101 matches found
The vulnerability in the socket implementation of Azure Sphere’s operating system allows a hacker to execute arbitrary code. [source-iocs-preserved const=AF_AZSPIO]
The vulnerability of the socket implementation in Azure Sphere’s operating system is related to a memory reclamation error. Exploiting this vulnerability could allow an attacker to execute arbitrary code. source-iocs-preserved const=AFAZSPIO...
FreeBSD Buffer Overflow Vulnerability (CNVD-2020-51503)
FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. FreeBSD suffers from a buffer overflow vulnerability that can be exploited by an attacker to trigger a denial of service and code execution via an SCTP socket...
The vulnerability of the /var/run/targetclid.sock component of the targetclid daemon in Linux operating systems allows a hacker to increase their privileges.
The vulnerability of the /var/run/targetclid.sock component of the targetclid daemon in Linux operating systems is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to elevate their privileges to the root level...
CVE-2020-10699
A flaw was found in Linux, in targetcli-fb versions 2.1.50 and 2.1.51 where the socket used by targetclid was world-writable. If a system enables the targetclid socket, a local attacker can use this flaw to modify the iSCSI configuration and escalate their privileges to root...
The vulnerability in the implementation of TCP sockets in Cisco IOS and Cisco IOS XE operating systems allows a hacker to trigger a device reboot and a service failure.
The vulnerability of TCP socket implementations in Cisco IOS and Cisco IOS XE systems is related to state management errors. Exploiting this vulnerability can allow a malicious actor to trigger a device reboot and a service failure by sending specially crafted HTTP packets...
kernel: Use-after-free vulnerability in DCCP socket
A use-after-free vulnerability was found in DCCP socket code affecting the Linux kernel since 2.6.16. This vulnerability could allow an attacker to their escalate privileges...
CVE-2018-0278
A vulnerability in the management console of Cisco Firepower System Software could allow an unauthenticated, remote attacker to access sensitive data about the system. The vulnerability is due to improper cross-origin domain protections for the WebSocket protocol. An attacker could exploit this...
Linux Kernel 4.17-rc1 - AF_LLC Double Free
Linux Kernel 4.17-rc1 - AFLLC Double Free define GNUSOURCE include include include include include include include include include include include include include include include include include include include struct sockaddrllc short sllcfamily; short sllcarphrd; unsigned char sllctest; unsigne...
CVE-2018-8779
In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, the UNIXServer.open and UNIXSocket.open methods are not checked for null characters. It may be connected to an unintended socket...
The vulnerability of the inet_csk_clone_lock function in the net/ipv4/inet_connection_sock.c module of the Linux operating system, which allows a hacker to cause a service failure.
The vulnerability of the inetcskclonelock function in the net/ipv4/inetconnectionsock.c module of the Linux operating system is related to a memory reclamation error. Exploiting this vulnerability could allow an attacker to cause a service failure through a remote action...
Linux Kernel 'crypto/mcryptd.c' Denial of Service Vulnerability
The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A security vulnerability exists in the crypto/mcryptd.c file in versions of Linux kernel prior to 4.8.15. A local attacker can exploit this vulnerability to cause a denial of...
SolidWorks-Workgroup-PDM-2014
Title: SolidWorks Workgroup PDM 2014 SP2 Arbitrary File Write Vulnerability Date: 2-21-2014 Author: Mohamed Shetta Email: mshetta |at| live |dot| com Vendor Homepage: http://www.solidworks.com/sw/products/product-data-management/workgroup-pdm.htm Tested on: Windows 7 Vulnerability type: Arbitrary...
CVE-2016-2550
The Linux kernel before 4.5 allows local users to bypass file-descriptor limits and cause a denial of service memory consumption by leveraging incorrect tracking of descriptor ownership and sending each descriptor over a UNIX socket before closing it. NOTE: this vulnerability exists because of an...
CVE-2015-6937
The rdsconncreate function in net/rds/connection.c in the Linux kernel through 4.2.3 allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact by using a socket that was not properly bound...
Null pointer dereference
The rdsconncreate function in net/rds/connection.c in the Linux kernel through 4.2.3 allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact by using a socket that was not properly bound...
RHEL 7 : docker (RHSA-2014:0820)
An updated docker package that fixes one security issue is now available for Red Hat Enterprise Linux 7 Extras. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
CVE-2014-4943
The PPPoL2TP feature in net/l2tp/l2tpppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket...
Important: Red Hat Security Advisory: docker security update
An updated docker package that fixes one security issue is now available for Red Hat Enterprise Linux 7 Extras. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Crush FTP 5 'APPE' command Remote JVM BSOD PoC Exploit
No description provided by source. Exploit Title: Crush FTP 5 'APPE' command Remote BSOD Poc Exploit Date: 06/09/2011 Author: BSOD Digital Fabien DROMAS Mail: [email protected] Test: OS: Windows 7 Versions: 5.7.096 Link: https://www.crushftp.com/early5/CrushFTP5PC.zip !/usr/bin/env python...
APSIS Pound 1.5 - Remote Format String Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10267/info APSIS Pound has been found to be prone to a remote format string vulnerability. The problem presents itself when Pound handles certain requests containing embedded format string specifiers. Ultimately this...