Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

225 matches found

OSV
OSVadded 2022/02/25 11:15 a.m.25 views

CVE-2022-25328

The bashcompletion script for fscrypt allows injection of commands via crafted mountpoint paths, allowing privilege escalation under a specific set of circumstances. A local user who has control over mountpoint paths could potentially escalate their privileges if they create a malicious mountpoin...

7.3CVSS7.7AI score
Exploits0References1
Prion
Prionadded 2022/02/25 11:15 a.m.16 views

Code injection

The PAM module for fscrypt doesn't adequately validate fscrypt metadata files, allowing users to create malicious metadata files that prevent other users from logging in. A local user can cause a denial of service by creating a fscrypt metadata file that prevents other users from logging into the...

2.1CVSS5.3AI score0.00107EPSS
Exploits0References1Affected Software1
Prion
Prionadded 2022/02/25 11:15 a.m.12 views

Design/Logic Flaw

fscrypt through v0.3.2 creates a world-writable directory by default when setting up a filesystem, allowing unprivileged users to exhaust filesystem space. We recommend upgrading to fscrypt 0.3.3 or above and adjusting the permissions on existing fscrypt metadata directories where applicable...

2.1CVSS5.3AI score0.00126EPSS
Exploits0References1Affected Software1
Prion
Prionadded 2022/02/25 11:15 a.m.15 views

Design/Logic Flaw

The bashcompletion script for fscrypt allows injection of commands via crafted mountpoint paths, allowing privilege escalation under a specific set of circumstances. A local user who has control over mountpoint paths could potentially escalate their privileges if they create a malicious mountpoin...

7.2CVSS7.6AI score0.00195EPSS
Exploits0References1Affected Software1
OSV
OSVadded 2022/02/25 11:15 a.m.0 views

UBUNTU-CVE-2022-25326

fscrypt through v0.3.2 creates a world-writable directory by default when setting up a filesystem, allowing unprivileged users to exhaust filesystem space. We recommend upgrading to fscrypt 0.3.3 or above and adjusting the permissions on existing fscrypt metadata directories where applicable...

5.5CVSS5.8AI score0.00126EPSS
Exploits0References4
OSV
OSVadded 2022/02/25 11:15 a.m.1 views

UBUNTU-CVE-2022-25328

The bashcompletion script for fscrypt allows injection of commands via crafted mountpoint paths, allowing privilege escalation under a specific set of circumstances. A local user who has control over mountpoint paths could potentially escalate their privileges if they create a malicious mountpoin...

7.3CVSS7.1AI score0.00195EPSS
Exploits0References4
OSV
OSVadded 2022/02/25 11:15 a.m.0 views

UBUNTU-CVE-2022-25327

The PAM module for fscrypt doesn't adequately validate fscrypt metadata files, allowing users to create malicious metadata files that prevent other users from logging in. A local user can cause a denial of service by creating a fscrypt metadata file that prevents other users from logging into the...

5.5CVSS5.8AI score0.00107EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2022/02/25 11:0 a.m.4 views

CVE-2022-25328 Privilege escalation through command injection in fscrypt

The bashcompletion script for fscrypt allows injection of commands via crafted mountpoint paths, allowing privilege escalation under a specific set of circumstances. A local user who has control over mountpoint paths could potentially escalate their privileges if they create a malicious mountpoin...

5CVSS7.7AI score0.00195EPSS
Exploits0References1
Cvelist
Cvelistadded 2022/02/25 11:0 a.m.36 views

CVE-2022-25328 Privilege escalation through command injection in fscrypt

The bashcompletion script for fscrypt allows injection of commands via crafted mountpoint paths, allowing privilege escalation under a specific set of circumstances. A local user who has control over mountpoint paths could potentially escalate their privileges if they create a malicious mountpoin...

5CVSS7.9AI score0.00195EPSS
Exploits0References1
CVE
CVEadded 2022/02/25 11:0 a.m.99 views

CVE-2022-25328

The CVE-2022-25328 issue concerns the bash_completion script in Google fscrypt. The vulnerability arises from the bash_completion mechanism: a local attacker who can influence mountpoint paths can inject commands through crafted mountpoint names when the script performs completion. This could lea...

7.3CVSS6.5AI score0.00195EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVEadded 2022/02/25 11:0 a.m.38 views

CVE-2022-25328

The bashcompletion script for fscrypt allows injection of commands via crafted mountpoint paths, allowing privilege escalation under a specific set of circumstances. A local user who has control over mountpoint paths could potentially escalate their privileges if they create a malicious mountpoin...

7.3CVSS7.6AI score0.00195EPSS
Exploits0
Vulnrichment
Vulnrichmentadded 2022/02/25 11:0 a.m.4 views

CVE-2022-25327 Local Denial of Service in fscrypt PAM module

The PAM module for fscrypt doesn't adequately validate fscrypt metadata files, allowing users to create malicious metadata files that prevent other users from logging in. A local user can cause a denial of service by creating a fscrypt metadata file that prevents other users from logging into the...

5.5CVSS5.3AI score0.00107EPSS
Exploits0References1
Cvelist
Cvelistadded 2022/02/25 11:0 a.m.23 views

CVE-2022-25327 Local Denial of Service in fscrypt PAM module

The PAM module for fscrypt doesn't adequately validate fscrypt metadata files, allowing users to create malicious metadata files that prevent other users from logging in. A local user can cause a denial of service by creating a fscrypt metadata file that prevents other users from logging into the...

5.5CVSS5.6AI score0.00107EPSS
Exploits0References1
CVE
CVEadded 2022/02/25 11:0 a.m.84 views

CVE-2022-25327

CVE-2022-25327 affects the PAM module for fscrypt, where inadequate validation of fscrypt metadata files lets a local user craft malicious metadata to cause a denial of service, preventing other users from logging in. The documented remediation is to upgrade to version 0.3.3 or above. The connect...

5.5CVSS5.5AI score0.00107EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVEadded 2022/02/25 11:0 a.m.50 views

CVE-2022-25327

The PAM module for fscrypt doesn't adequately validate fscrypt metadata files, allowing users to create malicious metadata files that prevent other users from logging in. A local user can cause a denial of service by creating a fscrypt metadata file that prevents other users from logging into the...

5.5CVSS5.3AI score0.00107EPSS
Exploits0
Vulnrichment
Vulnrichmentadded 2022/02/25 11:0 a.m.4 views

CVE-2022-25326 Denial of Service in fscrypt

fscrypt through v0.3.2 creates a world-writable directory by default when setting up a filesystem, allowing unprivileged users to exhaust filesystem space. We recommend upgrading to fscrypt 0.3.3 or above and adjusting the permissions on existing fscrypt metadata directories where applicable...

5.5CVSS5.3AI score0.00126EPSS
Exploits0References1
CVE
CVEadded 2022/02/25 11:0 a.m.82 views

CVE-2022-25326

CVE-2022-25326 relates to the fscrypt project up to version 0.3.2, where during filesystem setup a world-writable directory is created by default. This behavior allows unprivileged local users to exhaust filesystem space. The public records consistently recommend upgrading to fscrypt 0.3.3 or new...

5.5CVSS5.5AI score0.00126EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2022/02/25 11:0 a.m.21 views

CVE-2022-25326 Denial of Service in fscrypt

fscrypt through v0.3.2 creates a world-writable directory by default when setting up a filesystem, allowing unprivileged users to exhaust filesystem space. We recommend upgrading to fscrypt 0.3.3 or above and adjusting the permissions on existing fscrypt metadata directories where applicable...

5.5CVSS5.7AI score0.00126EPSS
Exploits0References1
Debian CVE
Debian CVEadded 2022/02/25 11:0 a.m.53 views

CVE-2022-25326

fscrypt through v0.3.2 creates a world-writable directory by default when setting up a filesystem, allowing unprivileged users to exhaust filesystem space. We recommend upgrading to fscrypt 0.3.3 or above and adjusting the permissions on existing fscrypt metadata directories where applicable...

5.5CVSS5.3AI score0.00126EPSS
Exploits0
Positive Technologies
Positive Technologiesadded 2022/02/25 12:0 a.m.2 views

PT-2022-17215 · Fscrypt +1 · Fscrypt +1

Name of the Vulnerable Software and Affected Versions: fscrypt versions prior to 0.3.3 Description: The PAM module for fscrypt does not adequately validate fscrypt metadata files, allowing users to create malicious metadata files that prevent other users from logging in. A local user can cause a...

7.3CVSS5.7AI score0.00195EPSS
Exploits0References28
Rows per page
Query Builder