Low: runc

Issue Overview: runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files or directories in arbitrary locations in the host filesystem by sharing a volume between t...

CVE-2024-41909

Like many other SSH implementations, Apache MINA SSHD suffered from the issue that is more widely known as CVE-2023-48795. An attacker that can intercept traffic between client and server could drop certain packets from the stream, potentially causing client and server to consequently end up with...

CVE-2018-10233

CVE-2018-10233 affects the WordPress User Profile & Membership plugin (Ultimate Member) before 2.0.7. A CSRF flaw with no mitigations is present throughout the plugin, potentially allowing unauthorized operations. Affected component: the plugin’s core/profile/membership functions; root cause: lac...

Microsoft Windows Kernel - 'win32k!NtGdiGetGlyphOutline' Pool Memory Disclosure

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1267&desc=2 We have discovered that the win32k!NtGdiGetGlyphOutline system call handler may disclose large portions of uninitialized pool memory to user-mode clients. The function first allocates memory using...