A newly disclosed vulnerability in a Linux program can be exploited for local privilege escalation — and ultimately to acquire root privileges, researchers at cybersecurity vendor Qualys said today.

A missing check allows unprivileged attackers to escape containers and execute arbitrary commands in the kernel. To go along with the “Dirty Pipe” Linux security bug coming to light, two researchers ...

Two vulnerabilities in the way the Linux kernel handles the conversion of specific data types could allow a malicious user to turn a local, unprivileged user account into a superuser account with root ...

Exploit code has been released for an unpatched Windows privilege escalation flaw reported privately to Microsoft, allowing attackers to gain SYSTEM or elevated administrator permissions. CISA ...

A seven-year-old local privilege escalation bug has reared its head and finally got a fix. When it was available, exploiting the vulnerability in the polkit authentication service could have allowed ...

Researchers found an easy-to-exploit vulnerability in Snap, a universal application packaging and distribution system developed for Ubuntu but available on multiple Linux distributions. The flaw ...

It seems that cybersecurity concerns are once again on the rise, as just this week, we reported on the surge in ransomware attacks. Now, researchers at Qualys have published a privilege escalation ...

The world woke up on Tuesday to two new vulnerabilities—one in Windows and the other in Linux—that allow hackers with a toehold in a vulnerable system to bypass OS security restrictions and access ...

Proof-of-concept exploits have already surfaced online for a high-severity flaw in GNU C Library's dynamic loader, allowing local attackers to gain root privileges on major Linux distributions. Apple ...

As Ars Technica reports, Linux kernel bug CVE-2016-5195 finally received an official patch this week. When successfully exploited, the vulnerability allows a hacker to escalate their privileges on the ...