The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow unprivileged overlay mounts, an attacker could use this to gain elevated privileges.
The Security Service of Cisco AnyConnect Posture (HostScan) for Windows incorrectly restricts access to internal IPC commands. This could enable low-privileged users to achieve NT AUTHORITY\SYSTEM privileges by sending crafted IPC commands.
This module bypasses CVE-2021-1366 by abusing a Time-of-check Time-of-use (TOCTOU) Race Condition in the priv_file_copy command.
This module bypasses CVE-2021-1366 by abusing a Time-of-check Time-of-use (TOCTOU) Race Condition in the priv_file_copy command.
An elevation of privilege vulnerability exists in Windows when the DirectComposition component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Hard-coded credentials for the diagnostics user can be used to authenticate in the UCMDB component.
Then a java deserialization vulnerability present in several endpoints of the UCMDB service can be used to execute OS commands.
Then a java deserialization vulnerability present in several endpoints of the UCMDB service can be used to execute OS commands.
A vulnerability in the admin web interface could allow an authenticated attacker to upload custom template to perform an arbitrary code execution.
An improvement in the heap feng shui in order to add more stability and support for more versions.
Apache Unomi allows conditions to use OGNL and MVEL scripting which offers the possibility to call static Java classes from the JDK that could execute code with the permission level of the running Java process.
This vulnerability is caused by xxxClientAllocWindowClassExtraBytes callback in win32kfull!xxxCreateWindowEx. The callback causes the setting of a kernel struct member and its corresponding flag to be out of sync.
This Update adds support for Windows 10 2004 and 20H2
This Update adds support for Windows 10 2004 and 20H2
Unauthenticated file upload vulnerability via uploadova plugin in VMware vCenter Server to upload and extract a TAR file.
The TAR file contains a path traversal that allows writing files at arbitraries locations.
The TAR file contains a path traversal that allows writing files at arbitraries locations.
An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.