Lucene search
K

95 matches found

Veracode
Veracode
added 2019/07/30 2:42 a.m.32 views

Arbitrary Code Injection

github.com/docker/docker-ce is vulnerable to arbitrary code injection. The vulnerability exists because the nsswitch facility can dynamically load a library inside a chroot...

9.8CVSS3.4AI score0.18828EPSS
Exploits3References9Affected Software2
NVD
NVD
added 2019/07/29 6:15 p.m.30 views

CVE-2019-14271

In Docker 19.03.x before 19.03.1 linked against the GNU C Library aka glibc, code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container...

9.8CVSS9.6AI score0.18828EPSS
Exploits3References6
OSV
OSV
added 2019/07/29 6:15 p.m.3 views

DEBIAN-CVE-2019-14271

In Docker 19.03.x before 19.03.1 linked against the GNU C Library aka glibc, code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container...

9.8CVSS8.4AI score0.18828EPSS
Exploits3References1
UbuntuCve
UbuntuCve
added 2019/07/29 6:15 p.m.44 views

CVE-2019-14271

In Docker 19.03.x before 19.03.1 linked against the GNU C Library aka glibc, code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container...

9.8CVSS7.2AI score0.18828EPSS
Exploits3References3
Cvelist
Cvelist
added 2019/07/29 5:5 p.m.45 views

CVE-2019-14271

In Docker 19.03.x before 19.03.1 linked against the GNU C Library aka glibc, code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container...

9.5AI score0.18828EPSS
Exploits3References6
CVE
CVE
added 2019/07/29 5:5 p.m.212 views

CVE-2019-14271

CVE-2019-14271 affects Docker 19.03.x (before 19.03.1) where, when glibc is linked, code injection can occur as the nsswitch facility dynamically loads a library inside a chroot containing the container contents. This is a container-escape risk with network-attack vector observed in the descripti...

9.8CVSS9.3AI score0.18828EPSS
Exploits3References6Affected Software1
AlpineLinux
AlpineLinux
added 2019/07/29 5:5 p.m.94 views

CVE-2019-14271

In Docker 19.03.x before 19.03.1 linked against the GNU C Library aka glibc, code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container...

9.8CVSS9.6AI score0.18828EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2017/05/01 12:0 a.m.35 views

EulerOS 2.0 SP1 : glibc (EulerOS-SA-2016-1073)

According to the version of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A stack overflow vulnerability was found in nssdnsgetnetbynamer.On systems with nsswitch configured to include 'networks: dns' with a privileged or...

7.5CVSS7.5AI score0.07629EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.29 views

openSUSE Security Update : samba (openSUSE-SU-2014:0405-1)

"Samba was updated to fix security issues and bugs : Security issues fixed : - Password lockout was not enforced for SAMR password changes, this allowed brute-force attacks on passwords. CVE-2013-4496; bnc849224. - The DCE-RPC fragment length field is incorrectly checked, which could expose samba...

8.3CVSS7.4AI score0.10642EPSS
Exploits1References16
RedHat Linux
RedHat Linux
added 2014/03/25 2:9 p.m.6 views

samba: pam_winbind fails open when non-existent group specified to require_membership_of

The winbindnamelisttosidstringlist function in nsswitch/pamwinbind.c in Samba through 4.1.2 handles invalid requiremembershipof group names by accepting authentication by any user, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances by...

3.6CVSS7.2AI score0.0379EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2013/03/05 12:0 a.m.31 views

Fedora Update for nss-pam-ldapd FEDORA-2013-2754

Check for the Version of nss-pam-ldapd OpenVAS Vulnerability Test Fedora Update for nss-pam-ldapd FEDORA-2013-2754 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

6.8CVSS6.4AI score0.03582EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2013/03/05 12:0 a.m.21 views

RedHat Update for nss-pam-ldapd RHSA-2013:0590-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

6.8CVSS6.5AI score0.03582EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2012/08/07 4:49 p.m.5 views

sudo: insecure temporary file use in RPM %postun script

A certain Red Hat script for sudo 1.7.2 on Red Hat Enterprise Linux RHEL 5 allows local users to overwrite arbitrary files via a symlink attack on the /var/tmp/nsswitch.conf.bak temporary file...

5.6CVSS5.9AI score0.00435EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2012/08/07 12:0 a.m.1 views

PT-2012-4713 · Red Hat +1 · Red Hat +1

Name of the Vulnerable Software and Affected Versions: Red Hat Enterprise Linux RHEL 5 with sudo version 1.7.2 Description: The issue allows local users to overwrite arbitrary files via a symlink attack on the /var/tmp/nsswitch.conf.bak temporary file. This is related to a certain Red Hat script...

5.6CVSS6.1AI score0.00435EPSS
Exploits1References6
Slackware Linux
Slackware Linux
added 2006/07/19 9:40 a.m.12 views

[slackware-security] Samba 2.0.23 repackaged

New Samba packages are available for Slackware 10.0, 10.1, 10.2, and -current. In Slackware 10.0, 10.1, and 10.2, Samba was evidently picking up the libdm.so.0 library causing a Samba package issued primarily as a security patch to suddenly require a library that would only be present on the...

7AI score
Exploits0
Rows per page
Query Builder