Lucene search
K

554 matches found

CVE
CVE
added 2023/07/05 12:0 a.m.77 views

CVE-2023-27197

CVE-2023-27197 affects PAX A930 with PayDroid 7.1.1 Virgo V04.5.02 20220722. The flaw lets an attacker with shell access gain root by running a crafted binary that uses an exported function from a shared library. Affected component/root cause: exploited via a shared-library export; impact is root...

6.7CVSS6.6AI score0.00215EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/07/05 12:0 a.m.13 views

CVE-2023-27199

PAX Technology A930 PayDroid7.1.1VirgoV04.5.0220220722 allows attackers to compile a malicious shared library and use LDPRELOAD to bypass authorization checks...

6.9AI score0.00212EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/07/05 12:0 a.m.15 views

CVE-2023-27197

PAX A930 device with PayDroid7.1.1VirgoV04.5.0220220722 can allow an attacker to gain root access by running a crafted binary leveraging an exported function from a shared library. The attacker must have shell access to the device in order to exploit this vulnerability...

6.8AI score0.00215EPSS
Exploits0References2
NVD
NVD
added 2023/05/04 2:15 a.m.18 views

CVE-2022-47757

In imo.im 2022.11.1051, a path traversal vulnerability delivered via an unsanitized deeplink can force the application to write a file into the application's data directory. This may allow an attacker to save a shared library under a special directory which the app uses to dynamically load module...

9.8CVSS9.7AI score0.00956EPSS
Exploits0References1
Prion
Prion
added 2023/05/04 2:15 a.m.13 views

Path traversal

In imo.im 2022.11.1051, a path traversal vulnerability delivered via an unsanitized deeplink can force the application to write a file into the application's data directory. This may allow an attacker to save a shared library under a special directory which the app uses to dynamically load module...

7.5CVSS9.6AI score0.00956EPSS
Exploits0References1Affected Software1
0day.today
0day.today
added 2023/04/08 12:0 a.m.156 views

Google Chrome 109.0.5414.74 - Code Execution via missing lib file Vulnerability

Exploit Title: Google Chrome 109.0.5414.74 - Code Execution via missing lib file Ubuntu Product: Google Chrome Discovered by: Rafay Baloch and Muhammad Samak Version: 109.0.5414.74 Impact: Moderate Company: Cyber Citadel Website: https://www.cybercitadel.com Tested-on : Ubuntu 22.04.1 Description...

7.4AI score
Exploits0
CISA KEV Catalog
CISA KEV Catalog
added 2023/03/30 12:0 a.m.34 views

Samba Remote Code Execution Vulnerability

Samba contains a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share and then cause the server to load and execute it...

10CVSS9.7AI score0.99448EPSS
In wildExploits24
Packet Storm
Packet Storm
added 2023/03/27 12:0 a.m.188 views

Google Chrome 109.0.5414.74 Unsafe Library Load

Vulnerability: Google Chrome code execution via missing lib file Ubuntu Product: Google Chrome Discovered by: Rafay Baloch and Muhammad Samak Version: 109.0.5414.74 Impact: Moderate Company: Cyber Citadel Website: https://www.cybercitadel.com Tested-on : Ubuntu 22.04.1 Description Google chrome...

6.8AI score
Exploits0
Fedora
Fedora
added 2023/02/25 3:47 a.m.25 views

[SECURITY] Fedora 37 Update: plasma-thunderbolt-5.27.1-1.fc37

Plasma Sytem Settings module and a KDED module to handle authorization of Thunderbolt devices connected to the computer. There's also a shared library libkbolt that implements common interface between the modules and the system-wide bolt daemon, which does the actual hard work of talking to the...

1.9AI score
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 6:55 p.m.139 views

K13551136: Samba remote code execution vulnerability CVE-2017-7494

Security Advisory Description All versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it. CVE-2017-7494 Impact There is no impact; F5...

10CVSS9.1AI score0.99448EPSS
Exploits24
SUSE CVE
SUSE CVE
added 2023/02/15 5:57 a.m.7 views

SUSE CVE-2010-3369

The 1 mdb and 2 mdb-symbolreader scripts in mono-debugger 2.4.3, and other versions before 2.8.1, place a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

6.9CVSS6.8AI score0.00393EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:56 a.m.2 views

SUSE CVE-2010-3689

soffice in OpenOffice.org OOo 3.x before 3.3 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

6.9CVSS7.1AI score0.0065EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:56 a.m.2 views

SUSE CVE-2010-3996

festivalserver in Centre for Speech Technology Research CSTR Festival, probably 2.0.95-beta and earlier, places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

6.9CVSS7.1AI score0.00328EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2022/09/15 12:0 a.m.14 views

Fedora: Security Advisory for libapreq2 (FEDORA-2022-cf658a432f)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.6AI score0.04712EPSS
Exploits0References2
Fedora
Fedora
added 2022/09/13 1:31 a.m.35 views

[SECURITY] Fedora 35 Update: libapreq2-2.17-1.fc35

libapreq is a shared library with associated modules for manipulating client request data via the Apache API. Functionality includes parsing of application/x-www-form-urlencoded and multipart/form-data content, as well as HTTP cookies...

7.5CVSS2AI score0.04712EPSS
Exploits0
Fedora
Fedora
added 2022/09/12 5:59 p.m.36 views

[SECURITY] Fedora 37 Update: libapreq2-2.17-1.fc37

libapreq is a shared library with associated modules for manipulating client request data via the Apache API. Functionality includes parsing of application/x-www-form-urlencoded and multipart/form-data content, as well as HTTP cookies...

7.5CVSS2AI score0.04712EPSS
Exploits0
Kitploit
Kitploit
added 2022/07/02 12:53 a.m.25 views

Dlinject - Inject A Shared Library (I.E. Arbitrary Code) Into A Live Linux Process, Without Ptrace

Inject a shared library i.e. arbitrary code into a live linux process, without ptrace. Inspired by Cexigua and linux-inject, among other things. Usage .. . | /| | || || / | .. / | | | | |/ \ | |/ / \ \ \ | \ | |/|| /| |\ \ | /| // | / /| / / /|| / source:...

7.6AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/20 8:15 p.m.3 views

Malicious code in shared-library-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bc75dde7f09ece6b14dd7e91131013f1af31223f238d015382c497ea79107ccc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2022/06/20 8:15 p.m.5 views

MAL-2022-6079 Malicious code in shared-library-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bc75dde7f09ece6b14dd7e91131013f1af31223f238d015382c497ea79107ccc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Github Security Blog
Github Security Blog
added 2022/05/13 1:15 a.m.36 views

Jenkins Groovy Plugin sandbox bypass vulnerability

Jenkins Script Security sandbox protection could be circumvented during the script compilation phase by applying AST transforming annotations such as @Grab to source code elements. Both the pipeline validation REST APIs and actual script/pipeline execution are affected. This allowed users with...

8.8CVSS7.7AI score0.86224EPSS
Exploits9References11Affected Software3
Rows per page
Query Builder