CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Software: postgresql14 14.16 OS: ROSA Virtualization 3.0 packageevrstring: postgresql14-14.16-1PGDG.rv30 CVE-ID: CVE-2024-10976 BDU-ID: 2024-09684 CVE-Crit: LOW CVE-DESC.: A vulnerability in the CREATE POLICY row-protected table security policy of the PostgreSQL database management system is...

8.8CVSS9.2AI score0.82364EPSS

Exploits11

RedhatCVE•added 2025/02/05 7:32 p.m.•8 views

CVE-2022-39321

GitHub Actions Runner is the application that runs a job from a GitHub Actions workflow. The actions runner invokes the docker cli directly in order to run job containers, service containers, or container actions. A bug in the logic for how the environment is encoded into these docker commands wa...

9.9CVSS7AI score0.0095EPSS

Exploits0References1

RedhatCVE•added 2025/02/05 9:0 a.m.•3 views

CVE-2024-38811

VMware Fusion 13.x before 13.6 contains a code-execution vulnerability due to the usage of an insecure environment variable. A malicious actor with standard user privileges may exploit this vulnerability to execute code in the context of the Fusion application...

8.8CVSS7.2AI score0.00128EPSS

Exploits0

The Hacker News•added 2024/11/15 6:40 a.m.•10 views

High-Severity Flaw in PostgreSQL Allows Hackers to Exploit Environment Variables

Cybersecurity researchers have disclosed a high-severity security flaw in the PostgreSQL open-source database system that could allow unprivileged users to alter environment variables, and potentially lead to code execution or information disclosure. The vulnerability, tracked as CVE-2024-10979 ,...

8.8CVSS9.5AI score0.06356EPSS

Exploits1

Vulnrichment•added 2023/06/02 12:0 a.m.•5 views

CVE-2023-28163

When downloading files through the Save As dialog on Windows with suggested filenames containing environment variable names, Windows would have resolved those in the context of the current user. This bug only affects Firefox on Windows. Other versions of Firefox are unaffected.. This vulnerabilit...

5.9AI score0.00139EPSS

Exploits0References4

OSV•added 2012/09/18 5:55 p.m.•3 views

CVE-2012-4425

libgio, when used in setuid or other privileged programs in spice-gtk and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUSSYSTEMBUSADDRESS environment variable. NOTE: it could be argued that this is a vulnerability in the applications that do...

7.1AI score

Exploits0References9

OSV•added 2006/04/06 10:4 p.m.•5 views

CVE-2006-1629

OpenVPN 2.0 through 2.0.5 allows remote malicious servers to execute arbitrary code on the client by using setenv with the LDPRELOAD environment variable...

7.4AI score

Exploits0References15

exploitpack•added 2005/02/07 12:0 a.m.•11 views

Exim 4.42 - Local Privilege Escalation

Exim 4.42 - Local Privilege Escalation !/bin/sh Local Lame R00T sploit for exim include int mainint argc, char argv char addrptr; addrptr = getenvargv1; printf"%s @ %p\n", argv1, addrptr; return 0; gcc @env.c -o @env cp @env /usr/bin cd /usr/exim/bin CODE=perl -e 'print...

0.8AI score

Exploits0

Exploit DB•added 2004/12/24 12:0 a.m.•70 views

Solaris 7/8/9 CDE LibDTHelp - Local Buffer Overflow (1)

/ $Id: raptorlibdthelp.c,v 1.1 2004/12/04 14:44:38 raptor Exp $ raptorlibdthelp.c - libDtHelp.so local, Solaris/SPARC 7/8/9 Copyright c 2003-2004 Marco Ivaldi Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary code via a modified DTHELPUSERSEARCHPATH environment...

7.2CVSS7AI score0.00628EPSS

Exploits13

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by