The Siemens R3964 line discipline code in drivers/tty/n_r3964.c has a few races around its ioctl handler; for example, the handler for R3964_ENABLE_SIGNALS just allocates and deletes elements in a linked list with zero locking. This code is reachable by an unprivileged user if the line discipline is enabled in the kernel config; Ubuntu 18.04, for […]
Sony Smart TVs suffer from information disclosure and arbitrary file read vulnerabilities.
The hardened VirtualBox process on a Windows host does not secure its COM interface leading to arbitrary code injection and elevation of privilege.
In WinRAR versions prior to and including 5.61, there is path traversal vulnerability when crafting the filename field of the ACE format (in UNACEV2.dll). When the filename field is manipulated with specific patterns, the destination (extraction) folder is ignored, thus treating the filename as an absolute path. This module will attempt to extract a payload […]
https://envocc.ddc.moph.go.th//xampp/lang.tmp notified by ATSIZ
Tags: defacementRARLAB WinRAR 5.61 – ACE Format Input Validation Remote Code Execution (Metasploit)
Tags: 0day, remote exploit