by threat actors to establish persistence on a victim’s machine. The Qualys Research Team investigated different ways that attackers could use to conceal scheduled tasks. In this blog, we describe three new techniques to hide and...

7.6AI score
Exploits0
GithubExploit
GithubExploit
added 2022/05/26 2:47 a.m.196 views

Exploit for Off-by-one Error in Sudo_Project Sudo

CVE-2021-3156 Root shell PoC for CVE-2021-3156 no brutef...

7.8CVSS8.6AI score0.99295EPSS
Exploits81
Qualys Blog
Qualys Blog
added 2022/02/03 7:22 a.m.38 views

Catching the RAT called Agent Tesla

For the last few years, the Qualys Research Team has been observing an infamous "Malware-as-a-service" RAT Remote Access Trojan called Agent Tesla. It first appeared in 2014, and since then many variants have been deployed. This malware uses multiple techniques for evading detection as well as...

0.1AI score
Exploits0
GithubExploit
GithubExploit
added 2022/01/29 7:59 p.m.268 views

Exploit for Out-of-bounds Write in Polkit_Project Polkit

PwnKit Vulnerability - Local Privilege Escalation - Title:...

7.8CVSS7.6AI score0.94921EPSS
Exploits152
GithubExploit
GithubExploit
added 2022/01/27 2:27 a.m.498 views

Exploit for Out-of-bounds Write in Polkit_Project Polkit

Information Exploit Title: Local Privilege Escalation i...

9CVSS7.3AI score0.94921EPSS
Exploits159
Qualys Blog
Qualys Blog
added 2022/01/17 1:33 p.m.27 views

The Chaos Ransomware Can Be Ravaging

The Qualys Research Team has observed a new version of Chaos ransomware in development. This blog reviews the malware’s updated functionality as well as its ongoing evolution. A ransomware builder called Chaos is still actively under development. The fourth version has recently been observed bein...

7.7AI score
Exploits0
Qualys Blog
Qualys Blog
added 2021/07/20 12:55 p.m.374 views

CVE-2021-33910: Denial of Service (Stack Exhaustion) in systemd (PID 1)

The Qualys Research Team has discovered a stack exhaustion denial-of-service vulnerability in systemd, a near-ubiquitous utility available on major Linux operating systems. Any unprivileged user can exploit this vulnerability to crash systemd and hence the entire operating system a kernel panic...

7.2CVSS0.1AI score0.09729EPSS
Exploits7
GithubExploit
GithubExploit
added 2021/06/25 5:45 a.m.88 views

Exploit for Off-by-one Error in Sudo_Project Sudo

CVE-2021-3156 Root shell PoC for CVE-2021-3156 no brutef...

7.8CVSS7.8AI score0.99295EPSS
Exploits81
CERT
CERT
added 2021/02/04 12:0 a.m.132 views

Sudo set_cmd() is vulnerable to heap-based buffer overflow

Overview A heap-based overflow has been discovered in the setcmd function in sudo, which may allow a local attacker to execute commands with elevated administrator privileges. Description From the Sudo Main Page: Sudo su "do" allows a system administrator to delegate authority to give certain use...

7.8CVSS8.2AI score0.99295EPSS
Exploits81References3
GithubExploit
GithubExploit
added 2021/02/03 7:57 p.m.153 views

Exploit for Off-by-one Error in Sudo_Project Sudo

CVE-2021-3156 Root shell PoC for CVE-2021-3156 no brutef...

7.8CVSS7.8AI score0.99295EPSS
Exploits81
Qualys Blog
Qualys Blog
added 2021/01/26 6:9 p.m.1435 views

CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit)

Update Feb 3, 2021: It has been reported that macOS, AIX, and Solaris are also vulnerable to CVE-2021-3156, and that others may also still be vulnerable. Qualys has not independently verified the exploit. Original Post: The Qualys Research Team has discovered a heap overflow vulnerability in sudo...

7.2CVSS0.4AI score0.99295EPSS
Exploits81
Rows per page
Query Builder