31 matches found
DEBIAN-CVE-2020-35512
A use-after-free flaw was found in D-Bus Development branch = 1.13.16, dbus-1.12.x stable branch = 1.12.18, and dbus-1.10.x and older branches = 1.10.30 when a system has multiple usernames sharing the same UID. When a set of policy rules references these usernames, D-Bus may free some memory in...
UBUNTU-CVE-2020-35512
A use-after-free flaw was found in D-Bus Development branch = 1.13.16, dbus-1.12.x stable branch = 1.12.18, and dbus-1.10.x and older branches = 1.10.30 when a system has multiple usernames sharing the same UID. When a set of policy rules references these usernames, D-Bus may free some memory in...
Unspecified vulnerability in cPanel (CNVD-2019-27409)
cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A security vulnerability exists in versions of cPanel prior to 58.0.4, which stems from the fact that the program does not proper...
CVE-2016-10843
cPanel before 11.54.0.4 allows code execution in the context of shared users via JSON-API SEC-76...
cPanel Input Validation Error Vulnerability (CNVD-2019-26370)
cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. An input validation error vulnerability exists in versions of cPanel prior to 78.0.2. The vulnerability stems from a web-based...
Adups Local Information Disclosure Vulnerability
Adups Fota is a professional wireless upgrade solution for IoT devices smart car, wearable, home, VR, etc. from Shanghai Guangsheng Information Technology Co. Adups suffers from a local information disclosure vulnerability. The vulnerability is caused by the AndroidManifest.xml file of the...
ownCloud Server Information Disclosure Vulnerability (CNVD-2016-00189)
OwnCloud is a free and open source personal cloud storage solution from German company OwnCloud, which provides file management, music storage, calendaring, etc. OwnCloud Server is a server version. A security vulnerability exists in ownCloud Server that stems from a failure of the program to...
Microsoft Fixes ASLR/DEP Bypass Bug
Buried in the details of the Microsoft Patch Tuesday release for August is the explanation of an important change that the company made to Windows that defeats a group of exploit mitigation bypasses. The change is a small one, but it prevents dangerous attacks that previously worked on most...
openssh-server Forced Command Handling Information Disclosure Vulnerability
The authparseoptions function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorizedkeys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user accoun...
Design/Logic Flaw
The PackageManagerService class in services/java/com/android/server/PackageManagerService.java in Android 1.5 through 1.5 CRB42 does not properly check developer certificates during processing of sharedUserId requests at an application's installation time, which allows remote user-assisted...
PT-1999-1189 · Unix · Unix
Name of the Vulnerable Software and Affected Versions: Unix affected versions not specified Description: The issue arises when two or more Unix accounts share the same user ID UID, potentially leading to unauthorized access and privilege escalation. Recommendations: At the moment, there is no...