Lucene search
K

46 matches found

Huntr
Huntr
added 2023/09/05 6:19 a.m.63 views

AppImage Vim loads libc.so.6 from pwd

Description The appimage distribution of vim loads libc.so.6 from the current directory of the user. An attacker with control of files in a directory where the user uses vim could execute arbritrary code. Proof of Concept Proof of concept will use a malicious libc.so.6 generated with below patch ...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2022/04/16 9:30 p.m.81 views

Kraken - A Multi-Platform Distributed Brute-Force Password Cracking System

Kraken is an online distributed brute force password cracking tool. It allows you to parallelize dictionaries and crunch word generator based cracking across multiple machines both as a web app in a web browser and as a standalone electron based client. Kraken aims to be easy to use, fault tolera...

7.6AI score
Exploits0References4
OPENSUSE Linux
OPENSUSE Linux
added 2022/02/16 12:0 a.m.36 views

Security update for firejail (important)

openSUSE Security Update: Security update for firejail Announcement ID: openSUSE-SU-2022:0037-1 Rating: important References: 1195880 Affected Products: openSUSE Backports SLE-15-SP3 An update that contains security fixes can now be installed. Description: This update for firejail fixes the...

7.4AI score
Exploits0
ThreatPost
ThreatPost
added 2021/06/23 11:58 a.m.209 views

Unpatched Linux Marketplace Bugs Allow Wormable Attacks, Drive-By RCE

An unpatched stored cross-site-scripting XSS security vulnerability affecting Linux marketplaces could allow unchecked, wormable supply-chain attacks, researchers have found. The bug was found to affect Pling-based markets by researchers at Positive Security, including AppImage Hub, Gnome-Look, K...

6.5AI score
Exploits0References11
NVD
NVD
added 2020/12/02 5:15 p.m.13 views

CVE-2020-25266

AppImage appimaged before 1.0.3 does not properly check whether a downloaded file is a valid appimage. For example, it will accept a crafted mp3 file that contains an appimage, and install it...

5.5CVSS5.5AI score0.0034EPSS
Exploits1References1
OSV
OSV
added 2020/12/02 5:15 p.m.3 views

CVE-2020-25266

AppImage appimaged before 1.0.3 does not properly check whether a downloaded file is a valid appimage. For example, it will accept a crafted mp3 file that contains an appimage, and install it...

5.5CVSS6.4AI score0.01919EPSS
Exploits1References1
OSV
OSV
added 2020/12/02 5:15 p.m.2 views

DEBIAN-CVE-2020-25265

AppImage libappimage before 1.0.3 allows attackers to trigger an overwrite of a system-installed .desktop file by providing a .desktop file that contains Name= with path components...

6.5CVSS6AI score0.01919EPSS
Exploits1References1
OSV
OSV
added 2020/12/02 5:15 p.m.20 views

CVE-2020-25265

AppImage libappimage before 1.0.3 allows attackers to trigger an overwrite of a system-installed .desktop file by providing a .desktop file that contains Name= with path components...

6.5CVSS6.7AI score0.01919EPSS
Exploits1References1
NVD
NVD
added 2020/12/02 5:15 p.m.14 views

CVE-2020-25265

AppImage libappimage before 1.0.3 allows attackers to trigger an overwrite of a system-installed .desktop file by providing a .desktop file that contains Name= with path components...

6.5CVSS6.4AI score0.01919EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2020/12/02 5:15 p.m.25 views

CVE-2020-25265

AppImage libappimage before 1.0.3 allows attackers to trigger an overwrite of a system-installed .desktop file by providing a .desktop file that contains Name= with path components...

6.5CVSS6.5AI score0.01919EPSS
Exploits1References2
Prion
Prion
added 2020/12/02 5:15 p.m.14 views

Design/Logic Flaw

AppImage appimaged before 1.0.3 does not properly check whether a downloaded file is a valid appimage. For example, it will accept a crafted mp3 file that contains an appimage, and install it...

4.3CVSS5.5AI score0.01919EPSS
Exploits1References1Affected Software1
UbuntuCve
UbuntuCve
added 2020/12/02 5:15 p.m.18 views

CVE-2020-25266

AppImage appimaged before 1.0.3 does not properly check whether a downloaded file is a valid appimage. For example, it will accept a crafted mp3 file that contains an appimage, and install it...

5.5CVSS6.1AI score0.0034EPSS
Exploits1References1
Prion
Prion
added 2020/12/02 5:15 p.m.13 views

Path traversal

AppImage libappimage before 1.0.3 allows attackers to trigger an overwrite of a system-installed .desktop file by providing a .desktop file that contains Name= with path components...

4.3CVSS6.4AI score0.01919EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2020/12/02 5:15 p.m.2 views

UBUNTU-CVE-2020-25266

AppImage appimaged before 1.0.3 does not properly check whether a downloaded file is a valid appimage. For example, it will accept a crafted mp3 file that contains an appimage, and install it...

5.5CVSS5.8AI score0.0034EPSS
Exploits1References2
OSV
OSV
added 2020/12/02 5:15 p.m.2 views

UBUNTU-CVE-2020-25265

AppImage libappimage before 1.0.3 allows attackers to trigger an overwrite of a system-installed .desktop file by providing a .desktop file that contains Name= with path components...

6.5CVSS5.8AI score0.01919EPSS
Exploits1References3
CVE
CVE
added 2020/12/02 4:47 p.m.51 views

CVE-2020-25266

Summary (CVE-2020-25266) : The vulnerability affects AppImage: libappimage? actually AppImage’s appimaged before version 1.0.3. The issue is that appimaged does not reliably validate that a downloaded file is a genuine AppImage; specifically, it can accept a crafted mp3 file that contains an AppI...

5.5CVSS5.7AI score0.0034EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/12/02 4:47 p.m.19 views

CVE-2020-25266

AppImage appimaged before 1.0.3 does not properly check whether a downloaded file is a valid appimage. For example, it will accept a crafted mp3 file that contains an appimage, and install it...

5.5AI score0.0034EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2020/12/02 4:45 p.m.23 views

CVE-2020-25265

AppImage libappimage before 1.0.3 allows attackers to trigger an overwrite of a system-installed .desktop file by providing a .desktop file that contains Name= with path components...

6.5CVSS6.4AI score0.01919EPSS
Exploits1
CVE
CVE
added 2020/12/02 4:45 p.m.57 views

CVE-2020-25265

The CVE-2020-25265 entry concerns AppImage libappimage prior to 1.0.3. It describes a bug where an attacker can cause an overwrite of a system-installed .desktop file by supplying a crafted .desktop file that contains Name= with path components. The impact is described as enabling file overwrite,...

6.5CVSS6.3AI score0.01919EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/12/02 4:45 p.m.31 views

CVE-2020-25265

AppImage libappimage before 1.0.3 allows attackers to trigger an overwrite of a system-installed .desktop file by providing a .desktop file that contains Name= with path components...

6.4AI score0.01919EPSS
Exploits1References1
Rows per page
Query Builder