56 matches found
Privilege Chaining
Overview Affected versions of this package are vulnerable to Privilege Chaining via the project secret validation process. An attacker can escalate privileges and potentially gain control over seed clusters by bypassing the intended security restrictions. Remediation Upgrade...
Privilege Chaining
Overview Affected versions of this package are vulnerable to Privilege Chaining via the project secret validation process. An attacker can escalate privileges and potentially gain control over seed clusters by bypassing the intended security restrictions. Remediation Upgrade...
Privilege Chaining
Overview Affected versions of this package are vulnerable to Privilege Chaining via the project secret validation process. An attacker can escalate privileges and potentially gain control over seed clusters by bypassing the intended security restrictions. Remediation Upgrade...
Privilege Chaining
Overview Affected versions of this package are vulnerable to Privilege Chaining via the project secret validation process. An attacker can escalate privileges and potentially gain control over seed clusters by bypassing the intended security restrictions. Remediation Upgrade...
Privilege Chaining
Overview Affected versions of this package are vulnerable to Privilege Chaining via the handling of DNS secrets. An attacker can escalate privileges by supplying malicious Google credentials. Note: Upgrading to 1.23.6 will fix the vulnerability in most cases, but not when the extension...
CVE-2025-2903
CVE-2025-2903 concerns Google Cloud Platform OS Login, where an attacker who can create user accounts during VM deployment can SSH into a VM and gain command-line control of the OS. The consolidated evidence across Red Hat, NVD, and related feeds states that exploitation leads to access to data o...
CVE-2025-2903 Privilege Chaining in Delphix
An attacker with knowledge of creating user accounts during VM deployment on Google Cloud Platform GCP using the OS Login feature, can login via SSH gaining command-line control of the operating system. This allows an attacker to gain access to sensitive data stored on the VM, install malicious...
CVE-2025-2903 Privilege Chaining in Delphix
An attacker with knowledge of creating user accounts during VM deployment on Google Cloud Platform GCP using the OS Login feature, can login via SSH gaining command-line control of the operating system. This allows an attacker to gain access to sensitive data stored on the VM, install malicious...
Privilege Chaining
Overview Affected versions of this package are vulnerable to Privilege Chaining through the spec.template.container configuration in the EventSource and Sensor custom resources. An attacker can gain privileged access to the host system and cluster by injecting commands into a container template...
Privilege Chaining
Overview Affected versions of this package are vulnerable to Privilege Chaining through the spec.template.container configuration in the EventSource and Sensor custom resources. An attacker can gain privileged access to the host system and cluster by injecting commands into a container template...
Privilege Chaining
Overview Affected versions of this package are vulnerable to Privilege Chaining through the spec.template.container configuration in the EventSource and Sensor custom resources. An attacker can gain privileged access to the host system and cluster by injecting commands into a container template...
CVE-2024-47045
Privilege chaining issue exists in the installer of e-Tax softwarecommon program. If this vulnerability is exploited, a malicious DLL prepared by an attacker may be executed with higher privileges than the application privilege...
PT-2024-32370 · E-Tax · E-Tax
Name of the Vulnerable Software and Affected Versions: e-Tax software affected versions not specified Description: A privilege chaining issue exists in the installer of the e-Tax software, allowing a malicious DLL prepared by an attacker to be executed with higher privileges than the application...
CVE-2023-5839
Privilege Chaining in GitHub repository hestiacp/hestiacp prior to 1.8.9...
CVE-2023-5839 Privilege Chaining in hestiacp/hestiacp
Privilege Chaining in GitHub repository hestiacp/hestiacp prior to 1.8.9...
CVE-2023-5839
CVE-2023-5839 affects hestiacp/hestiacp prior to 1.8.9. Connected sources describe a local privilege escalation (privilege chaining) vulnerability exposed by PHP-FPM configuration: an attacker can leverage separate fpm listeners (admin vs www-data), access the admin Unix socket, and execute comma...
CVE-2023-5839 Privilege Chaining in hestiacp/hestiacp
Privilege Chaining in GitHub repository hestiacp/hestiacp prior to 1.8.9...
CVE-2023-5839 Privilege Chaining in hestiacp/hestiacp
Privilege Chaining in GitHub repository hestiacp/hestiacp prior to 1.8.9...
PT-2023-32371 · Hestiacp · Hestiacp
Name of the Vulnerable Software and Affected Versions: hestiacp/hestiacp versions prior to 1.8.9 Description: The issue concerns a privilege chaining problem. Recommendations: For versions prior to 1.8.9, update to version 1.8.9 or later to resolve the issue...
GHSA-86RF-38V8-9C4X privilege chaining in cockpit-hq/cockpit
Privilege Chaining in GitHub repository cockpit-hq/cockpit prior to 2.3.8...