Lucene search
+L

415 matches found

Metasploit
Metasploit
added 2022/10/27 7:51 p.m.245 views

Vagrant Synced Folder Vagrantfile Breakout

This module exploits a default Vagrant synced folder shared folder to append a Ruby payload to the Vagrant project Vagrantfile config file. By default, unless a Vagrant project explicitly disables shared folders, Vagrant mounts the project directory on the host as a writable 'vagrant' directory o...

7.5AI score
Exploits0
Packet Storm
Packet Storm
added 2022/10/27 12:0 a.m.371 views

Vagrant Synced Folder Vagrantfile Breakout

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Vagrant Synced Folder Vagrantfile Breakout', 'Description' = %q This module exploits a default Vagrant synced folder shared folder to append a Ru...

7.4AI score
Exploits0
Microsoft CVE
Microsoft CVE
added 2022/10/15 7:0 a.m.10 views

An issue was discovered in Hashicorp Packer before 2.3.1. The recommended sudoers configuration for Vagrant on Linux is insecure. If the host has been configured according to this documentation non-privileged users on the host can leverage a wildcard in the sudoers configuration to execute arbitrary commands as root.

...

7.8CVSS7.6AI score0.00227EPSS
Exploits0
Snyk
Snyk
added 2022/10/12 9:54 a.m.3 views

Privilege Escalation

Overview Affected versions of this package are vulnerable to Privilege Escalation due to the recommended sudoers configuration for Vagrant on Linux being insecure. If the host has been configured according to this documentation, non-privileged users on the host can leverage a wildcard in the...

7.8CVSS7.7AI score0.00227EPSS
Exploits0References2
OSV
OSV
added 2022/10/11 11:15 p.m.8 views

AZL-11115 CVE-2022-42717 affecting package packer for versions less than 1.8.7-1

An issue was discovered in Hashicorp Packer before 2.3.1. The recommended sudoers configuration for Vagrant on Linux is insecure. If the host has been configured according to this documentation, non-privileged users on the host can leverage a wildcard in the sudoers configuration to execute...

7.8CVSS6AI score0.00227EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2022/10/11 11:15 p.m.28 views

CVE-2022-42717

An issue was discovered in Hashicorp Packer before 2.3.1. The recommended sudoers configuration for Vagrant on Linux is insecure. If the host has been configured according to this documentation, non-privileged users on the host can leverage a wildcard in the sudoers configuration to execute...

7.8CVSS7AI score0.00227EPSS
Exploits0References4
OSV
OSV
added 2022/10/11 11:15 p.m.5 views

UBUNTU-CVE-2022-42717

An issue was discovered in Hashicorp Packer before 2.3.1. The recommended sudoers configuration for Vagrant on Linux is insecure. If the host has been configured according to this documentation, non-privileged users on the host can leverage a wildcard in the sudoers configuration to execute...

7.8CVSS6.1AI score0.00227EPSS
Exploits0References5
CVE
CVE
added 2022/10/11 12:0 a.m.136 views

CVE-2022-42717

CVE-2022-42717 affects Hashicorp Packer prior to 2.3.1. The issue is an insecure sudoers configuration for Vagrant on Linux, where a host configured per the documentation permits non-privileged users to exploit a wildcard in sudoers to execute commands as root. The data in connected sources confi...

7.8CVSS7.9AI score0.00227EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2022/10/11 12:0 a.m.12 views

CVE-2022-42717

An issue was discovered in Hashicorp Packer before 2.3.1. The recommended sudoers configuration for Vagrant on Linux is insecure. If the host has been configured according to this documentation, non-privileged users on the host can leverage a wildcard in the sudoers configuration to execute...

7.5AI score0.00227EPSS
Exploits0References3
Cvelist
Cvelist
added 2022/10/11 12:0 a.m.34 views

CVE-2022-42717

An issue was discovered in Hashicorp Packer before 2.3.1. The recommended sudoers configuration for Vagrant on Linux is insecure. If the host has been configured according to this documentation, non-privileged users on the host can leverage a wildcard in the sudoers configuration to execute...

8.1AI score0.00227EPSS
Exploits0References3
OSV
OSV
added 2022/10/11 12:0 a.m.17 views

CVE-2022-42717

An issue was discovered in Hashicorp Packer before 2.3.1. The recommended sudoers configuration for Vagrant on Linux is insecure. If the host has been configured according to this documentation, non-privileged users on the host can leverage a wildcard in the sudoers configuration to execute...

7.8CVSS8AI score0.00227EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/10/11 12:0 a.m.4 views

PT-2022-26517 · Hashicorp · Hashicorp Packer +1

Name of the Vulnerable Software and Affected Versions: Hashicorp Packer versions prior to 2.3.1 Description: An issue was discovered in the recommended sudoers configuration for Vagrant on Linux, which is insecure. Non-privileged users on the host can leverage a wildcard in the sudoers...

7.8CVSS7.8AI score0.00227EPSS
Exploits0References9
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2022/10/10 11:52 p.m.8 views

Vagrant NFS sudoers Configuration Allows for Local Privilege Escalation

Summary Optional sudoers configuration for Vagrant NFS shared folders allows for local privilege escalation Background The documentation associated with Vagrant’s NFS driver for Linux suggested configuring a Vagrant host with a specific sudoers configuration, which removed the need for vagrant...

7.8CVSS7.1AI score0.00227EPSS
Exploits0
Kitploit
Kitploit
added 2022/08/19 12:30 p.m.38 views

crAPI - Completely Ridiculous API

c ompletely r idiculous API crAPI will help you to understand the ten most critical API security risks. crAPI is vulnerable by design, but you'll be able to safely run it to educate/train yourself. crAPI is modern, built on top of a microservices architecture. When time has come to buy your first...

7.3AI score
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2022/07/28 11:15 a.m.4 views

CVE-2022-37009

In JetBrains IntelliJ IDEA before 2022.2 local code execution via a Vagrant executable was possible...

7.8CVSS6.3AI score0.00242EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2022/07/28 11:15 a.m.25 views

CVE-2022-37009

In JetBrains IntelliJ IDEA before 2022.2 local code execution via a Vagrant executable was possible...

7.8CVSS0.00242EPSS
Exploits0References1
Prion
Prion
added 2022/07/28 11:15 a.m.27 views

Code injection

In JetBrains IntelliJ IDEA before 2022.2 local code execution via a Vagrant executable was possible...

4.3CVSS7.7AI score0.00242EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/07/28 10:25 a.m.30 views

CVE-2022-37009

In JetBrains IntelliJ IDEA before 2022.2 local code execution via a Vagrant executable was possible...

3.9CVSS8AI score0.00242EPSS
Exploits0References1
CVE
CVE
added 2022/07/28 10:25 a.m.72 views

CVE-2022-37009

JetBrains IntelliJ IDEA prior to 2022.2 is affected by CVE-2022-37009, enabling local code execution through the Vagrant executable. The vulnerability description across sources consistently states that local code execution via Vagrant is possible in affected IntelliJ IDEA versions before 2022.2....

7.8CVSS7.7AI score0.00242EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2022/07/28 12:0 a.m.5 views

JetBrains IntelliJ IDEA 代码注入漏洞

Jetbrains JetBrains IntelliJ IDEA is a set of integrated development environments for the Java language from the Czech company Jetbrains. A security vulnerability exists in JetBrains IntelliJ IDEA 2022.2 and earlier versions, which stems from the possibility that an attacker could execute native...

7.8CVSS7.5AI score0.00242EPSS
Exploits0References2
Rows per page
Query Builder