CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1015 matches found

CVE•added 2021/05/27 12:28 p.m.•78 views

CVE-2008-2544

CVE-2008-2544 describes a local bypass where mounting the /proc filesystem inside a chroot can occur in read-write mode, allowing a user to bypass the chroot and gain write access to files they would not normally access. The connected documents reiterate the same description but do not provide pr...

5.5CVSS6.3AI score0.00041EPSS

Exploits1References1Affected Software1

Debian CVE•added 2021/05/27 12:28 p.m.•31 views

CVE-2008-2544

Mounting /proc filesystem via chroot command silently mounts it in read-write mode. The user could bypass the chroot environment and gain write access to files, he would never have otherwise...

5.5CVSS6.1AI score0.00041EPSS

Exploits1

CNNVD•added 2021/05/27 12:0 a.m.•2 views

Fedora 安全漏洞

Fedora is a set of Linux operating systems from the Fedora community. A security vulnerability exists in Fedora's Mounting /proc filesystem, which can be exploited by an attacker to bypass the chroot environment and gain write access to files...

5.5CVSS7.4AI score0.00041EPSS

Exploits1References1

OSV•added 2021/03/26 9:15 p.m.•3 views

CVE-2020-7468

In FreeBSD 12.2-STABLE before r365772, 11.4-STABLE before r365773, 12.1-RELEASE before p10, 11.4-RELEASE before p4 and 11.3-RELEASE before p14 a ftpd8 bug in the implementation of the file system sandbox, combined with capabilities available to an authenticated FTP user, can be used to escape the...

8.8CVSS8AI score0.00639EPSS

Exploits0References1

OpenVAS•added 2021/03/10 12:0 a.m.•6 views

SYS.1.3.A10

Dienste und Anwendungen SOLLTEN mit einer individuellen Sicherheitsarchitektur geschuetzt werden z. B. mit AppArmor oder SELinux. Auch chroot-Umgebungen sowie LXC- oder Docker-Container SOLLTEN dabei beruecksichtigt werden. Es SOLLTE sichergestellt sein, dass mitgelieferte Standardprofile bzw...

7.3AI score

Exploits0References1

Oracle linux•added 2021/03/05 12:0 a.m.•233 views

container-tools:2.0 security update

buildah 1.11.6-8.0.1 - Reduce unnecessary writable mounts in NaiveDiffDriver Orabug: 31025483 - Fixes troubles with oracle registry login Orabug: 29937283 1.11.6-8 - exclude i686 arch - Related: 1821193 1.11.6-7 - fix 'CVE-2020-10696 buildah: crafted input tar file may lead to local file...

9.3CVSS7.1AI score0.0041EPSS

Exploits1

OSV•added 2020/12/18 7:15 p.m.•11 views

CVE-2020-20277

There are multiple unauthenticated directory traversal vulnerabilities in different FTP commands in uftpd FTP server versions 2.7 to 2.10 due to improper implementation of a chroot jail in common.c's composeabspath function that can be abused to read or write to arbitrary files on the filesystem,...

9.8CVSS8.2AI score

Exploits0References3

Prion•added 2020/12/18 7:15 p.m.•15 views

Directory traversal

7.5CVSS10AI score0.40518EPSS

Exploits4References3Affected Software1

Cvelist•added 2020/12/18 6:9 p.m.•16 views

CVE-2020-20277

10AI score0.40518EPSS

Exploits4References3

Positive Technologies•added 2020/12/18 12:0 a.m.•13 views

PT-2020-15252 · Uftpd · Uftpd

Name of the Vulnerable Software and Affected Versions: uftpd FTP server versions 2.7 to 2.10 Description: The issue arises from improper implementation of a chroot jail in the compose abspath function in common.c, leading to multiple unauthenticated directory traversal vulnerabilities in differen...

9.8CVSS9.9AI score0.40518EPSS

Exploits4References9

Microsoft CVE•added 2020/09/25 7:0 a.m.•1 views

chroot in GNU coreutils when used with --userspec allows local users to escape to the parent session via a crafted TIOCSTI ioctl call which pushes characters to the terminal's input buffer.

...

6.5CVSS6.8AI score0.00084EPSS

Exploits0

FreeBSD Advisory•added 2020/09/15 12:0 a.m.•20 views

FreeBSD-SA-20:30.ftpd

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-20:30.ftpd Security Advisory The FreeBSD Project Topic: ftpd privilege escalation via ftpchroot feature Category: core Module: ftpd Announced: 2020-09-15...

9CVSS7.3AI score0.00639EPSS

Exploits0