Lucene search
K

53 matches found

OSV
OSV
added 2021/08/25 8:48 p.m.1 views

GHSA-M833-JV95-MFJH Memory safety violation in crayon

An issue was discovered in the crayon crate through 2020-08-31 for Rust. A TOCTOU issue has a resultant memory safety violation via HandleLike...

8.1CVSS5.9AI score0.0087EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2021/08/25 8:48 p.m.35 views

Memory safety violation in crayon

An issue was discovered in the crayon crate through 2020-08-31 for Rust. A TOCTOU issue has a resultant memory safety violation via HandleLike...

8.1CVSS8AI score0.0087EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2020/12/31 8:24 a.m.31 views

CVE-2020-35889

An issue was discovered in the crayon crate through 2020-08-31 for Rust. A TOCTOU issue has a resultant memory safety violation via HandleLike...

8.2AI score0.0087EPSS
Exploits0References1
CVE
CVE
added 2020/06/15 2:33 p.m.103 views

CVE-2017-18869

CVE-2017-18869 : A TOCTOU vulnerability in the chownr package (Node.js 10.10) could allow a local attacker to trick the code into descending into unintended directories via symlink attacks. Root cause: TOCTOU in chownr.js. Impact: local privilege-limited access through directory traversal. Remedi...

2.5CVSS3.3AI score0.00334EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2020/05/29 7:37 p.m.115 views

CVE-2020-3957

Summary of CVE-2020-3957 : VMware Fusion (11.x before 11.5.5), VMware Remote Console for Mac (11.x and prior), and VMware Horizon Client for Mac (5.x and prior) contain a local privilege-escalation vulnerability caused by a Time-of-check Time-of-use (TOCTOU) issue in the service opener. Successfu...

7CVSS7.1AI score0.00206EPSS
Exploits0References1Affected Software3
Cvelist
Cvelist
added 2020/05/29 7:37 p.m.24 views

CVE-2020-3957

VMware Fusion 11.x before 11.5.5, VMware Remote Console for Mac 11.x and prior and VMware Horizon Client for Mac 5.x and prior contain a local privilege escalation vulnerability due to a Time-of-check Time-of-use TOCTOU issue in the service opener. Successful exploitation of this issue may allow...

7.2AI score0.00206EPSS
Exploits0References1
NVD
NVD
added 2019/12/26 5:15 a.m.21 views

CVE-2019-20000

The malware scan function in BullGuard Premium Protection 20.0.371.8 has a TOCTOU issue that enables a symbolic link attack, allowing privileged files to be deleted...

5.9CVSS5.6AI score0.00561EPSS
Exploits1References1
Prion
Prion
added 2019/12/26 5:15 a.m.14 views

Code injection

The malware scan function in BullGuard Premium Protection 20.0.371.8 has a TOCTOU issue that enables a symbolic link attack, allowing privileged files to be deleted...

5.8CVSS5.6AI score0.00561EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/12/26 4:7 a.m.18 views

CVE-2019-20000

The malware scan function in BullGuard Premium Protection 20.0.371.8 has a TOCTOU issue that enables a symbolic link attack, allowing privileged files to be deleted...

5.6AI score0.00561EPSS
Exploits1References1
CVE
CVE
added 2019/12/26 4:7 a.m.52 views

CVE-2019-20000

CVE-2019-20000 affects BullGuard Premium Protection 20.0.371.8. The vulnerability is a TOCTOU issue in the malware scan function that allows a symbolic-link attack, enabling privileged files to be deleted. Connected sources confirm the issue across Red Hat and CVE records, with no explicit exploi...

5.9CVSS5.5AI score0.00561EPSS
Exploits1References1Affected Software1
OpenVAS
OpenVAS
added 2018/05/30 12:0 a.m.146 views

Kaseya Virtual System Administrator Agent <= 9.4.0.36 Local Privilege Escalation Vulnerability

Kaseya Virtual System Administrator agent is prone to a local privilege escalation vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...

7.4CVSS7.5AI score0.00251EPSS
Exploits5References2
Prion
Prion
added 2018/03/06 4:29 p.m.14 views

Design/Logic Flaw

NVIDIA TrustZone Software contains a TOCTOU issue in the DRM application which may lead to the denial of service or possible escalation of privileges. This issue is rated as moderate...

4.4CVSS7.2AI score0.001EPSS
Exploits0References1Affected Software1
Oracle linux
Oracle linux
added 2007/05/17 12:0 a.m.64 views

Low unzip security and bug fix update

5.51-9.EL4.5 - Resolves: 230558 problem in patch4 unzipped file permissions 5.51-8.EL4.5 - fix problem with 4GB files which are not compressed 5.51-7.EL4.5 - fix 164927 - TOCTOU issue in unzip - fix 178960 - unzip long filename buffer overflow - fix 199104 - add large file support return Lon's 4G...

3.7CVSS1.3AI score0.01481EPSS
Exploits1
Rows per page
Query Builder