CVE-2022-40529

Memory corruption due to improper access control in kernel while processing a mapping request from root process...

BIT-WILDFLY-2020-14317

It was found that the issue for security flaw CVE-2019-3805 appeared again in a further version of JBoss Enterprise Application Platform - Continuous Delivery EAP-CD introducing regression. An attacker could exploit this by modifying the PID file in /var/run/jboss-eap/ allowing the init.d script ...

MGASA-2023-0334 Updated xrdp packages fix security vulnerability

The updated packages fix a security vulnerability Access to the font glyphs in xrdppainter.c is not bounds-checked. Since some of this data is controllable by the user, this can result in an out-of-bounds read within the xrdp executable. The vulnerability allows an out-of-bounds read within a...

CVE-2022-40529

Memory corruption due to improper access control in kernel while processing a mapping request from root process...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from memory corruption due to improper access control in the kernel when handling mapping requests from the root process...

PT-2023-13813 · Kernel · Kernel

Name of the Vulnerable Software and Affected Versions: Kernel affected versions not specified Description: The issue is related to memory corruption due to improper access control in the kernel when processing a mapping request from the root process. Recommendations: At the moment, there is no...

SUSE CVE-2020-28015

Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. Local users can alter the behavior of root processes because a recipient address can have a newline character...

SUSE CVE-2021-21703

In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below 7.4.25 and 8.0.x below 8.0.12, when running PHP FPM SAPI with main FPM daemon process running as root and child worker processes running as lower-privileged users, it is possible for the child processes to access memory shared with the...

CLSA-2022-1645701000 Fix of CVE: CVE-2021-21703

CVE-2021-21703: fix oob R/W in root process leading to privelege escalation...

CLSA-2022-1645466955 Fix of CVE: CVE-2021-21703

CVE-2021-21703: fix oob R/W in root process leading to privelege escalation...

CVE-2020-14317

It was found that the issue for security flaw CVE-2019-3805 appeared again in a further version of JBoss Enterprise Application Platform - Continuous Delivery EAP-CD introducing regression. An attacker could exploit this by modifying the PID file in /var/run/jboss-eap/ allowing the init.d script ...

CVE-2020-14317

It was found that the issue for security flaw CVE-2019-3805 appeared again in a further version of JBoss Enterprise Application Platform - Continuous Delivery EAP-CD introducing regression. An attacker could exploit this by modifying the PID file in /var/run/jboss-eap/ allowing the init.d script ...

CVE-2020-14317

CVE-2020-14317 relates to a regression of CVE-2019-3805 in Red Hat JBoss EAP Continuous Delivery (EAP-CD). The connected documents state that a race/logic flaw around the PID file (/var/run/jboss-eap/) can allow a local attacker to modify the PID file, enabling the init.d script to terminate any ...

CVE-2020-28015

Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. Local users can alter the behavior of root processes because a recipient address can have a newline character...

DEBIAN-CVE-2020-28015

Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. Local users can alter the behavior of root processes because a recipient address can have a newline character...

UBUNTU-CVE-2020-28015

Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. Local users can alter the behavior of root processes because a recipient address can have a newline character...

Exim 安全漏洞

Exim was developed at Cambridge University as a Message Transfer Agent MTA for Unix systems connected to the Internet. A security vulnerability exists in Exim. The vulnerability stems from the fact that recipient addresses can have newline characters, which can be exploited by a local attacker to...

The vulnerability of the nsm DropPrivileges function (from the support/nsm.File.c module in the NFS utilities nfs-utils package) arises from improper assignment of standard privileges. This allows attackers to gain access to confidential data and compromise its integrity.

The vulnerability of the nsm DropPrivileges function from the NFS utility package nfs-utils, file.c section is related to the improper assignment of standard privileges. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to confidential data, compromise its...

PT-2020-3489 · Canonical +1 · Apport +2

Name of the Vulnerable Software and Affected Versions: apport versions prior to 2.20.1-0ubuntu2.24 apport versions 2.20.9 prior to 2.20.9-0ubuntu7.16 apport versions 2.20.11 prior to 2.20.11-0ubuntu27.6 Description: The issue exists due to insufficient checking of a shared resource's state in the...

CVE-2019-17650

An Improper Neutralization of Special Elements used in a Command vulnerability in one of FortiClient for Mac OS root processes, may allow a local user of the system on which FortiClient is running to execute unauthorized code as root by bypassing a security check...