Docker Sudo Privilege Escalation
Posted by deepcore under exploit (No Respond)
If a user has sudo permissions to /usr/bin/docker, it can be leveraged to escalated privileges to root.
Archive for January, 2018
Microsoft Edge Chakra Deferred Parsing
Posted by deepcore under exploit (No Respond)
Microsoft Egde Chakra deferred parsing makes wrong scopes.
Microsoft Edge Chakra JIT Stack-To-Heap Copy Bug
Posted by deepcore under exploit (No Respond)
Microsoft Edge Chakra JIT suffers from a stack-to-heap copy bug.
Microsoft Edge Chakra JIT Loop Analysis Bug
Posted by deepcore under exploit (No Respond)
Microsoft Edge Chakra JIT suffers from a loop analysis bug that can perform an out-of-bounds write.
Microsoft Edge Chakra AsmJSByteCodeGenerator::EmitCall Call Handling
Posted by deepcore under exploit (No Respond)
Microsoft Edge Chakra suffers from an AsmJSByteCodeGenerator::EmitCall call handling bug.
macOS 10.13 Kernel Memory Disclosure
Posted by deepcore under exploit (No Respond)
macOS version 10.13 suffers from a kernel memory disclosure due to lack of bounds checking in AppleIntelCapriController::getDisplayPipeCapability.
Smiths Medical Medfusion 4000 DHCP Denial Of Service
Posted by deepcore under exploit (No Respond)
Smiths Medical Medfusion 4000 suffers from a dhcp related denial of service vulnerability.
Oracle JDeveloper IDE Directory Traversal
Posted by deepcore under exploit (No Respond)
Oracle JDeveloper IDE suffers from a directory traversal vulnerability.
GitStack 2.3.10 Remote Code Execution
Posted by deepcore under exploit (No Respond)
GitStack version 2.3.10 suffers from an unauthenticated remote code execution vulnerability.
glibc getcwd() Local Privilege Escalation
Posted by deepcore under exploit (No Respond)
glibc suffers from a getcwd() local privilege escalation vulnerability.