17 matches found
BIT-PYTHON-MIN-2022-42919
Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non-default configuration. The Python multiprocessing library, when used with the forkserver start method on Linux, allows pickles to be deserialized from any user in the same machine local network...
BIT-PYTHON-2022-42919
Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non-default configuration. The Python multiprocessing library, when used with the forkserver start method on Linux, allows pickles to be deserialized from any user in the same machine local network...
Exploit for Incorrect Comparison in Dynamic-Linq Linq
Dynamic Linq injection to RCE - CVE-2023-32571 About Dynami...
Privilege Escalation
python3.10 is vulnerable to privilege escalation. The vulnerability exists when used with the forkserver start method on Linux allows pickles to be deserialized from any user in the same machine local network namespace, which in many system configurations means any user on the same machine which...
Important: Red Hat Security Advisory: python3.9 security update
An update for python3.9 is now available for Red Hat Enterprise Linux 9 and Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
Important: Red Hat Security Advisory: python39:3.9 security update
An update for the python39:3.9 module is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 8.4 Extended Update Support, and Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common...
CentOS 8 : python39:3.9 (CESA-2022:8492)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2022:8492 advisory. - python: local privilege escalation via the multiprocessing forkserver start method CVE-2022-42919 Note that Nessus has not tested for this issue but has inste...
OESA-2022-2097 python3 security update
Python combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems. New built-in modules are easily written in C or C...
CVE-2022-42919
Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non-default configuration. The Python multiprocessing library, when used with the forkserver start method on Linux, allows pickles to be deserialized from any user in the same machine local network...
PSF-2022-9 Linux specific local privilege escalation via the multiprocessing forkserver start method
Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non-default configuration. The Python multiprocessing library, when used with the forkserver start method on Linux, allows pickles to be deserialized from any user in the same machine local network...
Ubuntu 22.04 LTS : Python vulnerability (USN-5713-1)
The remote Ubuntu 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5713-1 advisory. Devin Jeanpierre discovered that Python incorrectly handled sockets when the multiprocessing module was being used. A local attacker could possibly use this issue...
Apple Mac OSX iOS - Double-Delete IOHIDEventQueue::start Code Execution
Apple Mac OSX iOS - Double-Delete IOHIDEventQueue::start Code Execution Source: https://code.google.com/p/google-security-research/issues/detail?id=542 The IOHIDLibUserClient allows us to create and manage IOHIDEventQueues corresponding to available HID devices. Here is the ::start method, which...
Apple Mac OSX / iOS - Double-Delete IOHIDEventQueue::start Code Execution
Source: https://code.google.com/p/google-security-research/issues/detail?id=542 The IOHIDLibUserClient allows us to create and manage IOHIDEventQueues corresponding to available HID devices. Here is the ::start method, which can be reached via the IOHIDLibUserClient::startQueue external method:...
SkyFex Client ActiveX控件'start'方法缓冲区溢出漏洞
SkyFex Client是一款远程控制桌面软件。 SkyFex Client包含的ActiveX控件存在缓冲区溢出,远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 ActiveX控件对"start"方法缺少正确的边界错误,构建恶意的WEB页,诱使用户访问,可触发缓冲区溢出,精心构建提交数据可能以应用程序进程权限执行任意指令。 SkyFex SkyFex Client 1.0.2 .77 厂商解决方案 ---------- 目前没有解决方案提供: https://skyfex.com/ SkyFex Client 1.0 "Start" Method Remote Stack...
CVE-2007-6605
Buffer overflow in a certain ActiveX control in SkyFexClient.ocx 1.0.2.77 in SkyFex Client 1.0 allows remote attackers to execute arbitrary code via long strings in the first four arguments to the Start method...
skyfex-dos.txt
----------------------------------------------------------------------------- SkyFex Client 1.0 "Start" Method Remote Stack Overflow url: https://skyfex.com/ Author: shinnai mail: shinnaiatautisticidotorg site: http://shinnai.altervista.org Technical details: File: SkyFexClient.ocx Ver.: 1.0.2.77...
SkyFex Client 1.0 - ActiveX 'Start()' Method Remote Stack Overflow
----------------------------------------------------------------------------- SkyFex Client 1.0 "Start" Method Remote Stack Overflow url: https://skyfex.com/ Author: shinnai mail: shinnaiatautisticidotorg site: http://shinnai.altervista.org Technical details: File: SkyFexClient.ocx Ver.: 1.0.2.77...