10 matches found
PT-2024-21277
Name of the Vulnerable Software and Affected Versions Apache Superset versions prior to 3.0.4 Apache Superset versions 3.1.0 through 3.1.0 Description A low privilege authenticated user could import an existing dashboard or chart that they do not have access to and then modify its metadata, there...
CVE-2023-41914
SchedMD Slurm 23.02.x before 23.02.6 and 22.05.x before 22.05.10 allows filesystem race conditions for gaining ownership of a file, overwriting a file, or deleting files...
DEBIAN-CVE-2023-41914
SchedMD Slurm 23.02.x before 23.02.6 and 22.05.x before 22.05.10 allows filesystem race conditions for gaining ownership of a file, overwriting a file, or deleting files...
UBUNTU-CVE-2023-41914
SchedMD Slurm 23.02.x before 23.02.6 and 22.05.x before 22.05.10 allows filesystem race conditions for gaining ownership of a file, overwriting a file, or deleting files...
SUSE CVE-2023-41914
SchedMD Slurm 23.02.x before 23.02.6 and 22.05.x before 22.05.10 allows filesystem race conditions for gaining ownership of a file, overwriting a file, or deleting files...
Aurora DAO Denial of Service Vulnerability
Aurora DAO AURA is a decentralized trading system for Ether ECR-20 tokens. A security vulnerability exists in the Owned smart contract implementation in AURA. An attacker could exploit the vulnerability to gain ownership of the contract, causing a denial of service...
Pivotal Spring Boot Elevation of Privilege Vulnerability
Pivotal Spring Boot is the U.S. Pivotal Software, Inc. of a new framework used to simplify the initial setup of new Spring applications as well as the development process. A security vulnerability exists in Pivotal Spring Boot versions 1.5.0 through 1.5.9 and 2.0.0.M1 through 2.0.0.M7. An attacke...
CVE-2018-6954
systemd-tmpfiles in systemd through 237 mishandles symlinks present in non-terminal path components, which allows local users to obtain ownership of arbitrary files via vectors involving creation of a directory and a file under that directory, and later replacing that directory with a symlink. Th...
CRIU Privilege Acquisition Vulnerability
CRIU Checkpoint/Restore In Userspace is a set of Linux userspace userspace on the implementation of the checkpoint/restore function of the software to freeze and restore the execution of tools. The tool supports freezing or partially freezing the execution of an application and saving its executi...
Path traversal
The service daemon in CRIU creates log and dump files insecurely, which allows local users to create arbitrary files and take ownership of existing files via unspecified vectors related to a directory path...