CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6334 matches found

NVD•added 2021/07/20 12:15 a.m.•16 views

CVE-2021-32773

Racket is a general-purpose programming language and an ecosystem for language-oriented programming. In versions prior to 8.2, code evaluated using the Racket sandbox could cause system modules to incorrectly use attacker-created modules instead of their intended dependencies. This could allow...

7.5CVSS0.00869EPSS

Exploits0References2

OSV•added 2021/07/20 12:15 a.m.•14 views

CVE-2021-32773

7.5CVSS7AI score

Exploits0References2

Prion•added 2021/07/20 12:15 a.m.•13 views

Design/Logic Flaw

5CVSS7.6AI score0.00869EPSS

Exploits0References2Affected Software1

OSV•added 2021/07/20 12:15 a.m.•1 views

UBUNTU-CVE-2021-32773

7.5CVSS6AI score0.00869EPSS

Exploits0References4

ArchLinux•added 2021/07/20 12:0 a.m.•127 views

[ASA-202107-39] racket: sandbox escape

Arch Linux Security Advisory ASA-202107-39 ========================================== Severity: Medium Date : 2021-07-20 CVE-ID : CVE-2021-32773 Package : racket Type : sandbox escape Remote : Yes Link : https://security.archlinux.org/AVG-2175 Summary ======= The package racket before version 8.2...

7.5CVSS2.5AI score0.00869EPSS

Exploits0References4

CVE•added 2021/07/19 11:55 p.m.•79 views

CVE-2021-32773

CVE-2021-32773 affects the Racket sandbox prior to version 8.2. In those versions, code evaluated in the sandbox could cause system modules to erroneously use attacker-created modules instead of their intended dependencies, allowing attackers to control system functions and access restricted faci...

7.5CVSS6.8AI score0.00869EPSS

Exploits0References2Affected Software1

Cvelist•added 2021/07/19 11:55 p.m.•21 views

CVE-2021-32773 Confused deputy attack in sandbox module resolution

6.1CVSS7.7AI score0.00869EPSS

Exploits0References2

Debian CVE•added 2021/07/19 11:55 p.m.•16 views

CVE-2021-32773

7.5CVSS7.6AI score0.00869EPSS

Exploits0

NVD•added 2021/07/19 9:15 p.m.•20 views

CVE-2021-32760

containerd is a container runtime. A bug was found in containerd versions prior to 1.4.8 and 1.5.4 where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host’s filesystem. Changes to file permissions can deny access t...

6.8CVSS0.01608EPSS

Exploits2References5

OSV•added 2021/07/19 9:15 p.m.•0 views

DEBIAN-CVE-2021-32760

6.3CVSS6AI score0.01608EPSS

Exploits2References1

OSV•added 2021/07/19 9:15 p.m.•26 views

CVE-2021-32760

6.3CVSS6.6AI score

Exploits0References5

OSV•added 2021/07/19 7:0 p.m.•1 views

UBUNTU-CVE-2021-32760

6.3CVSS6.3AI score0.01608EPSS

Exploits2References5

UbuntuCve•added 2021/07/19 12:0 p.m.•32 views

CVE-2021-32760

6.8CVSS6.2AI score0.01608EPSS

Exploits2References4

CNNVD•added 2021/07/19 12:0 a.m.•3 views

Racket 安全漏洞

Racket is an open source general-purpose programming language and an ecosystem for language-oriented programming.An access control error vulnerability exists in Racket versions prior to 8.2, which stems from the fact that code evaluated using the Racket sandbox may cause system modules to...

7.5CVSS5.7AI score0.00869EPSS

Exploits0References3

AlpineLinux•added 2021/07/19 12:0 a.m.•53 views

CVE-2021-32760

6.8CVSS6.2AI score0.01608EPSS

Exploits2

Positive Technologies•added 2021/07/19 12:0 a.m.•10 views

PT-2021-3856 · Unknown +6 · Kubernetes Containerd +5

Name of the Vulnerable Software and Affected Versions: containerd versions prior to 1.4.8 and 1.5.4 Description: The issue is related to a bug in containerd that allows pulling and extracting a specially-crafted container image to result in Unix file permission changes for existing files in the...

9.3CVSS6.2AI score0.9857EPSS

Exploits43References127

OSV•added 2021/07/16 9:15 p.m.•3 views

CVE-2021-3453

Some Lenovo Notebook, ThinkPad, and Lenovo Desktop systems have BIOS modules unprotected by Intel Boot Guard that could allow an attacker with physical access the ability to write to the SPI flash storage...

4.6CVSS5.8AI score0.00236EPSS

Exploits0References1

IBM Security Bulletins•added 2021/07/16 4:51 p.m.•18 views

Security Bulletin: IBM Security SOAR could allow a privileged user to import non-approved Python2 modules (CVE-2021-29780).

Summary It was possible for a privileged user to import non-approved Python2 modules to create a malicious script. Vulnerability Details CVEID: CVE-2021-29780 DESCRIPTION: IBM Resilient OnPrem could allow an authenticated user to perform actions that they should not have access to due to improper...

6.5CVSS1.3AI score0.00672EPSS

Exploits0

Microsoft CVE•added 2021/07/16 7:0 a.m.•4 views

kernel/module.c in the Linux kernel before 5.12.14 mishandles Signature Verification aka CID-0c18f29aae7c. Without CONFIG_MODULE_SIG verification that a kernel module is signed for loading via init_module does not occur for a module.sig_enforce=1 command-line argument.

...

7.8CVSS6.4AI score0.00246EPSS

Exploits0

Gitee•added 2021/07/15 12:2 p.m.•4 views

vulhub

This repository is an offensive tool for vulnerability research and exploitation, specifically targeting various web applications and services. It contains a collection of exploits and tools for identifying and exploiting vulnerabilities in software and systems. The primary vulnerability targeted...

7.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by