The Container Manager Service does not configure STORVSP correctly when opening mapped named pipes leading to privilege escalation.
a5a7b8a6d4d3bd869fe815693a71e3b3b160d9b0acd588ad9dce491050248edb
This Metasploit module exploits a Perl injection vulnerability in the DjVu ANT parsing code of ExifTool versions 7.44 through 12.23 inclusive. The injection is used to execute a shell command using Perl backticks. The DjVu image can be embedded in a wrapper image using the HasselbladExif EXIF field.
6faaab2f2450fabd11bd922db38c56424cff69369eb7b6d4c402f570e3a96b13
The Container Manager Service creates an AppContainer process without impersonating the access token leading to privilege escalation.
08b62d49ff9505e1affc60bfb3367e9f2636ae2e993c5a51f8abbccdae306e0f
The Container Manager Service does not impersonate the caller when granting access to virtual disk images leading to privilege escalation.
879e3f4ead07a6f0c0ca5da047994fe7b3ffb02391288f7bf38a0d4568aaee88
The Container Manager Service accepts an access token provided by the user without verification allowing an arbitrary process to be created with another user identity leading to privilege escalation.
66a7b4179cd5c55e74f86503906a67a0fa110323561936f3ee59ec7929362af3
Backdoor.Win32.Delf.zho malware suffers from bypass and code execution vulnerabilities.
9f8eb9e0c65e12517c66e94696388fbe7736219740a7b25e3dd554f79dbbf15c
Red Hat Security Advisory 2021-1547-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 3.1.115 and .NET Core Runtime 3.1.15. Issues addressed include a privilege escalation vulnerability.
87f6a7156fd56c8b68fc56a44203edb1b4f2f3f7fc05c5c6eff9ff29c2e8016d
Red Hat Security Advisory 2021-1546-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 5.0.203 and .NET Runtime 5.0.6. Issues addressed include a privilege escalation vulnerability.
475dc2f9f672ee6ada56f5c8160bf925dbb9935918ba4e7a65e8749e9398a11e
Ubuntu Security Notice 4951-1 - Anton Lydike discovered that Flatpak did not properly handle special tokens in desktop files. An attacker could use this to specially craft a Flatpak application that could escape sandbox confinement.
0a23b56d1081ab2204a99d50c0d34c135491bf42cf34c1c9d5130145a1870e60
Ubuntu Security Notice 4949-1 - Ryota Shiga discovered that the eBPF implementation in the Linux kernel did not properly verify that a BPF program only reserved as much memory for a ring buffer as was allocated. A local attacker could use this to cause a denial of service or execute arbitrary code. Manfred Paul discovered that the eBPF implementation in the Linux kernel did not properly track bounds on bitwise operations. A local attacker could use this to cause a denial of service or execute arbitrary code. Various other issues were also addressed.
76d964fe9c27085f6742f1876c549a9562042eb085a4203978ffafc9d5a92ddc
Ubuntu Security Notice 4948-1 - Ryota Shiga discovered that the eBPF implementation in the Linux kernel did not properly verify that a BPF program only reserved as much memory for a ring buffer as was allocated. A local attacker could use this to cause a denial of service or execute arbitrary code. Manfred Paul discovered that the eBPF implementation in the Linux kernel did not properly track bounds on bitwise operations. A local attacker could use this to cause a denial of service or execute arbitrary code. Various other issues were also addressed.
957eb73e74d19d4c62c7116de0b476cf551491d297e087fb9602eff91b7ee985
Ubuntu Security Notice 4950-1 - Ryota Shiga discovered that the eBPF implementation in the Linux kernel did not properly verify that a BPF program only reserved as much memory for a ring buffer as was allocated. A local attacker could use this to cause a denial of service or execute arbitrary code. Manfred Paul discovered that the eBPF implementation in the Linux kernel did not properly track bounds on bitwise operations. A local attacker could use this to cause a denial of service or execute arbitrary code. Various other issues were also addressed.
f703c719697ff87020df10163da73587499d3cda884cdd896c4cff9f26e9dda3
Red Hat Security Advisory 2021-1544-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation.
d7e7b432ecf9d20c8ff9eabd7574cc975e16cc4417c0e83bdb4d9c66a7952f47
Red Hat Security Advisory 2021-1540-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include a bypass vulnerability.
f83109078c832d4f6f26087264a3cf0bf39c4bda7cf213a25d62f51bf0b6edaa
Chevereto version 3.17.1 suffers from a persistent cross site scripting vulnerability.
cc636e3b5c72172eafa06b92135a8fbc456e816bb5150f9e522280988c878f59
Red Hat Security Advisory 2021-1538-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include a bypass vulnerability.
e182ffcdeb1e085f9bf35f024dced52ec6a0badf0f3d85dd52eb8c2e896d20d1
Ubuntu Security Notice 4947-1 - Kiyin discovered that the x25 implementation in the Linux kernel contained overflows when handling addresses from user space. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the fastrpc driver in the Linux kernel did not prevent user space applications from sending kernel RPC messages. A local attacker could possibly use this to gain elevated privileges. Various other issues were also addressed.
0f3c9901fe7cb2bad1e41c261c51e0aa55d62c3d6c70d8302e4c8c01946ccb92
Ubuntu Security Notice 4946-1 - It was discovered that the DRM subsystem in the Linux kernel contained double-free vulnerabilities. A privileged attacker could possibly use this to cause a denial of service or possibly execute arbitrary code. Olivier Benjamin, Norbert Manthey, Martin Mazein, and Jan H. Schoenherr discovered that the Xen paravirtualization backend in the Linux kernel did not properly propagate errors to frontend drivers in some situations. An attacker in a guest VM could possibly use this to cause a denial of service. Various other issues were also addressed.
9dc6b159df273d7bcc3668b236d471f14d62790286458313509fbc9eb23c7579
Ubuntu Security Notice 4945-1 - It was discovered that the Nouveau GPU driver in the Linux kernel did not properly handle error conditions in some situations. A local attacker could use this to cause a denial of service. Jan Beulich discovered that the Xen netback backend in the Linux kernel did not properly handle certain error conditions under paravirtualization. An attacker in a guest VM could possibly use this to cause a denial of service. Various other issues were also addressed.
5a76cc7c1c429c2a4eb7effc9105b11c6e36caf111681662c6bd8c168d7e4181
Android NFC suffers from a type confusion vulnerability in nfa_rw_sys_disable.
7a12df472496a0e739a7d1979be71fa941ec278836bae496a8bfd948c0899ca3
Odoo version 12.0.20190101 suffers from an unquoted service path vulnerability.
469df8497a4e7de028d861d23a77481ee88f1eec8fd644fb09ea4107b5e9674a