10 matches found
Student-Management-System security vulnerabilities
Student-Management-System is an open-source student information management system developed by Cyber-III. There is a security vulnerability in Student-Management-System, which stems from incorrect operations with the parameter uid in the admin/ file within the Admin Endpoint component. This...
CRMEB authorization issue vulnerabilities
CRMEB is an open-source Java e-commerce system developed by CRMEB. Versions of CRMEB 5.6.3 and earlier contained a vulnerability related to authorization issues. This vulnerability stemmed from incorrect handling of the parameter ‘uid’ in the component’s JSON Token Handler file,...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989933)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989933 advisory. In the Linux kernel, the following vulnerability has been resolved: iouring: fix memory leak of uid in files registration When there are no files for iosqefilesscm t...
EUVD-2007-6174
Malware in sbrugna...
PT-2023-7043 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the ovl copy up one function in the fs/overlayfs/copy up.c module of the Linux kernel's OverlayFS filesystem. It involves incorrect handling of st uid and st gi...
SUSE-SU-2019:0019-2 Security update for polkit
This update for polkit fixes the following issues: Security issue fixed: - CVE-2018-19788: Fixed handling of UIDs over MAXUINT bsc1118277...
OPENSUSE-SU-2019:0010-1 Security update for polkit
This update for polkit fixes the following issues: Security issue fixed: - CVE-2018-19788: Fixed handling of UIDs over MAXUINT bsc1118277 This update was imported from the SUSE:SLE-15:Update update project...
SUSE-SU-2019:0015-1 Security update for polkit
This update for polkit fixes the following issues: Security issue fixed: - CVE-2018-19788: Fixed handling of UIDs over MAXUINT bsc1118277...
PYSEC-2011-17
Celery 2.1 and 2.2 before 2.2.8, 2.3 before 2.3.4, and 2.4 before 2.4.4 changes the effective id but not the real id during processing of the --uid and --gid arguments to celerybeat, celeryddetach, celeryd-multi, and celeryev, which allows local users to gain privileges via vectors involving...
Solaris_x86_mail_exploit.txt
Greetings, A few weeks ago I posted regarding an overflow in /usr/bin/mail on Solaris 2.7. I incorrectly stated that mail drops privs before the overflow occurs. Cheez Whiz, who wrote the shellcode, saw my post on Packetstorm and supplied the following information: ...The problem with your presen...