Lucene search
K

98 matches found

Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.10 views

PT-2026-3885

Name of the Vulnerable Software and Affected Versions openCryptoki versions 2.3.2 and above Description openCryptoki is a PKCS11 library used on Linux and AIX systems. Versions 2.3.2 and above are susceptible to symlink-following when operating in privileged contexts. A user belonging to the...

6.8CVSS5.8AI score0.00237EPSS
Exploits1References68
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001104)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001104 advisory. The overlayfs implementation in the Linux kernel through 4.5.2 does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by...

7.8CVSS7AI score0.00923EPSS
Exploits2References9
EUVD
EUVD
added 2025/12/02 9:31 p.m.5 views

EUVD-2025-200300

A container privilege escalation flaw was found in certain CodeReady Workspaces images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a...

5.2CVSS6.8AI score0.00167EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/02 6:53 p.m.9 views

CVE-2025-57850 Codeready-ws: privilege escalation via excessive /etc/passwd permissions

A container privilege escalation flaw was found in certain CodeReady Workspaces images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a...

6.4CVSS0.00167EPSS
Exploits0References2
CVE
CVE
added 2025/12/02 6:53 p.m.12 views

CVE-2025-57850

CVE-2025-57850 describes a container privilege escalation in CodeReady Workspaces images. The root cause is that the build process creates /etc/passwd with group-writable permissions, enabling a container user (even non-root) to leverage membership in the root group to modify /etc/passwd and add ...

6.4CVSS6.9AI score0.00167EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/02 12:0 a.m.4 views

PT-2025-48768

A container privilege escalation flaw was found in certain CodeReady Workspaces images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a...

5.2CVSS7.2AI score0.00167EPSS
Exploits0References3
OSV
OSV
added 2025/11/17 6:15 p.m.5 views

CVE-2025-34323

Nagios Log Server versions prior to 2026R1.0.1 are vulnerable to local privilege escalation due to a combination of sudo misconfiguration and group-writable application directories. The 'www-data' user is a member of the 'nagios' group, which has write access to...

7.8CVSS5.9AI score
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/10/23 8:10 p.m.8 views

CVE-2025-57848 Container-native-virtualization: privilege escalation via excessive /etc/passwd permissions

A container privilege escalation flaw was found in certain Container-native Virtualization images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container,...

6.4CVSS6.9AI score0.00166EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/22 6:19 p.m.13 views

CVE-2025-58712 Amq: privilege escalation via excessive /etc/passwd permissions

A container privilege escalation flaw was found in certain AMQ Broker images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root...

6.4CVSS0.00188EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/10/22 12:0 a.m.5 views

Red Hat AMQ Broker 安全漏洞

Red Hat AMQ Broker is a pure Java multi-protocol message broker from Red Hat, Inc. It is built on an efficient asynchronous core with fast native logging for message persistence and unshared state replication options for high availability. A security vulnerability exists in Red Hat AMQ Broker tha...

6.4CVSS6.6AI score0.00188EPSS
Exploits0References3
CVE
CVE
added 2025/09/30 2:37 p.m.19 views

CVE-2025-57852

A CVE is reported for KServe ModelMesh container images: a build-time /etc/passwd file created with group-writable permissions allows a non-root container user, if they are in the root group, to modify /etc/passwd and add a user with any UID (including 0), enabling full container root access. Thi...

6.4CVSS7AI score0.00147EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/09/30 12:0 a.m.4 views

Kaseya KServer 安全漏洞

Kaseya KServer is a central server node for a management system from Kaseya Corporation, USA. A security vulnerability exists in Kaseya KServer that stems from a container image build that creates a /etc/passwd file with group writable permissions, which could lead to elevated privileges...

6.4CVSS6.4AI score0.00147EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2016-2854

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The aufs module for the Linux kernel 3.x and 4.x does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a...

7.8CVSS6.7AI score0.0095EPSS
Exploits3References2
OSV
OSV
added 2025/08/07 9:31 p.m.5 views

GHSA-856V-8QM2-9WJV operator-sdk: privilege escalation due to incorrect permissions of /etc/passwd

Early versions of Operator-SDK provided an insecure method to allow operator containers to run in environments that used a random UID. Operator-SDK before 0.15.2 provided a script, usersetup, which modifies the permissions of the /etc/passwd file to 664 during build time. Developers who used...

5.2CVSS6.5AI score0.0022EPSS
Exploits0References29
ATTACKERKB
ATTACKERKB
added 2025/08/07 7:5 p.m.4 views

CVE-2025-7195

Early versions of Operator-SDK provided an insecure method to allow operator containers to run in environments that used a random UID. Operator-SDK before 0.15.2 provided a script, usersetup, which modifies the permissions of the /etc/passwd file to 664 during build time. Developers who used...

6.4CVSS5.8AI score0.0022EPSS
Exploits0References28
SUSE CVE
SUSE CVE
added 2023/02/15 5:45 a.m.5 views

SUSE CVE-2012-3512

Munin before 2.0.6 stores plugin state files that run as root in the same group-writable directory as non-root plugins, which allows local users to execute arbitrary code by replacing a state file, as demonstrated using the smart plugin...

7.2CVSS7.5AI score0.0059EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:8 a.m.5 views

SUSE CVE-2016-1575

The overlayfs implementation in the Linux kernel through 4.5.2 does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory...

7.8CVSS8.6AI score0.00923EPSS
Exploits2References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:5 a.m.8 views

SUSE CVE-2016-2854

The aufs module for the Linux kernel 3.x and 4.x does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory...

7.8CVSS6.8AI score0.0095EPSS
Exploits3References3
Cvelist
Cvelist
added 2022/10/06 5:14 p.m.26 views

CVE-2022-31252 permissions: chkstat does not check for group-writable parent directories or target files in safeOpen()

A Incorrect Authorization vulnerability in chkstat of SUSE Linux Enterprise Server 12-SP5; openSUSE Leap 15.3, openSUSE Leap 15.4, openSUSE Leap Micro 5.2 did not consider group writable path components, allowing local attackers with access to a group what can write to a location included in the...

4.4CVSS4.7AI score0.00139EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/09/02 12:0 a.m.3 views

CVE-2022-31252

A Incorrect Authorization vulnerability in chkstat of SUSE Linux Enterprise Server 12-SP5; openSUSE Leap 15.3, openSUSE Leap 15.4, openSUSE Leap Micro 5.2 did not consider group writable path components, allowing local attackers with access to a group what can write to a location included in the...

4.4CVSS5.8AI score0.00139EPSS
Exploits0References3
Rows per page
Query Builder