Lucene search
K

53 matches found

Cvelist
Cvelist
added 2022/06/30 4:50 p.m.19 views

CVE-2021-38941

IBM CloudPak for Multicloud Monitoring 2.0 and 2.3 has a few containers running in privileged mode which is vulnerable to host information leakage or destruction if unauthorized access to these containers could execute arbitrary commands. IBM X-Force ID: 211048...

5.3CVSS8AI score0.00854EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2022/06/29 2:5 p.m.36 views

Security Bulletin: IBM Cloud Pak for Multicloud Management Monitoring runs containers with excessive permissions (CVE-2021-38941)

Summary IBM CloudPak for Multicloud Monitoring had a few containers running in priviliged mode which is vulnerable to host information leakage or destruction if unauthorized access to these containers could execute arbitrary commands. Now only containers requiring this permissions are running in...

8.1CVSS2.6AI score0.00854EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/04/15 12:0 a.m.118 views

Citrix Hypervisor <= 8.2 LTSR DoS (CTX306565)

The version of Citrix Hypervisor formerly Citrix XenServer running on the remote host is missing a security hotfix. It is, therefore, affected by denial of service vulnerabilities. - A local attacker with the ability to execute privileged mode code in a guest machine can perform a denial of servi...

7.8CVSS6.8AI score0.08026EPSS
Exploits0References4
Hacker One
Hacker One
added 2018/09/19 3:54 a.m.21 views

Valve: code injection, steam chat client

The steam chat client allows oEmbed, apparently based on a whitelist. One of the whitelisted oEmbedis codepen. When a codepen is created, it can be sent as a link to another steam user, and the code inside the codepen will execute within the privileged Steam Chat context. You can send these codep...

8.1AI score
Exploits0
Veracode
Veracode
added 2017/04/27 8:9 a.m.20 views

Information Disclosure

github.com/lxc/lxd is vulnerable to information disclosure. This is because it does not correctly set the permissions when switching an unprivileged container into privileged mode. This allows local users to access world readable paths in the container directory...

5.5CVSS4.9AI score0.00346EPSS
Exploits0References2Affected Software1
Ubuntu
Ubuntu
added 2016/05/31 6:10 p.m.63 views

USN-2988-1: LXD vulnerabilities

Robie Basak discovered that LXD incorrectly set permissions when setting up a loop based ZFS pool. A local attacker could use this issue to copy and read the data of any LXD container. CVE-2016-1581 Robie Basak discovered that LXD incorrectly set permissions when switching an unprivileged contain...

5.5CVSS5.6AI score0.00346EPSS
Exploits0
OSV
OSV
added 2016/05/31 6:0 p.m.3 views

UBUNTU-CVE-2016-1582

LXD before 2.0.2 does not properly set permissions when switching an unprivileged container into privileged mode, which allows local users to access arbitrary world readable paths in the container directory via unspecified vectors...

5.5CVSS6.1AI score0.00346EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2015/08/28 12:0 a.m.6 views

The vulnerability of the libpthread library allows a hacker to execute arbitrary code in a privileged context or cause a service denial.

The vulnerability of the libpthread library in iOS and Mac OS X operating systems arises due to buffer overflows. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in a privileged context, or to cause a service failure by using a specially crafted application that...

9.3CVSS7.9AI score0.02774EPSS
Exploits0References5Affected Software2
Nmap
Nmap
added 2012/05/01 2:21 p.m.1110 views

ip-forwarding NSE Script

Detects whether the remote device has ip forwarding or "Internet connection sharing" enabled, by sending an ICMP echo request to a given target using the scanned host as default gateway. The given target can be a routed or a LAN host and needs to be able to respond to ICMP requests ping in order...

10CVSS9.2AI score0.99448EPSS
Exploits33
Nmap
Nmap
added 2012/01/24 7:54 p.m.216 views

broadcast-dhcp6-discover NSE Script

Sends a DHCPv6 request Solicit to the DHCPv6 multicast address, parses the response, then extracts and prints the address along with any options returned by the server. The script requires Nmap to be run in privileged mode as it binds the socket to a privileged port udp/546. See also:...

10CVSS0.99448EPSS
Exploits33
Nmap
Nmap
added 2012/01/10 6:22 p.m.226 views

broadcast-pppoe-discover NSE Script

Discovers PPPoE Point-to-Point Protocol over Ethernet servers using the PPPoE Discovery protocol PPPoED. PPPoE is an ethernet based protocol so the script has to know what ethernet interface to use for discovery. If no interface is specified, requests are sent out on all available interfaces. As...

10CVSS0.99448EPSS
Exploits33
Nmap
Nmap
added 2011/11/04 9:17 p.m.571 views

rlogin-brute NSE Script

Performs brute force password auditing against the classic UNIX rlogin remote login service. This script must be run in privileged mode on UNIX because it must bind to a low source port number. Script Arguments rlogin-brute.timeout socket timeout for connecting to rlogin default 10s passdb,...

10CVSS9.2AI score0.99448EPSS
Exploits33
myhack58
myhack58
added 2009/12/06 12:0 a.m.16 views

Cisco switch password-cracking-vulnerability warning-the black bar safety net

Use the console cable is connected toswitch, through HyperTerminal or Secure CRT connection to switch; 2. Press and hold down the switch on the front panel MODE button, plug in the switch power supply; 3. About 4 0 seconds after the release of the Mod 1. Use the console cable is connected...

0.7AI score
Exploits0
Rows per page
Query Builder