4211 matches found
CVE-2021-44731
A race condition existed in the snapd 2.54.2 snap-confine binary when preparing a private mount namespace for a snap. This could allow a local attacker to gain root privileges by bind-mounting their own contents inside the snap's private mount namespace and causing snap-confine to execute arbitra...
CVE-2021-44731
A race condition existed in the snapd 2.54.2 snap-confine binary when preparing a private mount namespace for a snap. This could allow a local attacker to gain root privileges by bind-mounting their own contents inside the snap's private mount namespace and causing snap-confine to execute arbitra...
UBUNTU-CVE-2021-44731
A race condition existed in the snapd 2.54.2 snap-confine binary when preparing a private mount namespace for a snap. This could allow a local attacker to gain root privileges by bind-mounting their own contents inside the snap's private mount namespace and causing snap-confine to execute arbitra...
Privilege Escalation
libexpat.so is vulnerable to privilege escalation. The vulnerability exists in the namespace-separator Character Handler in the xmlparse.c allowing an unauthorized user to access the system account...
PT-2022-1909 · Canonical +3 · Snapd +4
Name of the Vulnerable Software and Affected Versions: snapd versions 2.54.2 Description: The issue is related to a race condition in the snap-confine binary of the snapd utility, which can be exploited to gain root privileges by executing arbitrary code. This can be achieved by a local attacker...
Snapd 竞争条件问题漏洞
Snapd is an open source, cross-platform package management tool. snapd is vulnerable to a contention issue, which can be exploited by local attackers to gain root privileges and execute arbitrary code to gain privilege escalation by binding to mount their own content in snap's private mount...
CVE-2021-3557
A flaw was found in argocd. Any unprivileged user is able to deploy argocd in their namespace and with the created ServiceAccount argocd-argocd-server, the unprivileged user is able to read all resources of the cluster including all secrets which might enable privilege escalations. The highest...
CVE-2022-25236
xmlparse.c in Expat aka libexpat before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs...
DEBIAN-CVE-2022-25236
xmlparse.c in Expat aka libexpat before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs...
AZL-8604 CVE-2022-25236 affecting package expat for versions less than 2.4.8-1
xmlparse.c in Expat aka libexpat before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs...
CVE-2022-25236
xmlparse.c in Expat aka libexpat before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs...
ALPINE-CVE-2022-25236
xmlparse.c in Expat aka libexpat before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs...
Design/Logic Flaw
xmlparse.c in Expat aka libexpat before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs...
CVE-2022-25236
xmlparse.c in Expat aka libexpat before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs...
CVE-2022-25236
xmlparse.c in Expat aka libexpat before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs...
CVE-2022-25236
xmlparse.c in Expat aka libexpat before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs...
EUVD-2022-29934
xmlparse.c in Expat aka libexpat before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs...
CVE-2022-25236
xmlparse.c in Expat aka libexpat before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs...
PT-2022-10470 · Argo Cd · Argo Cd
Name of the Vulnerable Software and Affected Versions: argocd affected versions not specified Description: A flaw was found in argocd, allowing any unprivileged user to deploy argocd in their namespace. With the created ServiceAccount argocd-argocd-server, the unprivileged user can read all...
Expat 输入验证错误漏洞
Expat is a fast streaming XML parser written in C. A security vulnerability existed prior to Expat 2.4.5, which could be exploited by attackers to insert namespace separators into namespace URIs...