6 matches found
CVE-2020-7468
In FreeBSD 12.2-STABLE before r365772, 11.4-STABLE before r365773, 12.1-RELEASE before p10, 11.4-RELEASE before p4 and 11.3-RELEASE before p14 a ftpd8 bug in the implementation of the file system sandbox, combined with capabilities available to an authenticated FTP user, can be used to escape the...
CVE-2025-24965
crun is an open source OCI Container Runtime fully written in C. In affected versions A malicious container image could trick the krun handler into escaping the root filesystem, allowing file creation or modification on the host. No special permissions are needed, only the ability for the current...
CVE-2025-24965
CVE-2025-24965 affects crun, an OCI container runtime written in C. A malicious container image could abuse the krun handler to escape the container root filesystem and create or modify files on the host, requiring no special permissions beyond write access to the target file. Affected versions a...
CVE-2025-24965 .krun_config.json symlink attack creates or overwrites file on the host in crun
crun is an open source OCI Container Runtime fully written in C. In affected versions A malicious container image could trick the krun handler into escaping the root filesystem, allowing file creation or modification on the host. No special permissions are needed, only the ability for the current...
CVE-2021-31567 WordPress Download Monitor plugin <= 4.4.6 - Authenticated Arbitrary File Download vulnerability
Authenticated admin+ Arbitrary File Download vulnerability discovered in Download Monitor WordPress plugin versions = 4.4.6. The plugin allows arbitrary files, including sensitive configuration files such as wp-config.php, to be downloaded via the &downloadablefileurls0 parameter data. It's also...
[SECURITY] [DSA 4513-1] samba security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4513-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 03, 2019 https://www.debian.org/security/faq -...