23 matches found
EUVD-2022-27018
Malicious code in bioql PyPI...
CVE-2025-3047
When running the AWS Serverless Application Model Command Line Interface SAM CLI build process with Docker and symlinks are included in the build files, the container environment allows a user to access privileged files on the host by leveraging the elevated permissions granted to the tool. A use...
AWS SAM CLI Path Traversal allows file copy to build container
Summary The AWS Serverless Application Model Command Line Interface AWS SAM CLI is an open-source CLI tool that helps Lambda developers to build and develop Lambda applications locally on their computers using Docker. When running the AWS SAM CLI build process with Docker and symlinks are include...
CVE-2025-3047
When running the AWS Serverless Application Model Command Line Interface SAM CLI build process with Docker and symlinks are included in the build files, the container environment allows a user to access privileged files on the host by leveraging the elevated permissions granted to the tool. A use...
CVE-2025-3048
After completing a build with AWS Serverless Application Model Command Line Interface SAM CLI which include symlinks, the content of those symlinks are copied to the cache of the local workspace as regular files or directories. As a result, a user who does not have access to those symlinks outsid...
CVE-2025-3047
When running the AWS Serverless Application Model Command Line Interface SAM CLI build process with Docker and symlinks are included in the build files, the container environment allows a user to access privileged files on the host by leveraging the elevated permissions granted to the tool. A use...
CVE-2025-3048
After completing a build with AWS Serverless Application Model Command Line Interface SAM CLI which include symlinks, the content of those symlinks are copied to the cache of the local workspace as regular files or directories. As a result, a user who does not have access to those symlinks outsid...
CVE-2025-3048
CVE-2025-3048 concerns AWS SAM CLI. When building with Docker (--use-container) and symlinks are included, the content of those symlinks can be copied into the SAM CLI cache as regular files/directories, potentially exposing privileged host files to users within the local workspace. This affects ...
CVE-2025-3048 Path Traversal in AWS SAM CLI allows file copy to local cache
After completing a build with AWS Serverless Application Model Command Line Interface SAM CLI which include symlinks, the content of those symlinks are copied to the cache of the local workspace as regular files or directories. As a result, a user who does not have access to those symlinks outsid...
CVE-2025-3047
CVE-2025-3047 affects the AWS SAM CLI when building with Docker in the local workspace. The issue arises from symlinks in build files, enabling a user to access privileged host files through the container’s elevated permissions. Impact is limited to local workspaces using container builds and doe...
The vulnerability of the Windows Application Model Core API of the operating system allows attackers to enhance their privileges.
The vulnerability of the Windows Application Model Core API component of the Windows operating system is related to insecure management of privileges. Exploiting this vulnerability can allow an attacker to enhance their privileges...
CVE-2022-21862
Windows Application Model Core API Elevation of Privilege Vulnerability...
CVE-2022-21862
Windows Application Model Core API Elevation of Privilege Vulnerability...
CVE-2022-21862
Windows Application Model Core API Elevation of Privilege Vulnerability...
Privilege escalation
Windows Application Model Core API Elevation of Privilege Vulnerability...
CVE-2022-21862 Windows Application Model Core API Elevation of Privilege Vulnerability
...
Windows Application Model Core API Elevation of Privilege Vulnerability
...
PT-2022-1516 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to insecure privilege management in the Windows Application Model Core API, which can be exploited to elevate privileges. This could allow an attacker to affect the...
Microsoft Windows 权限许可和访问控制问题漏洞
Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. A vulnerability exists in Microsoft Windows Application Model with privilege permission and access control issues. The following products and versions are affected:Windows 10 for x64-base...
[SECURITY] Fedora 32 Update: eclipse-gef-3.11.0-13.fc32
The Graphical Editing Framework GEF allows developers to create a rich graphical editor from an existing application model. GEF is completely application neutral and provides the groundwork to build almost any application, including but not limited to: activity diagrams, GUI builders, class diagr...