Lucene search
K

79 matches found

OSV
OSV
added 2025/04/15 7:57 p.m.21 views

CVE-2025-32438 Local privilege escalation in make-initrd-ng

make-initrd-ng is a tool for copying binaries and their dependencies. Local privilege escalation affecting all NixOS users. With systemd.shutdownRamfs.enable enabled the default a local user is able to create a program that will be executed by root during shutdown. Patches exist for NixOS 24.11 a...

8.8CVSS7.8AI score0.00162EPSS
Exploits0References5
CVE
CVE
added 2025/04/15 7:57 p.m.56 views

CVE-2025-32438

CVE-2025-32438 affects make-initrd-ng used on NixOS. A local user can escalate privileges by exploiting shutdown behavior when systemd.shutdownRamfs.enable is on (default). A program created by a low-privilege user can be executed by root during system shutdown, enabling total impact on confident...

8.8CVSS8.8AI score0.00162EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/04/15 12:0 a.m.5 views

PT-2025-16395 · Nixos · Nixos

Name of the Vulnerable Software and Affected Versions: NixOS versions prior to 24.11 and 25.05 Description: The issue is a local privilege escalation affecting all NixOS users, where a local user can create a program to be executed by root during shutdown when systemd.shutdownRamfs.enable is...

8.8CVSS6.4AI score0.00162EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2025/02/05 12:43 p.m.13 views

CVE-2024-43378

calamares-nixos-extensions provides Calamares branding and modules for NixOS, a distribution of GNU/Linux. Users who installed NixOS through the graphical installer who used manual disk partitioning to create a setup where the system was booted via legacy BIOS rather than UEFI; some disk partitio...

7.9CVSS6.4AI score0.00263EPSS
Exploits1References1
NVD
NVD
added 2024/08/27 9:15 p.m.41 views

CVE-2024-45049

Hydra is a Continuous Integration service for Nix based projects. It is possible to trigger evaluations in Hydra without any authentication. Depending on the size of evaluations, this can impact the availability of systems. The problem can be fixed by applying...

7.5CVSS0.00619EPSS
Exploits0References4
NVD
NVD
added 2024/08/16 2:15 a.m.38 views

CVE-2024-43378

calamares-nixos-extensions provides Calamares branding and modules for NixOS, a distribution of GNU/Linux. Users who installed NixOS through the graphical installer who used manual disk partitioning to create a setup where the system was booted via legacy BIOS rather than UEFI; some disk partitio...

7.8CVSS0.00131EPSS
Exploits0References5
OSV
OSV
added 2024/08/15 11:53 p.m.4 views

CVE-2024-43378 calamares-nixos-extensions LUKS keyfile exposure regression on legacy BIOS systems

calamares-nixos-extensions provides Calamares branding and modules for NixOS, a distribution of GNU/Linux. Users who installed NixOS through the graphical installer who used manual disk partitioning to create a setup where the system was booted via legacy BIOS rather than UEFI; some disk partitio...

7.8CVSS6.6AI score0.00131EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2024/08/15 11:53 p.m.14 views

CVE-2024-43378 calamares-nixos-extensions LUKS keyfile exposure regression on legacy BIOS systems

calamares-nixos-extensions provides Calamares branding and modules for NixOS, a distribution of GNU/Linux. Users who installed NixOS through the graphical installer who used manual disk partitioning to create a setup where the system was booted via legacy BIOS rather than UEFI; some disk partitio...

7.8CVSS6.8AI score0.00131EPSS
Exploits0References5
CVE
CVE
added 2024/08/15 11:53 p.m.47 views

CVE-2024-43378

CVE-2024-43378 concerns calamares-nixos-extensions prior to version 0.3.17, where the installer’s legacy BIOS flow could leave the LUKS keyfile in plaintext in /crypto_keyfile.bin or in a CPIO archive attached to the NixOS initrd for partitions containing / or /boot. Red Hat and CVE records summa...

7.8CVSS7.3AI score0.00131EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/08/15 11:53 p.m.30 views

CVE-2024-43378 calamares-nixos-extensions LUKS keyfile exposure regression on legacy BIOS systems

calamares-nixos-extensions provides Calamares branding and modules for NixOS, a distribution of GNU/Linux. Users who installed NixOS through the graphical installer who used manual disk partitioning to create a setup where the system was booted via legacy BIOS rather than UEFI; some disk partitio...

7.8CVSS0.00131EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/08/15 12:0 a.m.10 views

PT-2024-30540 · Unknown · Calamares-Nixos-Extensions

Name of the Vulnerable Software and Affected Versions: calamares-nixos-extensions versions prior to 0.3.17 Description: The issue affects users who installed NixOS through the graphical installer using manual disk partitioning, where the system boots via legacy BIOS, some disk partitions are...

7.8CVSS6.9AI score0.00131EPSS
Exploits0References11
NVD
NVD
added 2024/04/22 11:15 p.m.21 views

CVE-2024-32657

Hydra is a Continuous Integration service for Nix based projects. Attackers can execute arbitrary code in the browser context of Hydra and execute authenticated HTTP requests. The abused feature allows Nix builds to specify files that Hydra serves to clients. One use of this functionality is...

5.4CVSS5.1AI score0.00463EPSS
Exploits0References4
OSV
OSV
added 2024/04/22 10:24 p.m.25 views

CVE-2024-32657 Hydra has persistent XSS vulnerability serving HTML build outputs

Hydra is a Continuous Integration service for Nix based projects. Attackers can execute arbitrary code in the browser context of Hydra and execute authenticated HTTP requests. The abused feature allows Nix builds to specify files that Hydra serves to clients. One use of this functionality is...

4.6CVSS7.8AI score0.00463EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2024/04/22 10:24 p.m.13 views

CVE-2024-32657 Hydra has persistent XSS vulnerability serving HTML build outputs

Hydra is a Continuous Integration service for Nix based projects. Attackers can execute arbitrary code in the browser context of Hydra and execute authenticated HTTP requests. The abused feature allows Nix builds to specify files that Hydra serves to clients. One use of this functionality is...

4.6CVSS7.3AI score0.00463EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/04/22 10:24 p.m.17 views

CVE-2024-32657 Hydra has persistent XSS vulnerability serving HTML build outputs

Hydra is a Continuous Integration service for Nix based projects. Attackers can execute arbitrary code in the browser context of Hydra and execute authenticated HTTP requests. The abused feature allows Nix builds to specify files that Hydra serves to clients. One use of this functionality is...

4.6CVSS5.4AI score0.00463EPSS
Exploits0References4
CVE
CVE
added 2024/04/22 10:24 p.m.106 views

CVE-2024-32657

CVE-2024-32657 affects Hydra, the CI service for Nix-based projects. The vulnerability arises from a feature that lets Nix builds specify files served to clients, with HTML build artifacts being exploitable in the browser context and capable of triggering arbitrary code execution when viewed. Imp...

5.4CVSS7AI score0.00463EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2024/04/22 12:0 a.m.4 views

NixOS Hydra 安全漏洞

NixOS Hydra is a continuous integration service based on the Nix project. A security vulnerability exists in NixOS Hydra 8b4857959357862d3e25c9783c85c6fdf129741c and prior versions, which stems from the presence of a cross-site scripting XSS vulnerability. The vulnerability can be exploited by an...

5.4CVSS6.4AI score0.00463EPSS
Exploits0References5
NVD
NVD
added 2023/06/29 1:15 a.m.44 views

CVE-2023-36476

calamares-nixos-extensions provides Calamares branding and modules for NixOS, a distribution of GNU/Linux. Users of calamares-nixos-extensions version 0.3.12 and prior who installed NixOS through the graphical calamares installer, with an unencrypted /boot, on either non-UEFI systems or with a LU...

7.9CVSS7.8AI score0.00263EPSS
Exploits1References3
Prion
Prion
added 2023/06/29 1:15 a.m.18 views

Code injection

calamares-nixos-extensions provides Calamares branding and modules for NixOS, a distribution of GNU/Linux. Users of calamares-nixos-extensions version 0.3.12 and prior who installed NixOS through the graphical calamares installer, with an unencrypted /boot, on either non-UEFI systems or with a LU...

1.7CVSS5.5AI score0.00263EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2023/06/29 12:18 a.m.22 views

CVE-2023-36476 `calamares-nixos-extensions` LUKS keyfile exposure

calamares-nixos-extensions provides Calamares branding and modules for NixOS, a distribution of GNU/Linux. Users of calamares-nixos-extensions version 0.3.12 and prior who installed NixOS through the graphical calamares installer, with an unencrypted /boot, on either non-UEFI systems or with a LU...

7.9CVSS5.4AI score0.00263EPSS
Exploits1References5
Rows per page
Query Builder