Kubernetes 输入验证错误漏洞

Kubernetes is an open source Docker container cluster management system from the American Linux Foundation. The system provides resource scheduling, deployment operations, service discovery, and scale-up and scale-down for containerized applications. kubernetes has a security vulnerability that c...

Vulnerability fixed in Red Hat OpenShift Container Platform

A vulnerability has been fixed in runc, a component of Red Hat OpenShift Container Platform. The vulnerability allows a malicious user under certain circumstances to themselves, through a rogue container image, to gain access to the host's file system. For more information about the vulnerability...

Cisco SD-WAN Software Arbitrary File Corruption Vulnerability

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying file system of an affected system. This vulnerability is due to insufficient validation of the user-supplied input parameters of a specific CLI command. ...

Cisco IOS XE SD-WAN Software 安全漏洞

Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. An arbitrary file overwrite vulnerability exists in the CLI for SD-WAN for Cisco IOS XE. The vulnerability stems from insufficient validation of parameters for specific CLI...

CVE-2021-3341

A path traversal vulnerability in the DxWebEngine component of DH2i DxEnterprise and DxOdyssey for Windows, version 19.5 through 20.x before 20.0.219.0, allows an attacker to read any file on the host file system via an HTTP request...

Kubernetes SIGs Secrets-store-csi-driver path traversal vulnerability

Kubernetes SIGs Secrets-store-csi-driver is a K8s component for storing confidential files based on CSI volumes from the Kubernetes SIGs organization. A security vulnerability exists in Kubernetes Secrets Store CSI Driver versions v0.0.15 and v0.0.16, which can be exploited by an attacker to modi...

CVE-2020-3476 Cisco IOS XE Software Arbitrary File Overwrite Vulnerability

A vulnerability in the CLI implementation of a specific command of Cisco IOS XE Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying host file system. The vulnerability is due to insufficient validation of the parameters of a specific CLI command. A...

CVE-2020-3476 Cisco IOS XE Software Arbitrary File Overwrite Vulnerability

A vulnerability in the CLI implementation of a specific command of Cisco IOS XE Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying host file system. The vulnerability is due to insufficient validation of the parameters of a specific CLI command. A...

CVE-2020-7377 Rapid7 Metasploit Framework Relative Path Traversal in telpho10_credential_dump module

The Metasploit Framework module "auxiliary/admin/http/telpho10credentialdump" module is affected by a relative path traversal vulnerability in the untar method which can be exploited to write arbitrary files to arbitrary locations on the host file system when the module is run on a malicious HTTP...

Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2018-1321)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Portainer Access Control Error Vulnerability

Portainer is an open source lightweight management UI that allows you to easily manage docker hosts or clusters. An access control error vulnerability exists in Portainer versions prior to 1.22.1. An attacker can exploit this vulnerability to gain full privileges to the host file system via the...

Docker - Container Escape

On the host docker run --rm -it --cap-add=SYSADMIN --security-opt apparmor=unconfined ubuntu bash In the container mkdir /tmp/cgrp && mount -t cgroup -o rdma cgroup /tmp/cgrp && mkdir /tmp/cgrp/x echo 1 /tmp/cgrp/x/notifyonrelease hostpath=sed -n 's/.\perdir=^,./\1/p' /etc/mtab echo...

runc: Execution of malicious containers allows for container escape and access to host filesystem

A flaw was found in the way runc handled system file descriptors when running containers. A malicious container could use this flaw to overwrite contents of the runc binary and consequently run arbitrary commands on the container host system...

Denial Of Service (DoS)

openstack-nova is vulnerable to denial of service DoS attacks. The vulnerability exists as OpenStack Compute Nova Folsom, Grizzly, and Havana does not properly verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service host file system disk consumption via a...

VMware Tools Out-of-Bounds Read Vulnerability

VMware Tools is a set of enhancements that come with VMware's VMWare virtual machines. It is a set of drivers provided by VMware to enhance the performance of virtual graphics cards and hard drives, as well as to synchronize the clocks of the virtual machines with those of the host computer. An...

DEBIAN-CVE-2017-7471

Quick Emulator Qemu built with the VirtFS, host directory sharing via Plan 9 File System 9pfs support, is vulnerable to an improper access control issue. It could occur while accessing files on a shared host directory. A privileged user inside guest could use this flaw to access host file system...

CVE-2017-7471

Quick Emulator Qemu built with the VirtFS, host directory sharing via Plan 9 File System 9pfs support, is vulnerable to an improper access control issue. It could occur while accessing files on a shared host directory. A privileged user inside guest could use this flaw to access host file system...

Input validation

Qemu before version 2.9 is vulnerable to an improper link following when built with the VirtFS. A privileged user inside guest could use this flaw to access host file system beyond the shared folder and potentially escalating their privileges on a host...

CVE-2016-9602

Qemu before version 2.9 is vulnerable to an improper link following when built with the VirtFS. A privileged user inside guest could use this flaw to access host file system beyond the shared folder and potentially escalating their privileges on a host...

CVE-2016-9602

CVE-2016-9602 is tied to QEMU (qemu-kvm) built with VirtFS where, before version 2.9, a privileged guest user can trigger an improper link following to access the host filesystem outside the shared folder, potentially escalating privileges on the host. The connected EulerOS advisory confirms this...