Lucene search
K

43 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2017-16647

Malware in sbrugna...

7.8CVSS7.7AI score0.01229EPSS
Exploits3References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2017-7956

Malware in sbrugna...

7.8CVSS7.7AI score0.00984EPSS
Exploits3References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2017-4151

Malware in sbrugna...

7.8CVSS7.7AI score0.01467EPSS
Exploits3References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-8013

Malware in sbrugna...

7CVSS6.9AI score0.00326EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-3351

Malware in sbrugna...

8.8CVSS8.8AI score0.01109EPSS
Exploits3References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-7417

Malware in sbrugna...

7.8CVSS7.7AI score0.00933EPSS
Exploits3References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-19756

Malicious code in bioql PyPI...

5.4CVSS6.3AI score
Exploits0References10
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-2640

Malicious code in bioql PyPI...

7.8CVSS7.5AI score0.00223EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/07/11 12:0 a.m.5 views

HashiCorp Vagrant Installed (macOS)

Binary data macosvagrantinstalled.nbin...

7.3AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/07/11 12:0 a.m.63 views

HashiCorp Vagrant 2.2.10 < 2.4.7 Code Injection (macOS)

The version of HashiCorp Vagrant installed on the remote host is 2.2.10 prior to 2.4.7. It is, therefore, is affected by a code injection vulnerability. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 8090...

5.7AI score
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/07/03 11:28 p.m.5 views

SUSE CVE-2025-34075

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Initially assigned to document an issues that allows guest VM to modify the host's Vagrantfile via default synced folder, leading to host-side code execution. Rejected as CVE due to documented, intended behavior that does...

6.6AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2025/07/02 9:32 p.m.16 views

HashiCorp Vagrant has code injection vulnerability through default synced folders

An authenticated virtual machine escape vulnerability exists in HashiCorp Vagrant versions 2.4.6 and below when using the default synced folder configuration. By design, Vagrant automatically mounts the host system’s project directory into the guest VM under /vagrant or C:\vagrant on Windows. Thi...

7.3AI score
Exploits0References10Affected Software1
OSV
OSV
added 2025/07/02 9:32 p.m.4 views

GHSA-HQP6-MJW3-F586 HashiCorp Vagrant has code injection vulnerability through default synced folders

An authenticated virtual machine escape vulnerability exists in HashiCorp Vagrant versions 2.4.6 and below when using the default synced folder configuration. By design, Vagrant automatically mounts the host system’s project directory into the guest VM under /vagrant or C:\vagrant on Windows. Thi...

5.4CVSS6.7AI score
Exploits0References11
NVD
NVD
added 2025/07/02 8:15 p.m.6 views

CVE-2025-34075

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Initially assigned to document an issues that allows guest VM to modify the host’s Vagrantfile via default synced folder, leading to host-side code execution. Rejected as CVE due to documented, intended...

Exploits0
Vulnrichment
Vulnrichment
added 2025/07/02 7:26 p.m.5 views

CVE-2025-34075

...

6.3AI score
Exploits0
CVE
CVE
added 2025/07/02 7:26 p.m.31 views

CVE-2025-34075

CVE-2025-34075 entry is labeled rejected/withdrawn by the CNA. Connected docs describe a guest-to-host code-execution vector in HashiCorp Vagrant via the default synced-folder Vagrantfile exposure: Vagrant mounts the host project directory (including Vagrantfile) into the guest, and an attacker w...

7.2AI score
Exploits0
Cvelist
Cvelist
added 2025/07/02 7:26 p.m.13 views

CVE-2025-34075

...

Exploits0
RubySec
RubySec
added 2025/07/02 12:0 a.m.11 views

HashiCorp Vagrant has code injection vulnerability through default synced folders

An authenticated virtual machine escape vulnerability exists in HashiCorp Vagrant versions 2.4.6 and below when using the default synced folder configuration. By design, Vagrant automatically mounts the host system’s project directory into the guest VM under /vagrant or C:\vagrant on Windows. Thi...

6.5AI score
Exploits0References1Affected Software1
OSV
OSV
added 2023/10/27 10:15 p.m.17 views

CVE-2023-5834

HashiCorp Vagrant's Windows installer targeted a custom location with a non-protected path that could be junctioned, introducing potential for unauthorized file system writes. Fixed in Vagrant 2.4.0...

7.8CVSS7.1AI score
Exploits0References1
CNNVD
CNNVD
added 2023/10/27 12:0 a.m.3 views

Vagrant Security Vulnerabilities

Vagrant is a command line utility for managing the lifecycle of virtual machines. Isolates dependencies and their configurations in a single disposable and consistent environment. A security vulnerability exists in HashiCorp Vagrant versions prior to 2.4.0 that stems from the presence of...

7.8CVSS6.8AI score0.00223EPSS
Exploits0References2
Rows per page
Query Builder