Lucene search
K

306 matches found

OpenVAS
OpenVAS
added 2020/04/30 12:0 a.m.62 views

Fedora: Security Advisory for pacman (FEDORA-2020-419a75aef6)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS9.6AI score0.03672EPSS
Exploits2References2
Fedora
Fedora
added 2020/04/25 2:27 a.m.36 views

[SECURITY] Fedora 32 Update: pacman-5.2.1-2.fc32

Pacman is the package manager used by the Arch distribution. It can be used to install Arch into a container or to recover an Arch installation from a Fedora system see arch-install-scripts package for instructions. Pacman is a frontend for the ALPM Arch Linux Package Management library Pacman do...

9.8CVSS2.7AI score0.03672EPSS
Exploits2
ArchLinux
ArchLinux
added 2020/04/16 12:0 a.m.30 views

[ASA-202004-15] chromium: arbitrary code execution

Arch Linux Security Advisory ASA-202004-15 ========================================== Severity: Critical Date : 2020-04-16 CVE-ID : CVE-2020-6457 Package : chromium Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1134 Summary ======= The package chromium...

9.6CVSS2.2AI score0.01236EPSS
Exploits0References4
Fedora
Fedora
added 2020/04/09 6:19 p.m.55 views

[SECURITY] Fedora 31 Update: pacman-5.2.1-2.fc31

Pacman is the package manager used by the Arch distribution. It can be used to install Arch into a container or to recover an Arch installation from a Fedora system see arch-install-scripts package for instructions. Pacman is a frontend for the ALPM Arch Linux Package Management library Pacman do...

9.8CVSS2.7AI score0.03672EPSS
Exploits2
ArchLinux
ArchLinux
added 2020/04/09 12:0 a.m.39 views

[ASA-202004-11] libssh: denial of service

Arch Linux Security Advisory ASA-202004-11 ========================================== Severity: Medium Date : 2020-04-09 CVE-ID : CVE-2020-1730 Package : libssh Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1130 Summary ======= The package libssh before version...

5.3CVSS1.7AI score0.03065EPSS
Exploits0References5
ArchLinux
ArchLinux
added 2020/04/08 12:0 a.m.43 views

[ASA-202004-8] firefox: multiple issues

Arch Linux Security Advisory ASA-202004-8 ========================================= Severity: Critical Date : 2020-04-08 CVE-ID : CVE-2020-6821 CVE-2020-6823 CVE-2020-6824 CVE-2020-6825 CVE-2020-6826 Package : firefox Type : multiple issues Remote : Yes Link :...

9.8CVSS0.1AI score0.01905EPSS
Exploits0References17
ArchLinux
ArchLinux
added 2020/04/01 12:0 a.m.35 views

[ASA-202004-1] chromium: arbitrary code execution

Arch Linux Security Advisory ASA-202004-1 ========================================= Severity: High Date : 2020-04-01 CVE-ID : CVE-2020-6450 CVE-2020-6451 CVE-2020-6452 Package : chromium Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1123 Summary ======= Th...

8.8CVSS1.5AI score0.01814EPSS
Exploits1References8
ArchLinux
ArchLinux
added 2020/04/01 12:0 a.m.41 views

[ASA-202004-3] linux-lts: privilege escalation

Arch Linux Security Advisory ASA-202004-3 ========================================= Severity: High Date : 2020-04-01 CVE-ID : CVE-2020-8835 Package : linux-lts Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-1121 Summary ======= The package linux-lts before versi...

7.8CVSS3AI score0.0606EPSS
Exploits9References5
OSV
OSV
added 2020/03/31 6:15 p.m.4 views

ALPINE-CVE-2020-5291

Bubblewrap bwrap before version 0.4.1, if installed in setuid mode and the kernel supports unprivileged user namespaces, then the bwrap --userns2 option can be used to make the setuid process keep running as root while being traceable. This can in turn be used to gain root permissions. Note that...

7.8CVSS7AI score0.00907EPSS
Exploits0References1
OSV
OSV
added 2020/03/31 6:15 p.m.3 views

DEBIAN-CVE-2020-5291

Bubblewrap bwrap before version 0.4.1, if installed in setuid mode and the kernel supports unprivileged user namespaces, then the bwrap --userns2 option can be used to make the setuid process keep running as root while being traceable. This can in turn be used to gain root permissions. Note that...

7.8CVSS7.6AI score0.00907EPSS
Exploits0References1
Gitee
Gitee
added 2020/03/28 4:30 p.m.2 views

ptf

The Penetration Testers Framework PTF is a Python script designed for Debian/Ubuntu/ArchLinux based distributions to create a similar and familiar distribution for Penetration Testing. It is a modular framework that installs and updates various penetration testing tools, compiles them, and makes...

7.4AI score
Exploits0
ArchLinux
ArchLinux
added 2020/03/19 12:0 a.m.31 views

[ASA-202003-13] bluez: access restriction bypass

Arch Linux Security Advisory ASA-202003-13 ========================================== Severity: High Date : 2020-03-19 CVE-ID : CVE-2020-0556 Package : bluez Type : access restriction bypass Remote : Yes Link : https://security.archlinux.org/AVG-1116 Summary ======= The package bluez before versi...

7.1CVSS1.9AI score0.01033EPSS
Exploits0References9
ArchLinux
ArchLinux
added 2020/03/04 12:0 a.m.36 views

[ASA-202003-1] chromium: access restriction bypass

Arch Linux Security Advisory ASA-202003-1 ========================================= Severity: High Date : 2020-03-04 CVE-ID : CVE-2020-6420 Package : chromium Type : access restriction bypass Remote : Yes Link : https://security.archlinux.org/AVG-1107 Summary ======= The package chromium before...

8.8CVSS1.8AI score0.01294EPSS
Exploits0References4
ArchLinux
ArchLinux
added 2020/01/09 12:0 a.m.28 views

[ASA-202001-2] file: arbitrary code execution

Arch Linux Security Advisory ASA-202001-2 ========================================= Severity: High Date : 2020-01-09 CVE-ID : CVE-2019-18218 Package : file Type : arbitrary code execution Remote : No Link : https://security.archlinux.org/AVG-1083 Summary ======= The package file before version...

7.8CVSS3AI score0.0185EPSS
Exploits1References5
OSV
OSV
added 2019/12/18 4:15 p.m.4 views

DEBIAN-CVE-2019-19882

shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing...

7.8CVSS7.8AI score0.00495EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2019/12/18 4:15 p.m.12 views

CVE-2019-19882

shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing...

7.8CVSS7.1AI score0.00495EPSS
Exploits1References3
Cvelist
Cvelist
added 2019/12/18 3:7 p.m.17 views

CVE-2019-19882

shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing...

7.5AI score0.00495EPSS
Exploits1References6
CVE
CVE
added 2019/12/18 3:7 p.m.74 views

CVE-2019-19882

CVE-2019-19882 affects Shadow 4.8 when built with --with-libpam but without --disable-account-tools-setuid and without a PAM config compatible with setuid tools, enabling local users to escalate to root via account-management utilities (groupadd, groupdel, groupmod, useradd, userdel, usermod). Th...

7.8CVSS7.5AI score0.00495EPSS
Exploits1References6Affected Software1
Kitploit
Kitploit
added 2019/11/05 12:0 p.m.1638 views

Trivy - A Simple And Comprehensive Vulnerability Scanner For Containers, Suitable For CI

A Simple and Comprehensive Vulnerability Scanner for Containers, Suitable for CI. Abstract Trivy tri pronounced like tri gger, vy pronounced like envy is a simple and comprehensive vulnerability scanner for containers. A software vulnerability is a glitch, flaw, or weakness present in the softwar...

3.7CVSS10AI score0.97356EPSS
Exploits39References20
ArchLinux
ArchLinux
added 2019/11/03 12:0 a.m.66 views

[ASA-201911-4] python2: information disclosure

Arch Linux Security Advisory ASA-201911-4 ========================================= Severity: High Date : 2019-11-03 CVE-ID : CVE-2019-9636 Package : python2 Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-978 Summary ======= The package python2 before version...

9.8CVSS0.6AI score0.08811EPSS
Exploits0References5
Rows per page
Query Builder