Lucene search
+L

190 matches found

cve
cve
added 2022/08/09 8:18 p.m.271 views

CVE-2022-30580

Technical details for CVE-2022-30580 are not publicly provided in the supplied documents. No affected products, impact, or fixes are specified here. Please consult primary sources or follow-up disclosures for confirmed technical details and remediation guidance.

7.8CVSS8AI score0.0059EPSS
Exploits0References5Affected Software1
debiancve
debiancve
added 2022/08/09 8:18 p.m.45 views

CVE-2022-30580

Code injection in Cmd.Start in os/exec before Go 1.17.11 and Go 1.18.3 allows execution of any binaries in the working directory named either "..com" or "..exe" by calling Cmd.Run, Cmd.Start, Cmd.Output, or Cmd.CombinedOutput when Cmd.Path is unset...

7.8CVSS6.8AI score0.0059EPSS
Exploits0
githubexploit
githubexploit
added 2022/08/04 4:19 p.m.1250 views

Exploit for Path Traversal in Apache Http_Server

CVE-2021-41773 Apache / 2.4.49 CVE-2021-41773 exploit by G...

7.5CVSS8.4AI score0.99992EPSS
Exploits151
veracode
veracode
added 2022/07/26 12:31 a.m.26 views

Injection Vulnerability

go has injection vulnerability. The vulnerability exists due to a lack of sanitization in Cmd.Start in os/exec allowing execution of any binaries in the working directory named either "..com" or "..exe" by calling Cmd.Run, Cmd.Start, Cmd.Output, or Cmd.CombinedOutput when Cmd.Path is unset...

7.8CVSS7.8AI score0.0059EPSS
Exploits0References6Affected Software1
prion
prion
added 2022/07/12 9:15 p.m.21 views

Design/Logic Flaw

Git for Windows is a fork of Git that contains Windows-specific patches. This vulnerability in versions prior to 2.37.1 lets Git for Windows' installer execute a binary into C:\mingw64\bin\git.exe by mistake. This only happens upon a fresh install, not when upgrading Git for Windows. A patch is...

4.4CVSS7.2AI score0.00394EPSS
Exploits0References2Affected Software1
vulnrichment
vulnrichment
added 2022/07/12 8:35 p.m.6 views

CVE-2022-31012 Git for Windows' installer can be tricked into executing an untrusted binary

Git for Windows is a fork of Git that contains Windows-specific patches. This vulnerability in versions prior to 2.37.1 lets Git for Windows' installer execute a binary into C:\mingw64\bin\git.exe by mistake. This only happens upon a fresh install, not when upgrading Git for Windows. A patch is...

8.2CVSS8.2AI score0.00394EPSS
Exploits0References2
cvelist
cvelist
added 2022/07/12 8:35 p.m.41 views

CVE-2022-31012 Git for Windows' installer can be tricked into executing an untrusted binary

Git for Windows is a fork of Git that contains Windows-specific patches. This vulnerability in versions prior to 2.37.1 lets Git for Windows' installer execute a binary into C:\mingw64\bin\git.exe by mistake. This only happens upon a fresh install, not when upgrading Git for Windows. A patch is...

8.2CVSS8.4AI score0.00394EPSS
Exploits0References2
osv
osv
added 2022/02/18 1:7 a.m.13 views

USN-5292-2 snapd vulnerabilities

USN-5292-1 fixed vulnerabilities in snapd. This update provides the corresponding update for the riscv64 architecture. Original advisory details: James Troup discovered that snap did not properly manage the permissions for the snap directories. A local attacker could possibly use this issue to...

8.8CVSS7AI score0.00952EPSS
Exploits5References5
osv
osv
added 2022/02/16 7:15 p.m.26 views

CVE-2022-25255

In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH...

7.8CVSS6.7AI score
Exploits0References5
nvd
nvd
added 2022/02/16 7:15 p.m.23 views

CVE-2022-25255

In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH...

7.8CVSS0.00334EPSS
Exploits0References5
ubuntucve
ubuntucve
added 2022/02/16 7:15 p.m.67 views

CVE-2022-25255

In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH...

7.8CVSS7.1AI score0.00334EPSS
Exploits0References7
osv
osv
added 2022/02/16 7:15 p.m.3 views

UBUNTU-CVE-2022-25255

In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH...

7.8CVSS7.1AI score0.00334EPSS
Exploits0References8
debiancve
debiancve
added 2022/02/16 6:48 p.m.54 views

CVE-2022-25255

In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH...

7.8CVSS7.6AI score0.00334EPSS
Exploits0
cvelist
cvelist
added 2022/02/16 6:48 p.m.27 views

CVE-2022-25255

In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH...

7.7AI score0.00334EPSS
Exploits0References5
osv
osv
added 2022/02/15 1:57 a.m.31 views

GHSA-XJQR-G762-PXWP containernetworking/cni improper limitation of path name

An improper limitation of path name flaw was found in containernetworking/cni in versions before 0.8.1. When specifying the plugin to load in the 'type' field in the network configuration, it is possible to use special elements such as "../" separators to reference binaries elsewhere on the syste...

7.2CVSS7AI score0.01525EPSS
Exploits0References6
prion
prion
added 2022/02/01 12:15 p.m.17 views

Design/Logic Flaw

Element Desktop is a Matrix client for desktop platforms with Element Web at its core. Element Desktop before 1.9.7 is vulnerable to a remote program execution bug with user interaction. The exploit is non-trivial and requires clicking on a malicious link, followed by another button click. To the...

5.1CVSS8.9AI score0.0148EPSS
Exploits0References2Affected Software1
osv
osv
added 2021/12/17 9:15 a.m.18 views

CVE-2021-36779

A Missing Authentication for Critical Function vulnerability in SUSE Longhorn allows any workload in the cluster to execute any binary present in the image on the host without authentication. This issue affects: SUSE Longhorn longhorn versions prior to 1.1.3; longhorn versions prior to 1.2.3...

9.6CVSS9.4AI score0.00451EPSS
Exploits0References2
prion
prion
added 2021/12/17 9:15 a.m.21 views

Authentication flaw

A Missing Authentication for Critical Function vulnerability in SUSE Longhorn allows any workload in the cluster to execute any binary present in the image on the host without authentication. This issue affects: SUSE Longhorn longhorn versions prior to 1.1.3; longhorn versions prior to 1.2.3...

8.3CVSS9.2AI score0.00664EPSS
Exploits0References2Affected Software1
cnnvd
cnnvd
added 2021/12/17 12:0 a.m.7 views

Longhorn 访问控制错误漏洞

Longhorn is a cloud-native distributed storage system built on Kubernetes. Longhorn suffers from an Access Control Error vulnerability that stems from SUSE Longhorn allowing any workload in a cluster to execute any binary file in an image on the host without authentication...

9.6CVSS8.4AI score0.00664EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2021/12/17 12:0 a.m.12 views

PT-2021-21350 · Suse · Suse Longhorn

Name of the Vulnerable Software and Affected Versions: SUSE Longhorn versions prior to 1.1.3 SUSE Longhorn versions prior to 1.2.3 Description: A Missing Authentication for Critical Function issue in SUSE Longhorn allows any workload in the cluster to execute any binary present in the image on th...

9.6CVSS9.5AI score0.00664EPSS
Exploits0References6
Rows per page
Query Builder