Lucene search
+L

246 matches found

OSV
OSV
added 2021/05/04 1:30 p.m.4 views

UBUNTU-CVE-2020-28014

Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. The -oP option is available to the exim user, and allows a denial of service because root-owned files can be overwritten...

6.1CVSS7AI score0.0094EPSS
Exploits1References4
OSV
OSV
added 2021/05/04 1:30 p.m.5 views

UBUNTU-CVE-2021-27216

Exim 4 before 4.94.2 has Execution with Unnecessary Privileges. By leveraging a deletepidfile race condition, a local user can delete arbitrary files as root. This involves the -oP and -oPX options...

6.3CVSS7.2AI score0.00976EPSS
Exploits4References4
CNNVD
CNNVD
added 2021/05/04 12:0 a.m.7 views

Exim 权限许可和访问控制问题漏洞

Exim was developed at Cambridge University as a Message Transfer Agent MTA for Unix systems connected to the Internet. Exim suffers from an arbitrary file deletion vulnerability that can be exploited by a local attacker to delete arbitrary files as root via the deletepidfile contention condition...

7.8CVSS5.8AI score0.00976EPSS
Exploits4References7
OpenVAS
OpenVAS
added 2021/03/10 12:0 a.m.10 views

SYS.1.3.A5

Wenn zu installierende Software aus Quellcode kompiliert werden soll, DARF diese NUR unter einem unprivilegierten Benutzeraccount entpackt, konfiguriert und uebersetzt werden. Anschliessend DARF diezu installierende Software NICHT unkontrolliert in das Wurzeldateisystem des Servers installiert...

7.3AI score
Exploits0References1
Fedora
Fedora
added 2021/02/26 1:9 a.m.67 views

[SECURITY] Fedora 33 Update: buildah-1.19.6-2.fc33

The buildah package provides a command line tool which can be used to create a working container from scratch or create a working container from an image as a starting point mount/umount a working container's root file system for manipulation save container's root file system layer to create a ne...

7.2CVSS1.3AI score0.01525EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2021/01/27 4:15 p.m.32 views

CVE-2021-25311

condorcredd in HTCondor before 8.9.11 allows Directory Traversal outside the SECCREDENTIALDIRECTORYOAUTH directory, as demonstrated by creating a file under /etc that will later be executed by root...

9.9CVSS7.2AI score0.03164EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/01/20 12:0 a.m.7 views

Cisco SD-WAN products 缓冲区错误漏洞

The Cisco SD-WAN vEdge is a router from Cisco, Inc. that provides basic WAN and security and multi-cloud capabilities for Cisco SD-WAN solutions. This device provides basic WAN, security, and multi-cloud capabilities for Cisco SD-WAN solutions.Cisco SD-WAN vManage is software from Cisco that...

8.6CVSS7.2AI score0.01656EPSS
Exploits0References5
Cvelist
Cvelist
added 2020/12/23 3:12 p.m.39 views

CVE-2020-29552

An issue was discovered in URVE Build 24.03.2020. By using the internal/pc/vpro.php?mac=0&ip=0&operation=0&usr=0&pass=0%3bpowershell+-c+" substring, it is possible to execute a Powershell command and redirect its output to a file under the web root...

9.6AI score0.04818EPSS
Exploits2References4
OSV
OSV
added 2020/11/17 2:15 a.m.5 views

CVE-2020-15349

BinaryNights ForkLift 3.x before 3.4 has a local privilege escalation vulnerability because the privileged helper tool implements an XPC interface that allows file operations to any process copy, move, delete as root and changing permissions...

7.8CVSS5.8AI score0.00743EPSS
Exploits1References2
CNNVD
CNNVD
added 2020/11/16 12:0 a.m.6 views

Binarynights Forklift Security Breach

Binarynights Forklift is a file resource management software from the American company Binarynights. The software references the FINDER file manager and directly manages FTP/SFTP/WebDAV, Amazon S3, iDisk, BLUETOOH and other resources. A security vulnerability exists in BinaryNights ForkLift 3.x...

7.8CVSS7.1AI score0.00743EPSS
Exploits1References3
OSV
OSV
added 2020/09/24 12:0 a.m.44 views

UBUNTU-CVE-2020-15703

There is no input validation on the Locale property in an apt transaction. An unprivileged user can supply a full path to a writable directory, which lets aptd read a file as root. Having a symlink in place results in an error message if the file exists, and no error otherwise. This way an...

4CVSS5.8AI score0.0048EPSS
Exploits1References4
OSV
OSV
added 2020/08/04 5:0 p.m.3 views

UBUNTU-CVE-2020-15704

The modprobe child process in the ./debian/patches/loadpppgenericifneeded patch file incorrectly handled module loading. A local non-root attacker could exploit the MODPROBEOPTIONS environment variable to read arbitrary root files. Fixed in 2.4.5-5ubuntu1.4, 2.4.5-5.1ubuntu2.3+esm2,...

5.5CVSS6.1AI score0.00364EPSS
Exploits0References4
CNVD
CNVD
added 2020/04/29 12:0 a.m.3 views

NETGEAR DGN2200 Operating System Command Injection Vulnerability

The NETGEAR DGN2200 is a wireless router from NETGEAR. A security vulnerability exists in the NETGEAR DGN2200v4 version prior to 2017-01-06. An attacker can exploit the vulnerability with specially crafted commands to install a backdoor in the router, modify Internet traffic and access files in t...

9CVSS7AI score0.02342EPSS
Exploits0References1
OSV
OSV
added 2020/02/07 3:15 p.m.7 views

CVE-2019-16155

A privilege escalation vulnerability in FortiClient for Linux 6.2.1 and below may allow a user with low privilege to overwrite system files as root with arbitrary content through system backup file via specially crafted "BackupConfig" type IPC client requests to the fctsched process. Further more...

7.1CVSS5.9AI score0.00443EPSS
Exploits1References2
CNVD
CNVD
added 2019/11/28 12:0 a.m.5 views

F5 Unspecified Vulnerability in BIG-IP APM Clients

F5 BIG-IP APM and F5 BIG-IP APM Clients are both products of F5 Corporation of the U.S.A. F5 BIG-IP APM is an access and security solution. It provides unified access to business-critical applications and networks.F5 BIG-IP APM Clients is a suite of APM client software. A security vulnerability...

5.5CVSS6.8AI score0.00287EPSS
Exploits0References1
OSV
OSV
added 2019/11/27 10:15 p.m.8 views

CVE-2019-6668

The BIG-IP APM Edge Client for macOS bundled with BIG-IP APM 15.0.0-15.0.1, 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.1.0-13.1.1.5, 12.1.0-12.1.5, and 11.5.1-11.6.5 may allow unprivileged users to access files owned by root...

5.5CVSS6.1AI score0.00287EPSS
Exploits0References1
OSV
OSV
added 2019/10/29 3:27 p.m.3 views

OPENSUSE-SU-2019:2408-1 Security update for nfs-utils

This update for nfs-utils fixes the following issues: - CVE-2019-3689: Fixed root-owned files stored in insecure /var/lib/nfs. bsc1150733 This update was imported from the SUSE:SLE-15:Update update project...

10CVSS9.4AI score0.01518EPSS
Exploits0References3
OSV
OSV
added 2019/08/23 5:15 p.m.7 views

CVE-2019-13013

Little Snitch versions 4.3.0 to 4.3.2 have a local privilege escalation vulnerability in their privileged helper tool. The privileged helper tool implements an XPC interface which is available to any process and allows directory listings and copying files as root...

5.5CVSS6.1AI score0.00303EPSS
Exploits0References1
OSV
OSV
added 2019/08/01 1:15 p.m.7 views

CVE-2018-20882

cPanel before 74.0.8 allows arbitrary file-write operations in the context of the root account during WHM Force Password Change SEC-447...

6.8CVSS5.9AI score0.00379EPSS
Exploits0References2
Fedora
Fedora
added 2019/07/18 8:33 p.m.21 views

[SECURITY] Fedora 29 Update: virt-bootstrap-1.1.1-1.fc29

Provides a way to create the root file system to use for libvirt containers...

7.8CVSS3.3AI score0.00568EPSS
Exploits1
Rows per page
Query Builder