CVE-2014-2905

fish aka fish-shell 1.16.0 before 2.1.1 does not properly check the credentials, which allows local users to gain privileges via the universal variable socket, related to /tmp/fishd.socket.user permissions...

DEBIAN-CVE-2014-2905

fish aka fish-shell 1.16.0 before 2.1.1 does not properly check the credentials, which allows local users to gain privileges via the universal variable socket, related to /tmp/fishd.socket.user permissions...

Design/Logic Flaw

fish aka fish-shell 1.16.0 before 2.1.1 does not properly check the credentials, which allows local users to gain privileges via the universal variable socket, related to /tmp/fishd.socket.user permissions...

CVE-2014-2905

CVE-2014-2905 affects fish-shell (fish) versions prior to 2.1.1, where credentials are not properly checked over the universal variable socket (UNIX domain socket at /tmp/fishd.socket.user), enabling local privilege escalation. The root cause is improper validation of credentials when communicati...

CVE-2014-2905

fish aka fish-shell 1.16.0 before 2.1.1 does not properly check the credentials, which allows local users to gain privileges via the universal variable socket, related to /tmp/fishd.socket.user permissions...

CVE-2014-2905

fish aka fish-shell 1.16.0 before 2.1.1 does not properly check the credentials, which allows local users to gain privileges via the universal variable socket, related to /tmp/fishd.socket.user permissions...

CommonSpot < 7.0.2 / 8.0.3 / 9.0.0 Multiple Vulnerabilities

According to its version number, the CommonSpot install hosted on the remote web server is affected by multiple vulnerabilities : - An access restriction bypass via a direct request. CVE-2014-2859 - Multiple cross-site scripting XSS vulnerabilities. CVE-2014-2860, CVE-2014-2861 - Improper...

Localize: Uninitialized variable error message leaks information

An uninitialized variable $alert at line 630 in index.php shows an error message. This happens after a POST /pages/createproject. The error message does not appear in the browser because the user is redirected to the new project immediately, but it is there in the HTTP response see error.png. Thi...

OpenJDK: MethodHandle variable argument lists handling (Libraries, 8029844)

Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-0432 and CVE-2014-2402...

CVE-2011-3628

Untrusted search path vulnerability in pammotd aka the MOTD module in libpam-modules before 1.1.3-2ubuntu2.1 on Ubuntu 11.10, before 1.1.2-2ubuntu8.4 on Ubuntu 11.04, before 1.1.1-4ubuntu2.4 on Ubuntu 10.10, before 1.1.1-2ubuntu5.4 on Ubuntu 10.04 LTS, and before 0.99.7.1-5ubuntu6.5 on Ubuntu 8.0...

DEBIAN-CVE-2011-3628

Untrusted search path vulnerability in pammotd aka the MOTD module in libpam-modules before 1.1.3-2ubuntu2.1 on Ubuntu 11.10, before 1.1.2-2ubuntu8.4 on Ubuntu 11.04, before 1.1.1-4ubuntu2.4 on Ubuntu 10.10, before 1.1.1-2ubuntu5.4 on Ubuntu 10.04 LTS, and before 0.99.7.1-5ubuntu6.5 on Ubuntu 8.0...

Design/Logic Flaw

Untrusted search path vulnerability in pammotd aka the MOTD module in libpam-modules before 1.1.3-2ubuntu2.1 on Ubuntu 11.10, before 1.1.2-2ubuntu8.4 on Ubuntu 11.04, before 1.1.1-4ubuntu2.4 on Ubuntu 10.10, before 1.1.1-2ubuntu5.4 on Ubuntu 10.04 LTS, and before 0.99.7.1-5ubuntu6.5 on Ubuntu 8.0...

Code injection

PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allows remote attackers to modify the flow of execution of ColdFusion code by using an HTTP GET request to set a ColdFusion variable...

CVE-2011-3628

Untrusted search path vulnerability in pammotd aka the MOTD module in libpam-modules before 1.1.3-2ubuntu2.1 on Ubuntu 11.10, before 1.1.2-2ubuntu8.4 on Ubuntu 11.04, before 1.1.1-4ubuntu2.4 on Ubuntu 10.10, before 1.1.1-2ubuntu5.4 on Ubuntu 10.04 LTS, and before 0.99.7.1-5ubuntu6.5 on Ubuntu 8.0...

dede getshell exp + temporary patch-vulnerability warning-the black bar safety net

dede good fire old cassock also to scrape together a lively. In fact getshell many methods do not always tangled how to insert mytag table such as near myad table is a good place to update a word did not say more not much to say directly to the getshell exp. getshell exp To change the password wh...

DSA-2894-1 openssh - security update

Bulletin has no description...

ibstat $PATH Privilege Escalation Exploit

Exploit for linux platform in category local exploits This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class Metasploit4 "ibstat $PATH Privilege Escalation", "Description" = %q This module exploits the trusted $PATH...

Ubuntu Update for openssh USN-2155-1

Check for the Version of openssh OpenVAS Vulnerability Test $Id: gbubuntuUSN21551.nasl 7957 2017-12-01 06:40:08Z santu $ Ubuntu Update for openssh USN-2155-1 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software...

Ubuntu: Security Advisory (USN-2155-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Design/Logic Flaw

Untrusted search path vulnerability in the ChainsDD Superuser package 3.1.3 for Android 4.2.x and earlier, CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android 4.2.x and earlier, and Chainfire SuperSU package before 1.69 for Android 4.2.x and earlier allows attackers to load an...