Mount.ecryptfs_private.c in eCryptfs-utils does not validate mount destination filesystem types, which allows local users to gain privileges by mounting over a nonstandard filesystem, as demonstrated by /proc/$pid. This vulnerability requires user interaction to be successfully exploited.
This vulnerability allows attackers to craft a malicious serialized object that, if opened by a local user in Connected Components Workbench, may result in remote code execution. Rockwell Automation Connected Components Workbench v12.00.00 and prior does not limit the objects that can be deserialized. User interaction is required for this exploit to be successful. If successfully exploited, an attacker could overwrite existing files and create additional files with the same permissions of the Connected Components Workbench software.
This may allow an attacker to craft malicious files that, when opened by Rockwell Automation Connected Components Workbench v12.00.00 and prior, can traverse the file system. The parsing mechanism that processes certain file types does not provide input sanitization for file paths. The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients. 79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.Ī vulnerability has been identified in SPPA-T3000 Application Server (All versions 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown – back to 9.1.0, including Supported Preview Editions – are also believed to be affected but have not been tested as they are EOL. Out of bounds write in SQLite in Google Chrome prior to. There is an illegal WRITE memory access at caca/file.c (function caca_file_read) in libcaca 0.99.beta19.
There is an illegal WRITE memory access at common-image.c (function load_image) in libcaca 0.99.beta19 for 1bpp data. There is an illegal WRITE memory access at common-image.c (function load_image) in libcaca 0.99.beta19 for 4bpp data.
0 kommentar(er)
