Lucene search
K

16996 matches found

UbuntuCve
UbuntuCve
added 2019/07/29 6:15 p.m.43 views

CVE-2019-14271

In Docker 19.03.x before 19.03.1 linked against the GNU C Library aka glibc, code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container...

9.8CVSS7.2AI score0.18828EPSS
Exploits3References3
CVE
CVE
added 2019/07/29 5:5 p.m.210 views

CVE-2019-14271

CVE-2019-14271 affects Docker 19.03.x (before 19.03.1) where, when glibc is linked, code injection can occur as the nsswitch facility dynamically loads a library inside a chroot containing the container contents. This is a container-escape risk with network-attack vector observed in the descripti...

9.8CVSS9.3AI score0.18828EPSS
Exploits3References6Affected Software1
Debian CVE
Debian CVE
added 2019/07/29 5:5 p.m.37 views

CVE-2019-14271

In Docker 19.03.x before 19.03.1 linked against the GNU C Library aka glibc, code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container...

9.8CVSS7.8AI score0.18828EPSS
Exploits3
AlpineLinux
AlpineLinux
added 2019/07/29 5:5 p.m.63 views

CVE-2019-14271

In Docker 19.03.x before 19.03.1 linked against the GNU C Library aka glibc, code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container...

9.8CVSS9.6AI score0.18828EPSS
Exploits3
CNVD
CNVD
added 2019/07/29 12:0 a.m.1 views

GNU patch arbitrary file upload vulnerability

GNU patch is a set of tools from the GNU Project for generating patch files. GNU patch arbitrary file upload vulnerability. An attacker can exploit this vulnerability by creating symbolic links to overwrite arbitrary files with elevated privileges...

5.9CVSS7.1AI score0.03927EPSS
Exploits0References1
CNVD
CNVD
added 2019/07/29 12:0 a.m.1 views

GNU patch code execution vulnerability

GNU patch is a set of tools from the GNU Project for generating patch files. A security vulnerability exists in GNU patch version 2.7.5-1+deb8u3. An attacker can exploit the vulnerability to execute code...

9.3CVSS7.8AI score0.0453EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2019/07/29 12:0 a.m.64 views

Fedora Update for dtkcore FEDORA-2019-3d418f349c

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7CVSS5.6AI score0.00443EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/07/29 12:0 a.m.28 views

Debian DSA-4489-1 : patch - security update

Imre Rad discovered several vulnerabilities in GNU patch, leading to shell command injection or escape from the working directory and access and overwrite files, if specially crafted patch files are processed. This update includes a bugfix for a regression introduced by the patch to address...

9.3CVSS6.9AI score0.0556EPSS
Exploits0References9
Debian
Debian
added 2019/07/27 5:46 p.m.260 views

[SECURITY] [DSA 4489-1] patch security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4489-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 27, 2019 https://www.debian.org/security/faq -...

9.3CVSS8.4AI score0.0556EPSS
Exploits0
NVD
NVD
added 2019/07/26 1:15 p.m.18 views

CVE-2019-13638

GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156...

9.3CVSS7.6AI score0.0453EPSS
Exploits0References15
OSV
OSV
added 2019/07/26 1:15 p.m.5 views

AZL-35106 CVE-2019-13638 affecting package patch for versions less than 2.7.6-9

GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156...

7.8CVSS7.1AI score0.0453EPSS
Exploits0References1
OSV
OSV
added 2019/07/26 1:15 p.m.1 views

ALPINE-CVE-2019-13638

GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156...

7.8CVSS7.5AI score0.0453EPSS
Exploits0References1
OSV
OSV
added 2019/07/26 1:15 p.m.5 views

AZL-6790 CVE-2019-13638 affecting package patch for versions less than 2.7.6-7

GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156...

7.8CVSS7.1AI score0.0453EPSS
Exploits0References1
OSV
OSV
added 2019/07/26 1:15 p.m.39 views

CVE-2019-13638

GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156...

7.8CVSS7.8AI score0.0453EPSS
Exploits0References15
Prion
Prion
added 2019/07/26 1:15 p.m.18 views

Command injection

GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156...

9.3CVSS7.7AI score0.0556EPSS
Exploits0References15Affected Software2
CVE
CVE
added 2019/07/26 12:22 p.m.900 views

CVE-2019-13638

CVE-2019-13638 affects GNU patch up to version 2.7.6. It enables OS shell command injection when processing a crafted patch file containing an ed-style diff payload with shell metacharacters; the ed editor need not be present on the target system. Multiple connected advisories confirm vulnerable ...

9.3CVSS7.8AI score0.0453EPSS
Exploits0References15Affected Software1
Debian CVE
Debian CVE
added 2019/07/26 12:22 p.m.31 views

CVE-2019-13638

GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156...

9.3CVSS8.2AI score0.0453EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2019/07/26 12:22 p.m.64 views

CVE-2019-13638

GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156...

9.3CVSS8.1AI score0.0453EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2019/07/25 3:25 p.m.42 views

Security Bulletin: Vyatta 5600 vRouter Software Patches - Release 1801-za

Summary AT&T has released versions 1801-za for the Vyatta 5600. Details of these releases can be found at https://cloud.ibm.com/docs/infrastructure/virtual-router-appliance?topic=virtual-router-appliance-at-t-vyatta-5600-vrouter-software-patchesat-t-vyatta-5600-vrouter-software-patches...

9.8CVSS1.1AI score0.98745EPSS
Exploits46Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/07/25 12:0 a.m.41 views

EulerOS 2.0 SP8 : binutils (EulerOS-SA-2019-1790)

According to the versions of the binutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A NULL pointer dereference aka SEGV on unknown address 0x000000000000 was discovered in workstuffcopytofrom in cplus-dem.c in GNU libiberty, a...

7.8CVSS6.9AI score0.05229EPSS
Exploits2References3
Rows per page
Query Builder