Lucene search
+L

4 matches found

osv
osv
added 2025/05/14 11:54 a.m.2 views

CVE-2025-3931 Yggdrasil: local privilege escalation in yggdrasil

A flaw was found in Yggdrasil, which acts as a system broker, allowing the processes to communicate to other children's "worker" processes through the DBus component. Yggdrasil creates a DBus method to dispatch messages to workers. However, it misses authentication and authorization checks,...

7.8CVSS7.1AI score0.00158EPSS
Exploits0References8
nessus
nessus
added 2023/01/23 12:0 a.m.33 views

RHEL 8 : openstack-selinux (RHSA-2020:4381)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:4381 advisory. The openstack-selinux package is a collection of SELinux policies for running OpenStack on Red Hat Enterprise Linux. Security Fixes: policy flaw allo...

6.5CVSS6.6AI score0.00221EPSS
Exploits0References6
veracode
veracode
added 2020/10/29 10:33 a.m.20 views

Improper Use Of Flawed Policy

openstack-selinux is using flawed policy. policy flaw allows dbus messaging...

6.5CVSS2.5AI score0.00221EPSS
Exploits0References3Affected Software1
redhat
redhat
added 2020/10/28 3:38 p.m.12 views

openstack-selinux: policy flaw allows dbus messaging

An improper authorization flaw was discovered in openstack-selinux's applied policy where it does not prevent a non-root user in a container from privilege escalation. A non-root attacker in one or more Red Hat OpenStack RHOSP containers could send messages to the dbus. With access to the dbus, t...

6.5CVSS5.8AI score0.00221EPSS
Exploits0References4
Rows per page
Query Builder