CVE-2017-7476

Gnulib before 2017-04-26 has a heap-based buffer overflow with the TZ environment variable. The error is in the saveabbr function in timerz.c...

CVE-2017-7476

Gnulib before 2017-04-26 has a heap-based buffer overflow with the TZ environment variable. The error is in the saveabbr function in timerz.c...

CVE-2017-7476

Gnulib before 2017-04-26 contains a heap-based buffer overflow in the save_abbr function in time_rz.c triggered by the TZ environment variable. This vulnerability can lead to arbitrary code execution or crash conditions, as described in multiple sources (e.g., CNVD-2017-06995; NVD CVE-2017-7476)....

CVE-2017-8086

Memory leak in the v9fslistxattr function in hw/9pfs/9p-xattr.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service memory consumption via vectors involving the origvalue variable...

CVE-2017-8086

Memory leak in the v9fslistxattr function in hw/9pfs/9p-xattr.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service memory consumption via vectors involving the origvalue variable...

EulerOS 2.0 SP1 : kernel (EulerOS-SA-2016-1089)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Use-after-free vulnerability in the diskseqfstop function in block/genhd.c in the Linux kernel before 4.7.1 allows local users to gain privilege...

Man-in-the-Middle (MitM)

github.com/kubernetes/kubernetes is vulnerable to man-in-the-middle. The library uses the environment variable over DNS variable rather than the real kubernetes API URL. This allows a malicious user to conduct a MitM attacks by passing their own DNS variable to listen in...

CVE-2017-8086

Memory leak in the v9fslistxattr function in hw/9pfs/9p-xattr.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service memory consumption via vectors involving the origvalue variable...

DEBIAN-CVE-2014-9680

sudo before 1.8.12 does not ensure that the TZ environment variable is associated with a zoneinfo file, which allows local users to open arbitrary files for read access but not view file contents by running a program within an sudo session, as demonstrated by interfering with terminal output,...

Code injection

sudo before 1.8.12 does not ensure that the TZ environment variable is associated with a zoneinfo file, which allows local users to open arbitrary files for read access but not view file contents by running a program within an sudo session, as demonstrated by interfering with terminal output,...

CVE-2014-9680

sudo before 1.8.12 does not ensure that the TZ environment variable is associated with a zoneinfo file, which allows local users to open arbitrary files for read access but not view file contents by running a program within an sudo session, as demonstrated by interfering with terminal output,...

CVE-2014-9680

sudo before 1.8.12 does not ensure that the TZ environment variable is associated with a zoneinfo file, which allows local users to open arbitrary files for read access but not view file contents by running a program within an sudo session, as demonstrated by interfering with terminal output,...

Oracle VM VirtualBox - Environment and ioctl Unprivileged Host User to Host Kernel Privilege Escalation

Oracle VM VirtualBox - Environment and ioctl Unprivileged Host User to Host Kernel Privilege Escalation Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1091 This bug report describes two separate issues that, when combined, allow any user on a Linux host system on which VirtualB...

Remote code execution

An issue was discovered in api/includes/systems.php in Unitrends Enterprise Backup before 9.0.0. User input is not properly filtered before being sent to a popen function. This allows for remote code execution by sending a specially crafted user variable...

Proxifier for Mac 2.18 - Multiple Vulnerabilities

Exploit for macOS platform in category local exploits Source: https://www.securify.nl/advisory/SFY20170401/multiplelocalprivilegeescalationvulnerabilitiesinproxifierformac.html Abstract Multiple local privileges escalation vulnerabilities were found in the KLoader binary that ships with Proxifier...

UBUNTU-CVE-2017-2669

Dovecot before version 2.2.29 is vulnerable to a denial of service. When 'dict' passdb and userdb were used for user authentication, the username sent by the IMAP/POP3 client was sent through varexpand to perform %variable expansion. Sending specially crafted %variable fields could result in...

CVE-2017-2669

Dovecot before version 2.2.29 is vulnerable to a denial of service. When 'dict' passdb and userdb were used for user authentication, the username sent by the IMAP/POP3 client was sent through varexpand to perform %variable expansion. Sending specially crafted %variable fields could result in...

CVE-2017-7192

WebSocket.swift in Starscream before 2.0.4 allows an SSL Pinning bypass because of incorrect management of the certValidated variable it can be set to true but cannot be set to false...

macOS Kernel 10.12.3 (16D32) - audit_pipe_open Off-by-One Memory Corruption Exploit

Exploit for macOS platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1126 MacOS kernel memory corruption due to off-by-one in auditpipeopen auditpipeopen is the special file open handler for the auditpipe device major number 10. Here's the code:...

UBUNTU-CVE-2016-10211

libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service use-after-free and application crash via a crafted rule that is mishandled in the yrparserlookuploopvariable function...