Malicious plugin names, recipients, or identities can cause arbitrary binary execution

A plugin name containing a path separator may allow an attacker to execute an arbitrary binary. Such a plugin name can be provided through an attacker-controlled input to the following age APIs when the plugin feature flag is enabled: - age::plugin::Identity::fromstr or equivalently str::parse:: ...

RUSTSEC-2024-0432 Malicious plugin names, recipients, or identities can cause arbitrary binary execution

A plugin name containing a path separator may allow an attacker to execute an arbitrary binary. Such a plugin name can be provided to the rage CLI through an attacker-controlled recipient or identity string, or an attacker-controlled plugin name via the -j flag. On UNIX systems, a directory...

RUSTSEC-2024-0433 Malicious plugin names, recipients, or identities can cause arbitrary binary execution

A plugin name containing a path separator may allow an attacker to execute an arbitrary binary. Such a plugin name can be provided through an attacker-controlled input to the following age APIs when the plugin feature flag is enabled: - age::plugin::Identity::fromstr or equivalently str::parse:: ...

age vulnerable to malicious plugin names, recipients, or identities causing arbitrary binary execution

A plugin name containing a path separator may allow an attacker to execute an arbitrary binary. Such a plugin name can be provided to the age CLI through an attacker-controlled recipient or identity string, or to the plugin.NewIdentity, plugin.NewIdentityWithoutData, or plugin.NewRecipient APIs. ...

rage vulnerable to malicious plugin names, recipients, or identities causing arbitrary binary execution

A plugin name containing a path separator may allow an attacker to execute an arbitrary binary...

age -- age vulnerable to malicious plugin names, recipients, or identities causing arbitrary binary execution

Filippo Valsorda reports: A plugin name containing a path separator may allow an attacker to execute an arbitrary binary. Such a plugin name can be provided to the age CLI through an attacker-controlled recipient or identity string, or to the plugin.NewIdentity, plugin.NewIdentityWithoutData, or...

Privilege Escalation

github.com/projectcalico/calico/ is vulnerable to Privilege Escalation. The vulnerability is due to an incorrect SUID bit configuration in the Calico CNI install binary, combined with the ability to control the input binary, allows an attacker to execute an arbitrary binary with elevated privileg...

CVE-2024-33522

In vulnerable versions of Calico v3.27.2 and below, Calico Enterprise v3.19.0-1, v3.18.1, v3.17.3 and below, and Calico Cloud v19.2.0 and below, an attacker who has local access to the Kubernetes node, can escalate their privileges by exploiting a vulnerability in the Calico CNI install binary. T...

CVE-2023-28700

OMICARD EDM backend system’s file uploading function does not restrict upload of file with dangerous type. A local area network attacker with administrator privileges can exploit this vulnerability to upload and run arbitrary executable files to perform arbitrary system commands or disrupt servic...

CVE-2022-48199

SoftPerfect NetWorx 7.1.1 on Windows allows an attacker to execute a malicious binary with potentially higher privileges via a low-privileged user account that abuses the Notifications function. The Notifications function allows for arbitrary binary execution and can be modified by any user. The...

CVE-2022-48199

SoftPerfect NetWorx 7.1.1 on Windows allows an attacker to execute a malicious binary with potentially higher privileges via a low-privileged user account that abuses the Notifications function. The Notifications function allows for arbitrary binary execution and can be modified by any user. The...

Design/Logic Flaw

SoftPerfect NetWorx 7.1.1 on Windows allows an attacker to execute a malicious binary with potentially higher privileges via a low-privileged user account that abuses the Notifications function. The Notifications function allows for arbitrary binary execution and can be modified by any user. The...

CVE-2022-48199

SoftPerfect NetWorx 7.1.1 (Windows) is affected by a vulnerability where the Notifications function can be modified by any user to execute an arbitrary binary, potentially with higher privileges, and the resulting binary runs in the context of every user running NetWorx. The root cause is the abi...

CVE-2022-48199

SoftPerfect NetWorx 7.1.1 on Windows allows an attacker to execute a malicious binary with potentially higher privileges via a low-privileged user account that abuses the Notifications function. The Notifications function allows for arbitrary binary execution and can be modified by any user. The...

USN-5292-2 snapd vulnerabilities

USN-5292-1 fixed vulnerabilities in snapd. This update provides the corresponding update for the riscv64 architecture. Original advisory details: James Troup discovered that snap did not properly manage the permissions for the snap directories. A local attacker could possibly use this issue to...

Longhorn 访问控制错误漏洞

Longhorn is a cloud-native distributed storage system built on Kubernetes. Longhorn suffers from an Access Control Error vulnerability that stems from SUSE Longhorn allowing any workload in a cluster to execute any binary file in an image on the host without authentication...

Lex Li vscode-restructuredtext 访问控制错误漏洞

Lex Li vscode-restructuredtext is a Lex Li open source application. This extension provides rich reStructuredText language support for Visual Studio Code.An access control error vulnerability exists in versions prior to Lex Li vscode-restructuredtext 146.0.0, which stems from the inclusion of an...

CVE-2021-29658

The CVE-2021-29658 entry concerns the vscode-rufo extension for Visual Studio Code, specifically versions before 0.0.4. The vulnerability allows an attacker to execute arbitrary binaries/code when a user opens a crafted workspace folder. Concrete details across connected documents consistently de...

CVE-2021-28956

The unofficial vscode-sass-lint aka Sass Lint extension through 1.0.7 for Visual Studio Code allows attackers to execute arbitrary binaries if the user opens a crafted workspace. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

Microsoft Visual Studio Code 安全漏洞

Microsoft Visual Studio Code is an open source code editor from Microsoft Corporation USA. A security vulnerability in Microsoft Visual Studio Code vscode-sass-lint 1.0.7 allows an attacker to execute arbitrary binaries when a user opens a crafted workspace...