CVE-2020-0030

In binderthreadrelease of binder.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

CVE-2020-8894

An issue was discovered in MISP before 2.4.121. ACLs for discussion threads were mishandled in app/Controller/ThreadsController.php and app/Model/Thread.php...

Unspecified vulnerability in MISP (CNVD-2020-16092)

MISP is an open source software solution. The product is used to collect, store, distribute and share cybersecurity metrics and has features such as threat cybersecurity event analysis and malware analysis. A security vulnerability exists in MISP versions prior to 2.4.121, which stems from the...

[SECURITY] Fedora 31 Update: libasr-1.0.4-1.fc31

Libasr allows to run DNS queries and perform hostname resolutions in a fully asynchronous fashion. The implementation is thread-less, fork-less, and doe s not make use of signals or other "tricks" that might get in the developer's way. The API was initially developed for the OpenBSD operating...

Fedora: Security Advisory for libasr (FEDORA-2020-270ef80e9e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-19241

In the Linux kernel before 5.4.2, the iouring feature leads to requests that inadvertently have UID 0 and full capabilities, aka CID-181e448d8709. This is related to fs/io-wq.c, fs/iouring.c, and net/socket.c. For example, an attacker can bypass intended restrictions on adding an IPv4 address to...

[SECURITY] Fedora 30 Update: heimdal-7.7.0-2.fc30

Kerberos 5 is a network authentication and single sign-on system. Heimdal is a free Kerberos 5 implementation without export restrictions written from the spec rfc1510 and successors including advanced features like thread safety, IPv6, master-slave replication of Kerberos Key Distribution Center...

[SECURITY] Fedora 31 Update: heimdal-7.7.0-2.fc31

Kerberos 5 is a network authentication and single sign-on system. Heimdal is a free Kerberos 5 implementation without export restrictions written from the spec rfc1510 and successors including advanced features like thread safety, IPv6, master-slave replication of Kerberos Key Distribution Center...

Clario: Account Takeover because of the mis-configuration on the Password Reset Page

Summary https://api.account.opendoor.ltd has no rate-limit on the password reset's verification page. By this, I can take over any account. All I need to know is victim's email address. Step to reproduce 1. There is an endpoint - POST /v1/verification-code/forgot-password which will take POST dat...

CVE-2014-0245

It was found that the implementation of the GTNSubjectCreatingInterceptor class in gatein-wsrp was not thread safe. For a specific WSRP endpoint, under high-concurrency scenarios or scenarios where SOAP messages take long to execute, it was possible for an unauthenticated remote attacker to gain...

Information disclosure

It was found that the implementation of the GTNSubjectCreatingInterceptor class in gatein-wsrp was not thread safe. For a specific WSRP endpoint, under high-concurrency scenarios or scenarios where SOAP messages take long to execute, it was possible for an unauthenticated remote attacker to gain...

CVE-2014-0245

It was found that the implementation of the GTNSubjectCreatingInterceptor class in gatein-wsrp was not thread safe. For a specific WSRP endpoint, under high-concurrency scenarios or scenarios where SOAP messages take long to execute, it was possible for an unauthenticated remote attacker to gain...

CVE-2014-0245

The CVE-2014-0245 issue affects GateIn WSRP’s GTNSubjectCreatingInterceptor in gatein-wsrp, where non-thread-safe handling under high concurrency can allow an unauthenticated remote attacker to disclose privileged information when WS-Security is enabled for the WSRP Consumer, for a specific endpo...

Findomain v0.9.3 - The Fastest And Cross-Platform Subdomain Enumerator

The fastest and cross-platform subdomain enumerator. What Findomain can do? It table gives you a idea why you should use findomain and what it can do for you. The domain used for the test was aol.com in the following BlackArch virtual machine: Host: KVM/QEMU Standard PC i440FX + PIIX, 1996...

CVE-2012-2312

An Elevated Privileges issue exists in JBoss AS 7 Community Release due to the improper implementation in the security context propagation, A threat gets reused from the thread pool that still retains the security context from the process last used, which lets a local user obtain elevated...

DEBIAN-CVE-2019-19241

In the Linux kernel before 5.4.2, the iouring feature leads to requests that inadvertently have UID 0 and full capabilities, aka CID-181e448d8709. This is related to fs/io-wq.c, fs/iouring.c, and net/socket.c. For example, an attacker can bypass intended restrictions on adding an IPv4 address to...

Design/Logic Flaw

In the Linux kernel before 5.4.2, the iouring feature leads to requests that inadvertently have UID 0 and full capabilities, aka CID-181e448d8709. This is related to fs/io-wq.c, fs/iouring.c, and net/socket.c. For example, an attacker can bypass intended restrictions on adding an IPv4 address to...

CVE-2019-19241

In the Linux kernel before 5.4.2, the iouring feature leads to requests that inadvertently have UID 0 and full capabilities, aka CID-181e448d8709. This is related to fs/io-wq.c, fs/iouring.c, and net/socket.c. For example, an attacker can bypass intended restrictions on adding an IPv4 address to...

Linux sendmsg() Privilege Escalation

Linux: privilege escalation via iouring offload of sendmsg onto kernel thread with kernel creds Since commit 0fa03c624d8f "iouring: add support for sendmsg", first in v5.3, iouring has support for asynchronously calling sendmsg. Unprivileged userspace tasks can submit IORINGOPSENDMSG submission...

Linux 5.3 - Privilege Escalation via io_uring Offload of sendmsg() onto Kernel Thread with Kernel Creds

Linux 5.3 - Privilege Escalation via iouring Offload of sendmsg onto Kernel Thread with Kernel Creds Since commit 0fa03c624d8f "iouring: add support for sendmsg", first in v5.3, iouring has support for asynchronously calling sendmsg. Unprivileged userspace tasks can submit IORINGOPSENDMSG...