2 matches found
CVE-2019-6454
CVE-2019-6454 affects systemd’s bus_process_object() which allocates a large stack buffer for the object path in D-Bus messages. A locally unprivileged user can send a crafted message to PID1, causing the stack pointer to jump past guard pages and crash systemd PID1, potentially triggering a kern...
CVE-2021-23885
CVE-2021-23885 affects McAfee Web Gateway (MWG) prior to 9.2.8. The vulnerability is an elevation of privilege via the user interface: an authenticated user can exploit improper neutralization of user input on the troubleshooting page to gain elevated privileges and execute commands on the applia...