Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.5 views

TencentOS Server 4: snapd (TSSA-2025:0174)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0174 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

8.2CVSS7.8AI score0.00306EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2024/08/02 12:0 a.m.26 views

Ubuntu: Security Advisory (USN-6940-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS6.2AI score0.00306EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2024/08/01 6:35 a.m.365 views

USN-6940-1: snapd vulnerabilities

Neil McPhail discovered that snapd did not properly restrict writes to the $HOME/bin path in the AppArmor profile for snaps using the home plug. An attacker who could convince a user to install a malicious snap could use this vulnerability to escape the snap sandbox. CVE-2024-1724 Zeyad Gouda...

8.2CVSS7.6AI score0.00306EPSS
Exploits1
NVD
NVD
added 2024/07/25 7:15 p.m.49 views

CVE-2024-1724

In snapd versions prior to 2.62, when using AppArmor for enforcement of sandbox permissions, snapd failed to restrict writes to the $HOME/bin path. In Ubuntu, when this path exists, it is automatically added to the users PATH. An attacker who could convince a user to install a malicious snap whic...

8.2CVSS0.00306EPSS
Exploits1References3
OSV
OSV
added 2024/07/25 7:5 p.m.31 views

CVE-2024-1724 snapd allows $HOME/bin symlink

In snapd versions prior to 2.62, when using AppArmor for enforcement of sandbox permissions, snapd failed to restrict writes to the $HOME/bin path. In Ubuntu, when this path exists, it is automatically added to the users PATH. An attacker who could convince a user to install a malicious snap whic...

6.3CVSS7.3AI score0.00306EPSS
Exploits1References6
CVE
CVE
added 2024/07/25 7:5 p.m.89 views

CVE-2024-1724

CVE-2024-1724 affects snapd prior to 2.62, where AppArmor sandbox enforcement failed to restrict writes to $HOME/bin. In Ubuntu, this path is added to the user PATH when present, enabling a user-wurnished malicious snap using the home plug to drop scripts into PATH and potentially execute them ou...

8.2CVSS6.5AI score0.00306EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2024/07/01 12:0 a.m.2 views

UBUNTU-CVE-2024-1724

In snapd versions prior to 2.62, when using AppArmor for enforcement of sandbox permissions, snapd failed to restrict writes to the $HOME/bin path. In Ubuntu, when this path exists, it is automatically added to the users PATH. An attacker who could convince a user to install a malicious snap whic...

8.2CVSS5.9AI score0.00306EPSS
Exploits1References6
Rows per page
Query Builder