[Forgot Password]
Login  Register Subscribe

24547

 
 

132804

 
 

129887

 
 

909

 
 

106711

 
 

152

 
 
Paid content will be excluded from the download.

Filter
Matches : 21 Download | Alert*

It was found that ghostscript could leak sensitive operators on the operand stack when a pseudo-operator pushes a subroutine. A specially crafted PostScript file could use this flaw to escape the -dSAFER protection in order to, for example, have access to the file system and execute commands.

It was found that libreoffice was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document, which when opened by LibreOffice, would execute a Python method from a script in any arbitrary file system location, specified relative to the LibreOffice install location.

runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, ...

In the Linux kernel through 4.20.11, af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr.

libssh versions 0.6 and above have an authentication bypass vulnerability in the server code. By presenting the server an SSH2_MSG_USERAUTH_SUCCESS message in place of the SSH2_MSG_USERAUTH_REQUEST message which the server would expect to initiate authentication, the attacker could successfully authenticate without any credentials.

CVE-2019-6111 openssh: Improper validation of object names allows malicious server to overwrite files via scp client

The host is installed with Linux kernel and is prone to a TCP session hijack vulnerability. A flaw is present in the application, which fails to handle a blind in-window attack. Successful exploitation allows man-in-the-middle attackers to hijack TCP sessions.

The host is installed with git 2.15.1 and earlier and is prone to an input validation error vulnerability. A flaw is present in the application, which fails to handle the terminal configuration to RCE. Successful exploitation could allow attackers to execute arbitrary commands for unverified messages.

The host is installed with kernel on Centos 7 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to properly handle a race condition in packet_set_ring leads. Successful exploitation could allow attackers to elevate their privileges on the system.

Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis.


Pages:      Start    1    2    ..   2

© SecPod Technologies