Lenovo Solution Center 'LSCTaskService' Local Lift Vulnerability

Lenovo Solution Center is a suite of software from the Chinese company Lenovo that helps users quickly identify the state of system health, network connectivity and overall system security. A local elevation of privilege vulnerability exists in Lenovo Solution Center. A local attacker can exploit...

LXCFS Privilege Acquisition Vulnerability

LXCFS is a suite of user-space filesystem software for solving the Linux kernel's constraints. A security vulnerability exists in the 'dowritepids' function in the lxcfs.c file in versions prior to LXCFS 0.12. Due to the program failing to properly check permissions. A local attacker could exploi...

POP Peeper 4.0.1 - Persistent Code Execution Vulnerability

Document Title: =============== POP Peeper 4.0.1 - Persistent Code Execution Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1657 Release Date: ============= 2015-11-26 Vulnerability Laboratory ID VL-ID: ====================================...

b374k 3.2.3 2.8 CSRF / Command Injection Vulnerabilities

b374k web shell versions 2.8 and 3.2.3 suffer from a cross site request forgery vulnerability that allows for remote command injection. Vendor: ============================================ github.com/b374k/b374k code.google.com/p/b374k-shell/downloads/list code.google.com/archive/p/b374k-shell/...

Apple OS X Kernel Elevation of Privilege Vulnerability

OS X formerly Mac OS X is the latest version of Apple's proprietary operating system for the Macintosh computer. A security vulnerability in the kernel of Apple OS X versions prior to 10.11.1 can be exploited by a local attacker to elevate privileges via type obfuscation in Mach task handling...

CVE-2015-5932

The kernel in Apple OS X before 10.11.1 allows local users to gain privileges by leveraging an unspecified "type confusion" during Mach task processing...

Type confusion

The kernel in Apple OS X before 10.11.1 allows local users to gain privileges by leveraging an unspecified "type confusion" during Mach task processing...

CVE-2015-5932

The kernel in Apple OS X before 10.11.1 allows local users to gain privileges by leveraging an unspecified "type confusion" during Mach task processing...

Lenovo Caught (3rd Time) Pre-Installing Spyware on its Laptops

Lenovo has once again been caught installing spyware on its laptops and workstations without the user's permission or knowledge. One of the most popular computer manufacturers is being criticized for selling some refurbished laptop models pre-installed with invasive marketing software that sends...

The vulnerability of the Windows operating system allows a perpetrator to circumvent access restrictions to the file system and delete arbitrary files.

The vulnerability of the Windows operating system’s task scheduler is related to deficiencies in access control for certain functions. Exploiting this vulnerability allows a malicious individual to circumvent restrictions on access to the file system and delete arbitrary files...

My Government Doesn't Understand How Encryption and Cyber Security Work

Almost every day or every second day, When I come across various announcements in Newspaper, TV News Channels, and Press releases that... ...Indian Government and related Policy-making organizations are going to set up their so-called "CyberSecurity Task Forces" or drafted a "National Cyber...

Design/Logic Flaw

The processorsettasks API implementation in Apple iOS before 9 allows local users to bypass an entitlement protection mechanism and obtain access to the task ports of arbitrary processes by leveraging root privileges...

Microsoft Windows Task Scheduler - 'DeleteExpiredTaskAfter' File Deletion Privilege Escalation

Source: https://code.google.com/p/google-security-research/issues/detail?id=442 Windows: Task Scheduler DeleteExpiredTaskAfter File Deletion Elevation of Privilege Platform: Windows 8.1 Update, looks like it should work on 7 and 10 as well Class: Elevation of Privilege Summary: The Task Scheduler...

Microsoft Windows Task Scheduler - DeleteExpiredTaskAfter File Deletion Privilege Escalation

Microsoft Windows Task Scheduler - DeleteExpiredTaskAfter File Deletion Privilege Escalation Source: https://code.google.com/p/google-security-research/issues/detail?id=442 Windows: Task Scheduler DeleteExpiredTaskAfter File Deletion Elevation of Privilege Platform: Windows 8.1 Update, looks like...

Microsoft Windows multiple security vulnerabilities

Multiple vulnerabilities in Edge and Internet Explorer, code execution in graphics and journaling, mediascenter, .Net framework, task management, Active Directory, Hyper-V...

Synology Download Station Cross-Site Scripting Vulnerability (CNVD-2015-06011)

Synology Download Station is a set of web-based download applications from Synology. A cross-site scripting vulnerability exists in the 'Create download task via URL' feature in Synology Download Station prior to version 3.5-2967, which can be exploited by remote attackers to inject arbitrary web...

Discuz! X3.1 逻辑错误漏洞

Discuz! X3.1 在完成任务时（home.php?mod=draw&do=view&id=xx），任务先前的状态缺少判断完成任务的链接形如：home.php?mod=draw&do=view&id=xx这个地址最终在 source\class\classtask.php 中被处理约第370行：function draw$id global $G; if!$this-task = C::t'commontask'-fetchbyuid$G'uid', $id showmessage'tasknonexistence'; elseif$this-task'status' != 0...

Microsoft Windows Task Scheduler Elevation of Privilege Vulnerability

Microsoft Windows is a series of operating systems released by the American company Microsoft. An elevation of privilege vulnerability exists in the Task Scheduler program in Microsoft Windows, which can be exploited by a local attacker to bypass established file system restrictions and delete...

Microsoft Windows Task Manager Elevation of Privilege Vulnerability (CNVD-2015-05975)

Microsoft Windows is a series of operating systems released by the American company Microsoft. An elevation of privilege vulnerability exists in Microsoft Windows, which can be exploited by a local attacker to bypass analog level security checks and elevate privileges...

Microsoft Windows Task Management Elevation of Privilege Vulnerability (CNVD-2015-05976)

Microsoft Windows is a series of operating systems released by the American company Microsoft. An elevation of privilege vulnerability exists in Microsoft Windows, which can be exploited by a local attacker to bypass analog level security checks and elevate privileges...