Lucene search
K

300 matches found

GitLab Advisory Database
GitLab Advisory Database
added 2024/09/06 12:0 a.m.41 views

XXE vulnerability in XSLT transforms in `org.hl7.fhir.core`

XSLT transforms performed by various components are vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from the host system. This impacts use cases where org.hl7.fhir.core is being used to within a host where external...

8.6CVSS8.4AI score0.00975EPSS
Exploits0References7
GitLab Advisory Database
GitLab Advisory Database
added 2024/09/06 12:0 a.m.39 views

XXE vulnerability in XSLT transforms in `org.hl7.fhir.core`

XSLT transforms performed by various components are vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from the host system. This impacts use cases where org.hl7.fhir.core is being used to within a host where external...

8.6CVSS8.4AI score0.00975EPSS
Exploits0References7
OSV
OSV
added 2024/08/20 8:26 p.m.33 views

GO-2023-1555 Pterodactyl Wings contains UNIX Symbolic Link (Symlink) Following resulting in deletion of files and directories on the host system in github.com/pterodactyl/wings

Pterodactyl Wings contains UNIX Symbolic Link Symlink Following resulting in deletion of files and directories on the host system in github.com/pterodactyl/wings...

9.6CVSS8.4AI score0.00956EPSS
Exploits0References4
Redos
Redos
added 2024/05/22 12:0 a.m.26 views

ROS-20240522-01

A vulnerability in the CRI-O container mechanism is related to the injection of an arbitrary property via the Pod annotation. systemd. Exploitation of the vulnerability could allow an attacker acting remotely to perform an an arbitrary action on the host system...

7.2CVSS7.1AI score0.01418EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/05/09 2:16 p.m.5 views

cri-o: Arbitrary command injection via pod annotation

A flaw was found in cri-o, where an arbitrary systemd property can be injected via a Pod annotation. Any user who can create a pod with an arbitrary annotation may perform an arbitrary action on the host system...

7.2CVSS7.3AI score0.01418EPSS
Exploits0References7
NVD
NVD
added 2024/05/08 4:15 a.m.7 views

CVE-2024-22264

VMware Avi Load Balancer contains a privilege escalation vulnerability. A malicious actor with admin privileges on VMware Avi Load Balancer can create, modify, execute and delete files as a root user on the host system...

7.2CVSS7.3AI score0.00549EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/08 3:57 a.m.14 views

CVE-2024-22264 VMware Avi Load Balancer updates address multiple vulnerabilities

VMware Avi Load Balancer contains a privilege escalation vulnerability. A malicious actor with admin privileges on VMware Avi Load Balancer can create, modify, execute and delete files as a root user on the host system...

7.2CVSS7.5AI score0.00549EPSS
Exploits0References1
CVE
CVE
added 2024/05/03 1:55 a.m.80 views

CVE-2023-27326

CVE-2023-27326 is a local privilege escalation in Parallels Desktop where the Toolgate component fails to validate a user-supplied path, enabling directory traversal and arbitrary code execution as the current host user. Exploitation requires prior high-privilege code execution on the guest syste...

8.2CVSS8.3AI score0.0126EPSS
Exploits1References2Affected Software1
Github Security Blog
Github Security Blog
added 2024/04/30 9:39 a.m.38 views

CRI-O vulnerable to an arbitrary systemd property injection

Impact On CRI-O, it looks like an arbitrary systemd property can be injected via a Pod annotation: --- apiVersion: v1 kind: Pod metadata: name: poc-arbitrary-systemd-property-injection annotations: I believe that ExecStart with an arbitrary command works here too, but I haven't figured out how to...

7.2CVSS7.2AI score0.01418EPSS
Exploits0References7Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/04/30 12:0 a.m.29 views

SUSE SLES12 Security Update : docker (SUSE-SU-2024:1469-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1469-1 advisory. - CVE-2024-23651: Fixed arbitrary files write due to race condition on mounts bsc1219267 - CVE-2024-23652: Fixed insufficient...

10CVSS7.2AI score0.02983EPSS
Exploits0References11
Veracode
Veracode
added 2024/04/29 4:10 a.m.30 views

Arbitrary Systemd Property Injection

github.com/cri-o/cri-o is vulnerable to Arbitrary Systemd Property Injection. The vulnerability is due to improper filtering of systemd property within a Pod annotation, allowing an attacker with the ability to create a pod with arbitrary annotations to perform unauthorized actions on the host...

7.2CVSS6.9AI score0.01418EPSS
Exploits0References12Affected Software1
OSV
OSV
added 2024/04/26 6:30 a.m.33 views

GHSA-C5PJ-MQFH-RVC3 Withdrawn: Runc allows an arbitrary systemd property to be injected

Withdrawn Advisory This advisory has been withdrawn because it was incorrectly attributed to runc. Please see the issue here for more information. Original Description A flaw was found in cri-o, where an arbitrary systemd property can be injected via a Pod annotation. Any user who can create a po...

7.2CVSS6.9AI score0.01418EPSS
Exploits0References12
Github Security Blog
Github Security Blog
added 2024/04/26 6:30 a.m.21 views

Withdrawn: Runc allows an arbitrary systemd property to be injected

Withdrawn Advisory This advisory has been withdrawn because it was incorrectly attributed to runc. Please see the issue here for more information. Original Description A flaw was found in cri-o, where an arbitrary systemd property can be injected via a Pod annotation. Any user who can create a po...

7.2CVSS7.1AI score0.01418EPSS
Exploits0References12Affected Software1
NVD
NVD
added 2024/04/26 4:15 a.m.23 views

CVE-2024-3154

A flaw was found in cri-o, where an arbitrary systemd property can be injected via a Pod annotation. Any user who can create a pod with an arbitrary annotation may perform an arbitrary action on the host system...

7.2CVSS7.2AI score0.01418EPSS
Exploits0References9
CVE
CVE
added 2024/04/26 3:12 a.m.407 views

CVE-2024-3154

CVE-2024-3154 affects cri-o. A flaw lets an arbitrary systemd property be injected via pod annotations, enabling an attacker who can create a pod with a crafted annotation to perform an arbitrary action on the host. The record does not specify exact vulnerable versions or a fixed patch version. P...

7.2CVSS6.7AI score0.01418EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2024/04/23 11:35 a.m.44 views

CVE-2024-3154

A flaw was found in cri-o, where an arbitrary systemd property can be injected via a Pod annotation. Any user who can create a pod with an arbitrary annotation may perform an arbitrary action on the host system...

7.2CVSS6.7AI score0.01418EPSS
Exploits0References6
Veracode
Veracode
added 2024/04/12 12:31 p.m.18 views

Command Injection

github.com/go-skynet/localai is vulnerable to command injection. The vulnerability is due to the lack of sanitization of user-supplied filenames before passing them to ffmpeg via a shell command in the audioToWav function, allowing attackers to execute arbitrary commands on the host system...

9.8CVSS8.3AI score0.02879EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2024/04/10 6:30 p.m.11 views

GHSA-WX43-G55G-2JF4 LocalAI Command Injection in audioToWav

A command injection vulnerability exists in the TranscriptEndpoint of mudler/localai, specifically within the audioToWav function used for converting audio files to WAV format for transcription. The vulnerability arises due to the lack of sanitization of user-supplied filenames before passing the...

9.8CVSS9.8AI score0.02879EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/04/10 5:8 p.m.34 views

CVE-2024-2029 Command Injection in mudler/localai

A command injection vulnerability exists in the TranscriptEndpoint of mudler/localai, specifically within the audioToWav function used for converting audio files to WAV format for transcription. The vulnerability arises due to the lack of sanitization of user-supplied filenames before passing the...

9.8CVSS10AI score0.02879EPSS
Exploits1References2
OSV
OSV
added 2024/04/10 5:8 p.m.20 views

CVE-2024-2029 Command Injection in mudler/localai

A command injection vulnerability exists in the TranscriptEndpoint of mudler/localai, specifically within the audioToWav function used for converting audio files to WAV format for transcription. The vulnerability arises due to the lack of sanitization of user-supplied filenames before passing the...

9.8CVSS6.2AI score0.02879EPSS
Exploits1References4
Rows per page
Query Builder