Lucene search
K

155 matches found

ossf
ossf
added 2022/06/20 8:26 p.m.5 views

Malicious code in edu-front-util (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7ab7edc7cfa5c4bd5b84454746103bcf43864d117d2dfff998d18b32d607b2f8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
osv
osv
added 2022/06/20 8:26 p.m.10 views

MAL-2022-2670 Malicious code in edu-front-util (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7ab7edc7cfa5c4bd5b84454746103bcf43864d117d2dfff998d18b32d607b2f8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
openbugbounty
openbugbounty
added 2022/04/24 7:4 p.m.12 views

edu-knigi.com Cross Site Scripting vulnerability OBB-2551895

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Exploits0
openvas
openvas
added 2022/02/15 12:0 a.m.18 views

Debian: Security Advisory (DSA-5072-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.7AI score0.01615EPSS
Exploits0References4
nessus
nessus
added 2022/02/14 12:0 a.m.24 views

Debian DSA-5072-1 : debian-edu-config - security update

The remote Debian 10 / 11 host has a package installed that is affected by a vulnerability as referenced in the dsa-5072 advisory. - It was discovered, that debian-edu-config, a set of configuration files used for the Debian Edu blend, before 2.12.16 configured insecure permissions for the user w...

9.8CVSS8.3AI score0.01615EPSS
Exploits0References6
nessus
nessus
added 2022/02/13 12:0 a.m.24 views

Debian DLA-2918-1 : debian-edu-config - LTS security update

The remote Debian 9 host has a package installed that is affected by a vulnerability as referenced in the dla-2918 advisory. Marcel Neumann, Robert Altschaffel, Loris Guba and Dustin Hermann discovered that debian-edu-config, a set of configuration files used for the Debian Edu blend configured...

9.8CVSS8.1AI score0.01615EPSS
Exploits0References5
osv
osv
added 2022/02/12 12:0 a.m.22 views

DLA-2918-1 debian-edu-config - security update

Bulletin has no description...

9.8CVSS9.4AI score0.01615EPSS
Exploits0
openvas
openvas
added 2022/02/12 12:0 a.m.21 views

Debian: Security Advisory (DLA-2918-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.7AI score0.01615EPSS
Exploits0References4
debian
debian
added 2022/02/11 9:39 p.m.29 views

[SECURITY] [DLA 2918-1] debian-edu-config security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-2918-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta February 12, 2022 https://wiki.debian.org/LTS -...

9.8CVSS9.5AI score0.01615EPSS
Exploits0
nvd
nvd
added 2022/02/11 8:15 p.m.27 views

CVE-2021-20001

It was discovered, that debian-edu-config, a set of configuration files used for the Debian Edu blend, before 2.12.16 configured insecure permissions for the user web shares /publichtml, which could result in privilege escalation...

9.8CVSS0.01615EPSS
Exploits0References4
osv
osv
added 2022/02/11 8:15 p.m.9 views

CVE-2021-20001

It was discovered, that debian-edu-config, a set of configuration files used for the Debian Edu blend, before 2.12.16 configured insecure permissions for the user web shares /publichtml, which could result in privilege escalation...

9.8CVSS9.5AI score
Exploits0References4
osv
osv
added 2022/02/11 8:15 p.m.1 views

DEBIAN-CVE-2021-20001

It was discovered, that debian-edu-config, a set of configuration files used for the Debian Edu blend, before 2.12.16 configured insecure permissions for the user web shares /publichtml, which could result in privilege escalation...

9.8CVSS8.6AI score0.01615EPSS
Exploits0References1
prion
prion
added 2022/02/11 8:15 p.m.17 views

Privilege escalation

It was discovered, that debian-edu-config, a set of configuration files used for the Debian Edu blend, before 2.12.16 configured insecure permissions for the user web shares /publichtml, which could result in privilege escalation...

7.5CVSS9.4AI score0.01615EPSS
Exploits0References4Affected Software2
cvelist
cvelist
added 2022/02/11 7:50 p.m.22 views

CVE-2021-20001

It was discovered, that debian-edu-config, a set of configuration files used for the Debian Edu blend, before 2.12.16 configured insecure permissions for the user web shares /publichtml, which could result in privilege escalation...

9.7AI score0.01615EPSS
Exploits0References4
cve
cve
added 2022/02/11 7:50 p.m.110 views

CVE-2021-20001

CVE-2021-20001 affects debian-edu-config prior to 2.12.16, where insecure permissions on user web shares (~/public_html) could allow privilege escalation. Debian advisories (DSA-5072-1, DLA-2918-1) document the issue and its fix; for Debian 9, the fix is in 1.929+deb9u5. Multiple feeds (NVD entry...

9.8CVSS9.3AI score0.01615EPSS
Exploits0References4Affected Software1
debiancve
debiancve
added 2022/02/11 7:50 p.m.60 views

CVE-2021-20001

It was discovered, that debian-edu-config, a set of configuration files used for the Debian Edu blend, before 2.12.16 configured insecure permissions for the user web shares /publichtml, which could result in privilege escalation...

9.8CVSS9.5AI score0.01615EPSS
Exploits0
debian
debian
added 2022/02/11 6:26 p.m.22 views

[SECURITY] [DSA 5072-1] debian-edu-config security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5072-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 11, 2022 https://www.debian.org/security/faq -...

9.8CVSS9.5AI score0.01615EPSS
Exploits0
osv
osv
added 2022/02/11 12:0 a.m.16 views

DSA-5072-1 debian-edu-config - security update

Bulletin has no description...

9.8CVSS9.4AI score0.01615EPSS
Exploits0
veracode
veracode
added 2022/02/08 12:52 a.m.28 views

Privilege Escalation

debian-edu-config is vulnerable to privilege escalation. The vulnerability exists due to lack of validation of the authorization in the configuration files...

9.8CVSS3.5AI score0.01615EPSS
Exploits0References5Affected Software1
openbugbounty
openbugbounty
added 2022/01/20 12:50 p.m.8 views

edu-science.com Improper Access Control vulnerability OBB-2341203

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

0.1AI score
Exploits0
Rows per page
Query Builder