Lucene search
K

79 matches found

cvelist
cvelist
added 2022/12/25 12:0 a.m.39 views

CVE-2022-37706

enlightenmentsys in Enlightenment before 0.25.4 allows local users to gain privileges because it is setuid root, and the system library function mishandles pathnames that begin with a /dev/.. substring...

7.8AI score0.05486EPSS
Exploits15References3
cve
cve
added 2022/12/25 12:0 a.m.684 views

CVE-2022-37706

CVE-2022-37706 is a local privilege-escalation in Enlightenment where enlightenment_sys is setuid root and mishandles pathnames starting with /dev/.., allowing a local user to gain root privileges. Affected: Enlightenment before 0.25.4 (enlightenment_sys binary). Root cause: insecure handling of ...

7.8CVSS7.4AI score0.05486EPSS
Exploits15References3Affected Software1
debiancve
debiancve
added 2022/12/25 12:0 a.m.75 views

CVE-2022-37706

enlightenmentsys in Enlightenment before 0.25.4 allows local users to gain privileges because it is setuid root, and the system library function mishandles pathnames that begin with a /dev/.. substring...

7.8CVSS7.8AI score0.05486EPSS
Exploits15
nessus
nessus
added 2022/12/23 12:0 a.m.21 views

Fedora 36 : efl / enlightenment (2022-0cc77b384a)

The remote Fedora 36 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2022-0cc77b384a advisory. Update efl to 1.26.3, enlightenment to 0.25.4. Fixes CVE-2022-37706 Tenable has extracted the preceding description block directly from the Fedora...

7.8CVSS7.6AI score0.05486EPSS
Exploits15References2
nessus
nessus
added 2022/12/23 12:0 a.m.25 views

Fedora 35 : efl / enlightenment (2022-bafb72fdc0)

The remote Fedora 35 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2022-bafb72fdc0 advisory. Update efl to 1.26.3, enlightenment to 0.25.4. Fixes CVE-2022-37706 Tenable has extracted the preceding description block directly from the Fedora...

7.8CVSS7.6AI score0.05486EPSS
Exploits15References2
nessus
nessus
added 2022/10/20 12:0 a.m.26 views

openSUSE 15 Security Update : enlightenment (openSUSE-SU-2022:10153-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2022:10153-1 advisory. - enlightenmentsys in Enlightenment before 0.25.4 allows local users to gain privileges because it is setuid root, and the system library function...

7.8CVSS7.4AI score0.05486EPSS
Exploits15References4
opensuse
opensuse
added 2022/10/19 12:0 a.m.28 views

Security update for enlightenment (important)

openSUSE Security Update: Security update for enlightenment Announcement ID: openSUSE-SU-2022:10153-1 Rating: important References: 1203631 Cross-References: CVE-2022-37706 Affected Products: openSUSE Backports SLE-15-SP4 An update that fixes one vulnerability is now available. Description: This...

7.8CVSS7.8AI score0.05486EPSS
Exploits15References1
openvas
openvas
added 2022/10/10 12:0 a.m.15 views

Mageia: Security Advisory (MGASA-2022-0360)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.7AI score0.05486EPSS
Exploits15References5
osv
osv
added 2022/10/08 8:22 p.m.7 views

MGASA-2022-0360 Updated enlightenment packages fix security vulnerability

Updated enlightenment package to fix the security vulnerability, CVE-2022-37706 that would allow an user to gain root privileges...

7.8CVSS7.8AI score0.05486EPSS
Exploits15References4
mageia
mageia
added 2022/10/08 8:22 p.m.42 views

Updated enlightenment packages fix security vulnerability

Updated enlightenment package to fix the security vulnerability, CVE-2022-37706 that would allow an user to gain root privileges...

7.8CVSS3.5AI score0.05486EPSS
Exploits15References3
zdt
zdt
added 2022/10/06 12:0 a.m.683 views

Ubuntu 22.04.1 X64 Desktop Enlightenment 0.25.3-1 Privilege Escalation Exploit

This Metasploit module exploits a command injection within Enlightenment's enlightenmentsys binary. This is done by calling the mount command and feeding it paths which meet all of the system requirements, but execute a specific path as well due to a semi-colon being used. This module was tested ...

7.8CVSS8.2AI score0.05486EPSS
Exploits15
packetstorm
packetstorm
added 2022/10/05 12:0 a.m.396 views

Ubuntu 22.04.1 X64 Desktop Enlightenment 0.25.3-1 Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ubuntu Enlightenment Mount Priv Esc', 'Description' = %q This module exploits a command injection within Enlightenment's enlightenmentsys binary...

0.8AI score0.05486EPSS
Exploits15
openvas
openvas
added 2022/10/04 12:0 a.m.18 views

Fedora: Security Advisory for enlightenment (FEDORA-2022-0cc77b384a)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8CVSS7.6AI score0.05486EPSS
Exploits15References2
fedora
fedora
added 2022/10/03 1:13 a.m.27 views

[SECURITY] Fedora 36 Update: enlightenment-0.25.4-1.fc36

Enlightenment window manager is a lean, fast, modular and very extensible win dow manager for X11 and Linux. It is classed as a "desktop shell" providing the things you need to operate your desktop or laptop, but is not a whole ' application suite. This covered launching applications, managing...

7.8CVSS7.8AI score0.05486EPSS
Exploits15
fedora
fedora
added 2022/10/03 12:51 a.m.37 views

[SECURITY] Fedora 35 Update: enlightenment-0.25.4-1.fc35

Enlightenment window manager is a lean, fast, modular and very extensible win dow manager for X11 and Linux. It is classed as a "desktop shell" providing the things you need to operate your desktop or laptop, but is not a whole ' application suite. This covered launching applications, managing...

7.8CVSS7.8AI score0.05486EPSS
Exploits15
fedora
fedora
added 2022/10/03 12:21 a.m.32 views

[SECURITY] Fedora 37 Update: enlightenment-0.25.4-1.fc37

Enlightenment window manager is a lean, fast, modular and very extensible win dow manager for X11 and Linux. It is classed as a "desktop shell" providing the things you need to operate your desktop or laptop, but is not a whole ' application suite. This covered launching applications, managing...

7.8CVSS7.8AI score0.05486EPSS
Exploits15
bdu_fstec
bdu_fstec
added 2022/10/03 12:0 a.m.8 views

The vulnerability of the Enlightenment sysfile implementation of the Enlightenment window manager allows a perpetrator to escalate their privileges.

The vulnerability of the Enlightenment sysytem file for the Enlightenment window manager is related to incorrect code generation. Exploiting this vulnerability can allow an attacker to increase their privileges...

6.8CVSS7.3AI score0.05486EPSS
Exploits15References5Affected Software2
openvas
openvas
added 2022/10/03 12:0 a.m.17 views

Fedora: Security Advisory for enlightenment (FEDORA-2022-bafb72fdc0)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8CVSS7.6AI score0.05486EPSS
Exploits15References2
openvas
openvas
added 2022/10/03 12:0 a.m.14 views

Fedora: Security Advisory for enlightenment (FEDORA-2022-7090749bf4)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8CVSS7.6AI score0.05486EPSS
Exploits15References2
openvas
openvas
added 2022/09/24 12:0 a.m.19 views

Debian: Security Advisory (DSA-5233-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.6AI score0.05486EPSS
Exploits15References4
Rows per page
Query Builder