CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

384 matches found

RedhatCVE•added 2020/09/09 9:27 p.m.•46 views

CVE-2020-25211

A flaw was found in the Linux kernel. A local attacker, able to inject conntrack netlink configuration, could overflow a local buffer causing crashes or triggering the use of incorrect protocol numbers in ctnetlinkparsetuplefilter in net/netfilter/nfconntracknetlink.c. The highest threat from thi...

6.7CVSS6.8AI score0.00566EPSS

Exploits1References4

RedhatCVE•added 2020/09/07 5:48 a.m.•53 views

CVE-2020-14386

A flaw was found in the Linux kernel. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Mitigation If the CAPNETRAW capability disabled by...

7.8CVSS1.1AI score0.01319EPSS

Exploits1References5

OpenVAS•added 2020/08/31 12:0 a.m.•26 views

Huawei EulerOS: Security Advisory for bubblewrap (EulerOS-SA-2020-1838)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.5CVSS7.1AI score0.00907EPSS

Exploits0References2

Tenable Nessus•added 2020/08/28 12:0 a.m.•35 views

EulerOS 2.0 SP8 : bubblewrap (EulerOS-SA-2020-1838)

According to the version of the bubblewrap package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Bubblewrap bwrap before version 0.4.1, if installed in setuid mode and the kernel supports unprivileged user namespaces, then the bwrap --userns...

8.5CVSS6.9AI score0.00907EPSS

Exploits0References2

OSV•added 2020/05/09 6:15 p.m.•6 views

CVE-2019-20794

An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces are allowed. A user can create their own PID namespace, and mount a FUSE filesystem. Upon interaction with this FUSE filesystem, if the userspace component is terminated via a kill of the PID...

4.7CVSS6.5AI score

Exploits0References4

UbuntuCve•added 2020/05/09 6:15 p.m.•20 views

CVE-2019-20794

4.7CVSS6.7AI score0.00512EPSS

Exploits1References4

CVE•added 2020/05/09 5:35 p.m.•200 views

CVE-2019-20794

CVE-2019-20794 : The Linux kernel versions 4.18–5.6.11 are affected when unprivileged user namespaces are allowed. A user can create their own PID namespace and mount a FUSE filesystem; if the userspace component is terminated by killing PID 1, the interaction with the FUSE mount can hang the tas...

4.7CVSS4.5AI score0.00512EPSS

Exploits1References4Affected Software1

Cvelist•added 2020/05/09 5:35 p.m.•29 views

CVE-2019-20794

4.4AI score0.00512EPSS

Exploits1References4

Tenable Nessus•added 2020/04/16 12:0 a.m.•31 views

Fedora 31 : bubblewrap (2020-a4206f14f1)

Update to 0.4.1 This release fixes a privilege escalation bug pointed out by Stephen Rttger, where in some setups bubblewrap can be used to gain root permissions. Only version 0.4.0 is vulnerable, and only if installed setuid while at the same time the kernel supports unprivileged user namespaces...

5.5AI score

Exploits0References1

RedhatCVE•added 2020/04/13 9:5 p.m.•30 views

CVE-2020-5291

Bubblewrap bwrap before version 0.4.1, if installed in setuid mode and the kernel supports unprivileged user namespaces, then the bwrap --userns2 option can be used to make the setuid process keep running as root while being traceable. This can in turn be used to gain root permissions. Note that...

8.5CVSS4AI score0.00907EPSS

Exploits0References3