Lucene search
K

42 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2017-7303

Malware in sbrugna...

7CVSS6.9AI score0.00902EPSS
Exploits3References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-8047

Malware in sbrugna...

7.8CVSS7.7AI score0.00429EPSS
Exploits1References2
CNVD
CNVD
added 2018/04/17 12:0 a.m.4 views

Hashicorp vagrant-vmware-fusion elevation of privilege vulnerability

Hashicorp vagrant-vmware-fusion is a tool for building and managing virtual machine environments on VMware virtual machines developed by HashiCorp, USA. A security vulnerability exists in Hashicorp vagrant-vmware-fusion versions 4.0.25 through 5.0.4. An attacker can exploit the vulnerability to...

7.8CVSS6.9AI score0.00429EPSS
Exploits1References1
CNVD
CNVD
added 2018/04/17 12:0 a.m.4 views

Hashicorp vagrant-vmware-fusion local elevation of privilege vulnerability

Hashicorp vagrant-vmware-fusion is a tool for building and managing virtual machine environments on VMware virtual machines developed by HashiCorp, USA. vagrant update is one of the update processes. A security vulnerability exists in the vagrant update process in Hashicorp vagrant-vmware-fusion...

7.8CVSS6.9AI score0.00309EPSS
Exploits1References1
CNVD
CNVD
added 2018/04/17 12:0 a.m.3 views

Hashicorp vagrant-vmware-fusion local elevation of privilege vulnerability (CNVD-2018-09642)

Hashicorp vagrant-vmware-fusion is a tool for building and managing virtual machine environments on VMware virtual machines developed by HashiCorp, USA. A security vulnerability exists in Hashicorp vagrant-vmware-fusion version 5.0.4. A local attacker could exploit the vulnerability to gain root...

7CVSS6.9AI score0.00326EPSS
Exploits1References1
OSV
OSV
added 2018/03/29 10:29 p.m.1 views

CVE-2017-16512

The vagrant update process in Hashicorp vagrant-vmware-fusion 5.0.2 through 5.0.4 allows local users to steal root privileges via a crafted update request when no updates are available...

7.8CVSS5.8AI score0.00309EPSS
Exploits1References1
NVD
NVD
added 2018/03/29 10:29 p.m.13 views

CVE-2017-16839

Hashicorp vagrant-vmware-fusion 5.0.4 allows local users to steal root privileges if VMware Fusion is not installed...

7CVSS6.8AI score0.00326EPSS
Exploits1References1
OSV
OSV
added 2018/03/29 10:29 p.m.0 views

CVE-2017-16839

Hashicorp vagrant-vmware-fusion 5.0.4 allows local users to steal root privileges if VMware Fusion is not installed...

7CVSS5.8AI score0.00326EPSS
Exploits1References1
NVD
NVD
added 2018/03/29 10:29 p.m.12 views

CVE-2017-16873

It is possible to exploit an unsanitized PATH in the suid binary that ships with vagrant-vmware-fusion 4.0.25 through 5.0.4 in order to escalate to root privileges...

7.8CVSS7.8AI score0.00429EPSS
Exploits1References1
OSV
OSV
added 2018/03/29 10:29 p.m.2 views

CVE-2017-16873

It is possible to exploit an unsanitized PATH in the suid binary that ships with vagrant-vmware-fusion 4.0.25 through 5.0.4 in order to escalate to root privileges...

7.8CVSS5.8AI score0.00429EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/03/29 10:0 p.m.14 views

CVE-2017-16839

Hashicorp vagrant-vmware-fusion 5.0.4 allows local users to steal root privileges if VMware Fusion is not installed...

6.8AI score0.00326EPSS
Exploits1References1
CVE
CVE
added 2018/03/29 10:0 p.m.37 views

CVE-2017-16512

The CVE-2017-16512 entry describes a local privilege escalation in Hashicorp vagrant-vmware-fusion, affecting versions 5.0.2 through 5.0.4. The vulnerability exists in the vagrant update process and lets a local attacker steal root privileges via a crafted update request when no updates are avail...

7.8CVSS7.3AI score0.00309EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2018/03/29 10:0 p.m.17 views

CVE-2017-16873

It is possible to exploit an unsanitized PATH in the suid binary that ships with vagrant-vmware-fusion 4.0.25 through 5.0.4 in order to escalate to root privileges...

7.8AI score0.00429EPSS
Exploits1References1
CVE
CVE
added 2018/03/29 10:0 p.m.51 views

CVE-2017-16839

CVE-2017-16839 affects Hashicorp vagrant-vmware-fusion 5.0.4. Connected sources confirm a local elevation of privilege: a local attacker could obtain root privileges, with the NVD note tying this to scenarios where VMware Fusion is not installed. The CNVD entry reinforces a local privilege escala...

7CVSS6.7AI score0.00326EPSS
Exploits1References1Affected Software1
Packet Storm
Packet Storm
added 2017/12/06 12:0 a.m.46 views

Hashicorp vagrant-vmware-fusion 5.0.0 Local Privilege Escalation

After three CVEs and multiple exploits disclosed to Hashicorp they have finally upped their game with this plugin. Now the previously vulnerable non-root-owned ruby code that get executed as root by the sudo helper is no more and the sudo helper itself is one static Go binary with...

6.9CVSS0.9AI score0.00902EPSS
Exploits3
exploitpack
exploitpack
added 2017/12/06 12:0 a.m.29 views

Hashicorp vagrant-vmware-fusion 5.0.0 - Local Privilege Escalation

Hashicorp vagrant-vmware-fusion 5.0.0 - Local Privilege Escalation After three CVEs and multiple exploits disclosed to Hashicorp they have finally upped their game with this plugin. Now the previously vulnerable non-root-owned ruby code that get executed as root by the sudo helper is no more and...

0.9AI score
Exploits0
exploitpack
exploitpack
added 2017/12/06 12:0 a.m.26 views

Hashicorp vagrant-vmware-fusion 4.0.23 - Local Privilege Escalation

Hashicorp vagrant-vmware-fusion 4.0.23 - Local Privilege Escalation A couple of weeks ago I disclosed a local root privesc in Hashicorp's vagrant-vmware-fusion plugin: https://m4.rkw.io/blog/cve20177642-local-root-privesc-in-hashicorp-vagrantvmw... The initial patch they released was 4.0.21 which...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2017/12/06 12:0 a.m.24 views

Hashicorp vagrant-vmware-fusion 5.0.1 - Local Privilege Escalation

Hashicorp vagrant-vmware-fusion 5.0.1 - Local Privilege Escalation I recently blogged about how the installation process of version 5.0.0 of this plugin could be hihacked by a local attacker or malware in order to escalate privileges to root. Hashicorp pushed some mitigations for this issue fairl...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2017/12/06 12:0 a.m.109 views

Hashicorp vagrant-vmware-fusion 4.0.24 - Local Privilege Escalation

Hashicorp vagrant-vmware-fusion 4.0.24 - Local Privilege Escalation I have previously disclosed a couple of bugs in Hashicorp's vagrant-vmware-fusion plugin for vagrant. Unfortunately the 4.0.23 release which was supposed to fix the previous bug I reported didn't address the issue, so Hashicorp...

0.7AI score
Exploits0
Packet Storm
Packet Storm
added 2017/12/06 12:0 a.m.134 views

Hashicorp vagrant-vmware-fusion 5.0.3 Local Privilege Escalation

Another day, another root privesc bug in this plugin. Not quite so serious this time - this one is only exploitable if the user has the plugin installed but VMware Fusion not installed. This is a fairly unlikely scenario but it's a straight to root privesc with no user interaction so isn't the ki...

7.2CVSS0.7AI score0.00984EPSS
Exploits3
Rows per page
Query Builder