MiracleLinux 4 : kernel-2.6.32-573.12.1.el6 (AXSA:2016-018:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-018:01 advisory. Security issues fixed with this release: CVE-2015-2925 The prependpath function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly...

MiracleLinux 7 : bind-9.9.4-74.1.0.1.el7.AXS7 (AXSA:2019-3897:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2019-3897:03 advisory. Security Fix - CVE-2018-5743 CVE CVEJVNhttp://jvndb.jvn.jp/ Tenable has extracted the preceding description block directly from the MiracleLinux security...

CVE-2021-47785

Ether MP3 CD Burner 1.3.8 contains a buffer overflow vulnerability in the registration name field that allows remote code execution. Attackers can craft a malicious payload to overwrite SEH handlers and execute a bind shell on port 3110 by exploiting improper input validation...

CVE-2021-47785

CVE-2021-47785 affects Ether MP3 CD Burner 1.3.8. A buffer overflow in the registration name field enables remote code execution by overwriting SEH handlers to run a payload that can open a bind shell on port 3110. The available connected documents confirm the vulnerable component and impact but ...

CVE-2021-47785 Ether_MP3_CD_Burner 1.3.8 - Buffer Overflow (SEH)

Ether MP3 CD Burner 1.3.8 contains a buffer overflow vulnerability in the registration name field that allows remote code execution. Attackers can craft a malicious payload to overwrite SEH handlers and execute a bind shell on port 3110 by exploiting improper input validation...

CVE-2021-47785 Ether_MP3_CD_Burner 1.3.8 - Buffer Overflow (SEH)

Ether MP3 CD Burner 1.3.8 contains a buffer overflow vulnerability in the registration name field that allows remote code execution. Attackers can craft a malicious payload to overwrite SEH handlers and execute a bind shell on port 3110 by exploiting improper input validation...

runc: container escape via 'masked path' abuse due to mount race conditions

A flaw was found in runc. This flaw exploits an issue with how masked paths are implementedin runc. When masking files, runc will bind-mount the container's /dev/null inode on top of the file. However, if an attacker can replace /dev/null with a symlink to some other procfs file, runc will instea...

runc: container escape with malicious config due to /dev/console mount and related races

A flaw was found in runc. CVE-2025-52565 is very similar in concept and application toCVE-2025-31133, except that it exploits a flaw in /dev/console bind-mounts. When creating the /dev/console bind-mount to /dev/pts/$n, if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount...

runc: container escape with malicious config due to /dev/console mount and related races

A flaw was found in runc. CVE-2025-52565 is very similar in concept and application toCVE-2025-31133, except that it exploits a flaw in /dev/console bind-mounts. When creating the /dev/console bind-mount to /dev/pts/$n, if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount...

CVE-2021-47799

Visual Tools DVR VX16 version 4.2.28 contains a local privilege escalation vulnerability in its Sudo configuration that allows attackers to gain root access. Attackers can exploit the unsafe Sudo settings by using mount commands to bind a shell, enabling unauthorized system-level privileges...

CVE-2021-47775

YouTube Video Grabber, now referred to as YouTube Downloader, 1.9.9.1 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting the Structured Exception Handler. Attackers can craft a malicious payload of 712 bytes with SEH manipulation to trigger a...

CVE-2021-47774

Kingdia CD Extractor 3.0.2 contains a buffer overflow vulnerability in the registration name field that allows attackers to execute arbitrary code. Attackers can craft a malicious payload exceeding 256 bytes to overwrite Structured Exception Handler and gain remote code execution through a bind...

CVE-2021-47799

CVE-2021-47799 affects Visual Tools DVR VX16 version 4.2.28. The vulnerability is a local privilege escalation in the product’s Sudo configuration, where unsafe sudo settings allow an attacker to gain root access by using mount commands to bind a shell. The impact is system‑level privileges escal...

CVE-2021-47799 Visual Tools DVR VX16 4.2.28 - Local Privilege Escalation

Visual Tools DVR VX16 version 4.2.28 contains a local privilege escalation vulnerability in its Sudo configuration that allows attackers to gain root access. Attackers can exploit the unsafe Sudo settings by using mount commands to bind a shell, enabling unauthorized system-level privileges...

CVE-2021-47799 Visual Tools DVR VX16 4.2.28 - Local Privilege Escalation

Visual Tools DVR VX16 version 4.2.28 contains a local privilege escalation vulnerability in its Sudo configuration that allows attackers to gain root access. Attackers can exploit the unsafe Sudo settings by using mount commands to bind a shell, enabling unauthorized system-level privileges...

EUVD-2026-2754

Visual Tools DVR VX16 version 4.2.28 contains a local privilege escalation vulnerability in its Sudo configuration that allows attackers to gain root access. Attackers can exploit the unsafe Sudo settings by using mount commands to bind a shell, enabling unauthorized system-level privileges...

CVE-2021-47799

Visual Tools DVR VX16 version 4.2.28 contains a local privilege escalation vulnerability in its Sudo configuration that allows attackers to gain root access. Attackers can exploit the unsafe Sudo settings by using mount commands to bind a shell, enabling unauthorized system-level privileges...

CVE-2021-47775 YouTube Video Grabber 1.9.9.1 - Buffer Overflow (SEH)

YouTube Video Grabber, now referred to as YouTube Downloader, 1.9.9.1 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting the Structured Exception Handler. Attackers can craft a malicious payload of 712 bytes with SEH manipulation to trigger a...

CVE-2021-47775

CVE-2021-47775 affects YouTube Video Grabber (also called YouTube Downloader) version 1.9.9.1. The issue is a buffer overflow that allows arbitrary code execution by overwriting the Structured Exception Handler (SEH). An attacker can craft a 712-byte payload with SEH manipulation to trigger a bin...

CVE-2021-47775 YouTube Video Grabber 1.9.9.1 - Buffer Overflow (SEH)

YouTube Video Grabber, now referred to as YouTube Downloader, 1.9.9.1 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting the Structured Exception Handler. Attackers can craft a malicious payload of 712 bytes with SEH manipulation to trigger a...