60 matches found
Rancher vulnerable to Privilege Escalation via manipulation of Secrets
Impact A vulnerability has been identified which enables Standard users or above to elevate their permissions to Administrator in the local cluster. The local cluster means the cluster where Rancher is installed. It is named local inside the list of clusters in the Rancher UI. Standard users coul...
Rancher Labs Rancher 安全漏洞
Rancher Labs Rancher is an open source enterprise container management platform from Rancher Labs, Inc. in the United States. A security vulnerability exists in Rancher Labs Rancher versions 2.6.0 through 2.6.13 and 2.7.0 through 2.7.4, which stems from improper privilege management in SUSE Ranch...
PT-2023-3760 · Suse · Suse Rancher
Name of the Vulnerable Software and Affected Versions: SUSE Rancher versions 2.6.0 through 2.6.12 SUSE Rancher versions 2.7.0 through 2.7.3 Description: The issue is related to improper privilege management in SUSE Rancher, allowing standard users to manipulate Kubernetes secrets in the local...
Builder XtremeRAT 3.7 MVID-2022-0623 Insecure Permissions
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/7f314e798c150aedd9ce41ed39318f65.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Builder XtremeRAT v3.7 Vulnerability: Insecure Permissions Description: The malware builds...
Trojan-Banker.Win32.Banker.agzg MVID-2022-0608 Insecure Permissions
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/ef1e59148c9a902ae5454760aaab73fe.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Banker.Win32.Banker.agzg Vulnerability: Insecure Permissions Description: The malwa...
Trojan-Downloader.Win32.Agent Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/fb3ac3c9d808de7f4b5ede68715f658f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Downloader.Win32.Agent Vulnerability: Insecure Permissions Description: The malware writes a ...
Backdoor.Win32.Bifrose.uw Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/9e4f942c60044feef0fb48538ffac383.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Bifrose.uw Vulnerability: Insecure Permissions Description: The malware writes a ".EX...
CosaNostra Builder Insecure Permissions Vulnerability
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/61285c988de52b7c067fb2e703f2ab83.txt Contact: email protected Media: twitter.com/malvuln Threat: CosaNostra Builder Vulnerability: Insecure Permissions Description: The malware creates PE files with...
Ransomware Builder Babuk Insecure Permissions Vulnerability
Ransomware Builder Babuk malware suffers from an insecure permissions vulnerability. Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/5dfa998f62612e10d5d28d26948dd50f.txt Contact: email protected Media: twitter.com/malvuln Threat: Ransomware Builder...
Backdoor.Win32.Mechbot.a Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/8c9e7906d0ad5d0f2267be0057f2a8e3.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Mechbot.a Vulnerability: Insecure Permissions Description: The malware creates a dir...
Backdoor.Win32.Vernet.axt Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/f529d60abbdafccce3dc5e5ffd6cdfa6.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Vernet.axt Vulnerability: Insecure Permissions Description: The malware writes an .EX...
Email-Worm.Win32.Deltad Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/33f1dc8cf5987751ac0f063601f1c324.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Email-Worm.Win32.Deltad Vulnerability: Insecure Permissions Description: The malware writes an .EXE...
Backdoor.Win32.VB.afu Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/c6ba7fcb9eb9bdd7e081e2e84e784dcb.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.VB.afu Vulnerability: Insecure Permissions Description: The malware writes an .EXE wi...
Trojan.Win32.Phires.zm Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/34fb086a88f3a2506b61a17cced3b476.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Phires.zm Vulnerability: Insecure Permissions Description: The malware creates an dir...
Trojan-Spy.Win32.Ardamax.ocx Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/78a39875a0adb110cf3c7de3a0d1384c.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Spy.Win32.Ardamax.ocx Vulnerability: Insecure Permissions Description: The malware creates an...
Virus.Win32.Renamer.a Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/001fc372acc853aa1cf92588a43a7deb.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Virus.Win32.Renamer.a Vulnerability: Insecure Permissions Description: The malware creates an dir wi...
Improper access control
Broken access control for user creation in Pydio Cells 2.2.9 allows remote anonymous users to create standard users via the profile parameter. In addition, such users can be granted several admin permissions via the Roles parameter...
CVE-2021-41325
CVE-2021-41325 affects Pydio Cells 2.2.9. It has broken access control allowing remote anonymous users to create standard accounts via the profile parameter, and can grant admin permissions via the Roles parameter. This enables unauthorized account creation and potential privilege elevation. Reme...
Backdoor.Win32.Nyara.aq Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/dec17541412bbc744b9f458862349e34.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Nyara.aq Vulnerability: Insecure Permissions Description: The malware creates a dir...
CVE-2021-37366
CTparental before 4.45.03 is vulnerable to cross-site request forgery CSRF in the CTparental admin panel. By combining CSRF with XSS, an attacker can trick the administrator into clicking a link that cancels the filtering for all standard users...