Lucene search
K

60 matches found

github
github
added 2023/06/06 2:0 a.m.50 views

Rancher vulnerable to Privilege Escalation via manipulation of Secrets

Impact A vulnerability has been identified which enables Standard users or above to elevate their permissions to Administrator in the local cluster. The local cluster means the cluster where Rancher is installed. It is named local inside the list of clusters in the Rancher UI. Standard users coul...

9.9CVSS6.7AI score0.00715EPSS
Exploits0References6Affected Software1
cnnvd
cnnvd
added 2023/06/01 12:0 a.m.17 views

Rancher Labs Rancher 安全漏洞

Rancher Labs Rancher is an open source enterprise container management platform from Rancher Labs, Inc. in the United States. A security vulnerability exists in Rancher Labs Rancher versions 2.6.0 through 2.6.13 and 2.7.0 through 2.7.4, which stems from improper privilege management in SUSE Ranch...

9.9CVSS8.1AI score0.00715EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2023/04/17 12:0 a.m.11 views

PT-2023-3760 · Suse · Suse Rancher

Name of the Vulnerable Software and Affected Versions: SUSE Rancher versions 2.6.0 through 2.6.12 SUSE Rancher versions 2.7.0 through 2.7.3 Description: The issue is related to improper privilege management in SUSE Rancher, allowing standard users to manipulate Kubernetes secrets in the local...

9.9CVSS7AI score0.00715EPSS
Exploits0References13
packetstorm
packetstorm
added 2022/07/18 12:0 a.m.269 views

Builder XtremeRAT 3.7 MVID-2022-0623 Insecure Permissions

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/7f314e798c150aedd9ce41ed39318f65.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Builder XtremeRAT v3.7 Vulnerability: Insecure Permissions Description: The malware builds...

0.1AI score
Exploits0
packetstorm
packetstorm
added 2022/06/07 12:0 a.m.230 views

Trojan-Banker.Win32.Banker.agzg MVID-2022-0608 Insecure Permissions

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/ef1e59148c9a902ae5454760aaab73fe.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Banker.Win32.Banker.agzg Vulnerability: Insecure Permissions Description: The malwa...

7.4AI score
Exploits0
packetstorm
packetstorm
added 2022/04/27 12:0 a.m.252 views

Trojan-Downloader.Win32.Agent Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/fb3ac3c9d808de7f4b5ede68715f658f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Downloader.Win32.Agent Vulnerability: Insecure Permissions Description: The malware writes a ...

7.4AI score
Exploits0
packetstorm
packetstorm
added 2022/04/07 12:0 a.m.249 views

Backdoor.Win32.Bifrose.uw Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/9e4f942c60044feef0fb48538ffac383.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Bifrose.uw Vulnerability: Insecure Permissions Description: The malware writes a ".EX...

7.4AI score
Exploits0
zdt
zdt
added 2022/01/25 12:0 a.m.220 views

CosaNostra Builder Insecure Permissions Vulnerability

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/61285c988de52b7c067fb2e703f2ab83.txt Contact: email protected Media: twitter.com/malvuln Threat: CosaNostra Builder Vulnerability: Insecure Permissions Description: The malware creates PE files with...

7.4AI score
Exploits0
zdt
zdt
added 2022/01/20 12:0 a.m.296 views

Ransomware Builder Babuk Insecure Permissions Vulnerability

Ransomware Builder Babuk malware suffers from an insecure permissions vulnerability. Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/5dfa998f62612e10d5d28d26948dd50f.txt Contact: email protected Media: twitter.com/malvuln Threat: Ransomware Builder...

Exploits0
packetstorm
packetstorm
added 2021/12/13 12:0 a.m.153 views

Backdoor.Win32.Mechbot.a Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/8c9e7906d0ad5d0f2267be0057f2a8e3.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Mechbot.a Vulnerability: Insecure Permissions Description: The malware creates a dir...

7.4AI score
Exploits0
packetstorm
packetstorm
added 2021/12/03 12:0 a.m.430 views

Backdoor.Win32.Vernet.axt Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/f529d60abbdafccce3dc5e5ffd6cdfa6.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Vernet.axt Vulnerability: Insecure Permissions Description: The malware writes an .EX...

7.4AI score
Exploits0
packetstorm
packetstorm
added 2021/11/27 12:0 a.m.642 views

Email-Worm.Win32.Deltad Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/33f1dc8cf5987751ac0f063601f1c324.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Email-Worm.Win32.Deltad Vulnerability: Insecure Permissions Description: The malware writes an .EXE...

7.1AI score
Exploits0
packetstorm
packetstorm
added 2021/11/08 12:0 a.m.383 views

Backdoor.Win32.VB.afu Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/c6ba7fcb9eb9bdd7e081e2e84e784dcb.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.VB.afu Vulnerability: Insecure Permissions Description: The malware writes an .EXE wi...

7.1AI score
Exploits0
packetstorm
packetstorm
added 2021/11/01 12:0 a.m.355 views

Trojan.Win32.Phires.zm Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/34fb086a88f3a2506b61a17cced3b476.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Phires.zm Vulnerability: Insecure Permissions Description: The malware creates an dir...

7.4AI score
Exploits0
packetstorm
packetstorm
added 2021/10/16 12:0 a.m.185 views

Trojan-Spy.Win32.Ardamax.ocx Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/78a39875a0adb110cf3c7de3a0d1384c.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Spy.Win32.Ardamax.ocx Vulnerability: Insecure Permissions Description: The malware creates an...

7.4AI score
Exploits0
packetstorm
packetstorm
added 2021/10/05 12:0 a.m.263 views

Virus.Win32.Renamer.a Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/001fc372acc853aa1cf92588a43a7deb.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Virus.Win32.Renamer.a Vulnerability: Insecure Permissions Description: The malware creates an dir wi...

7.4AI score
Exploits0
prion
prion
added 2021/09/30 7:15 p.m.13 views

Improper access control

Broken access control for user creation in Pydio Cells 2.2.9 allows remote anonymous users to create standard users via the profile parameter. In addition, such users can be granted several admin permissions via the Roles parameter...

4CVSS6.5AI score0.01109EPSS
Exploits0References3Affected Software1
cve
cve
added 2021/09/30 6:52 p.m.47 views

CVE-2021-41325

CVE-2021-41325 affects Pydio Cells 2.2.9. It has broken access control allowing remote anonymous users to create standard accounts via the profile parameter, and can grant admin permissions via the Roles parameter. This enables unauthorized account creation and potential privilege elevation. Reme...

6.5CVSS6.4AI score0.01109EPSS
Exploits0References3Affected Software1
packetstorm
packetstorm
added 2021/09/07 12:0 a.m.177 views

Backdoor.Win32.Nyara.aq Insecure Permissions

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/dec17541412bbc744b9f458862349e34.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Nyara.aq Vulnerability: Insecure Permissions Description: The malware creates a dir...

7.4AI score
Exploits0
cvelist
cvelist
added 2021/08/10 3:12 p.m.23 views

CVE-2021-37366

CTparental before 4.45.03 is vulnerable to cross-site request forgery CSRF in the CTparental admin panel. By combining CSRF with XSS, an attacker can trick the administrator into clicking a link that cancels the filtering for all standard users...

8.9AI score0.00509EPSS
Exploits0References2
Rows per page
Query Builder