23 matches found
GHSA-7X3H-RM86-3342 @nyariv/sandboxjs vulnerable to sandbox escape via TOCTOU bug on keys in property accesses
Summary A sandbox escape vulnerabilities due to a mismatch between the key on which the validation is performed and the key used for accessing properties. Details Even though the key used in property accesses b in the code below is annotated as string, this is never enforced:...
EUVD-2019-8363
Malware in sbrugna...
EUVD-2023-58045
Malicious code in bioql PyPI...
Design/Logic Flaw
A time-of-check to time-of-use TOCTOU bug in handling of IOCTL input/output control requests. This TOCTOU bug leads to an out-of-bounds write vulnerability which can be further exploited, allowing an attacker to gain full local privilege escalation on the system.This issue affects Avast/Avg...
CVE-2023-5760
CVE-2023-5760 affects Avast/Avg Antivirus version 23.8. A TOCTOU bug in handling of IOCTL requests enables an out-of-bounds write, enabling a local privilege escalation. Public exploitation details are not provided in the connected documents. No remediation/fix information is listed for Avast/Avg...
CVE-2023-5760 Time-of-check to time-of-use (TOCTOU) bug leads to full local privilege escalation.
A time-of-check to time-of-use TOCTOU bug in handling of IOCTL input/output control requests. This TOCTOU bug leads to an out-of-bounds write vulnerability which can be further exploited, allowing an attacker to gain full local privilege escalation on the system.This issue affects Avast/Avg...
PT-2023-32308 · Avast · Avg/Avast Antivirus
Name of the Vulnerable Software and Affected Versions: Avast/Avg Antivirus version 23.8 Description: A time-of-check to time-of-use TOCTOU bug in handling of IOCTL input/output control requests leads to an out-of-bounds write vulnerability. This can be further exploited, allowing an attacker to...
CVE-2022-22753
A Time-of-Check Time-of-Use bug existed in the Maintenance Updater Service that could be abused to grant Users write access to an arbitrary directory. This could have been used to escalate to SYSTEM access.This bug only affects Firefox on Windows. Other operating systems are unaffected.. This...
Ubuntu: Security Advisory (USN-5321-3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-5321-3: Firefox regressions
USN-5321-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted...
USN-5345-1: Thunderbird vulnerabilities
Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass security restrictions, obtain sensitive information, cause undefined...
USN-5321-2: Firefox vulnerabilities
USN-5321-1 fixed vulnerabilities in Firefox. The update didn't include arm64 because of a regression. This update provides the corresponding update for arm64. This update also removes Yandex and Mail.ru as optional search providers in the drop-down search menu. Original advisory details: Multiple...
Ubuntu: Security Advisory (USN-5321-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Misbehaving `HandleLike` implementation can lead to memory safety violation
Unsafe code in ObjectPool has time-of-check to time-of-use TOCTOU bug that can eventually lead to a memory safety violation. ObjectPool and HandlePool implicitly assumes that HandleLike trait methods are pure, i.e., they always return the same value. However, this assumption is unsound since...
CVE-2019-18644
The malware scan function in Total Defense Anti-virus 11.5.2.28 is vulnerable to a TOCTOU bug; consequently, symbolic link attacks allow privileged files to be deleted...
Code injection
The malware scan function in Total Defense Anti-virus 11.5.2.28 is vulnerable to a TOCTOU bug; consequently, symbolic link attacks allow privileged files to be deleted...
CVE-2019-18644
The malware scan function in Total Defense Anti-virus 11.5.2.28 is vulnerable to a TOCTOU bug; consequently, symbolic link attacks allow privileged files to be deleted...
CVE-2019-18644
The CVE-2019-18644 entry describes a TOCTOU vulnerability in the malware scan function of Total Defense Anti-virus 11.5.2.28. The issue allows symbolic link attacks to delete privileged files, i.e., an attacker could exploit the TOCTOU race condition to gain or cause modification/deletion of prot...
WebKit - Universal Cross-Site Scripting due to Synchronous Page Loads
BACKGROUND As lokihardt@ has demonstrated in https://bugs.chromium.org/p/project-zero/issues/detail?id=1121, WebKit's support of the obsolete showModalDialog method gives an attacker the ability to perform synchronous cross-origin page loads. In certain conditions, this might lead to...
Exploit for Improper Input Validation in Apple Mac_Os_X
CVE-2019-8561 Proof of concept exploit for CVE-2019-8561 disc...