Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:0 a.m.11 views

CVE-2020-7468

In FreeBSD 12.2-STABLE before r365772, 11.4-STABLE before r365773, 12.1-RELEASE before p10, 11.4-RELEASE before p4 and 11.3-RELEASE before p14 a ftpd8 bug in the implementation of the file system sandbox, combined with capabilities available to an authenticated FTP user, can be used to escape the...

9CVSS6.8AI score0.0135EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2025/02/19 4:46 p.m.7 views

CVE-2025-24965

crun is an open source OCI Container Runtime fully written in C. In affected versions A malicious container image could trick the krun handler into escaping the root filesystem, allowing file creation or modification on the host. No special permissions are needed, only the ability for the current...

8.5CVSS7.8AI score0.00533EPSS
Exploits0
CVE
CVE
added 2025/02/19 4:46 p.m.94 views

CVE-2025-24965

CVE-2025-24965 affects crun, an OCI container runtime written in C. A malicious container image could abuse the krun handler to escape the container root filesystem and create or modify files on the host, requiring no special permissions beyond write access to the target file. Affected versions a...

8.5CVSS8.5AI score0.00533EPSS
Exploits0References3
OSV
OSV
added 2025/02/19 4:46 p.m.7 views

CVE-2025-24965 .krun_config.json symlink attack creates or overwrites file on the host in crun

crun is an open source OCI Container Runtime fully written in C. In affected versions A malicious container image could trick the krun handler into escaping the root filesystem, allowing file creation or modification on the host. No special permissions are needed, only the ability for the current...

8.5CVSS8.1AI score0.00533EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2022/01/28 7:9 p.m.10 views

CVE-2021-31567 WordPress Download Monitor plugin <= 4.4.6 - Authenticated Arbitrary File Download vulnerability

Authenticated admin+ Arbitrary File Download vulnerability discovered in Download Monitor WordPress plugin versions = 4.4.6. The plugin allows arbitrary files, including sensitive configuration files such as wp-config.php, to be downloaded via the &downloadablefileurls0 parameter data. It's also...

6.8CVSS6.6AI score0.01391EPSS
Exploits0References3
Debian
Debian
added 2019/09/03 9:22 p.m.154 views

[SECURITY] [DSA 4513-1] samba security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4513-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 03, 2019 https://www.debian.org/security/faq -...

9.1CVSS8AI score0.03182EPSS
Exploits0
Rows per page
Query Builder