102 matches found
Prototype Pollution in vm2
This affects the package vm2 before 3.9.4. Prototype Pollution attack vector can lead to sandbox escape and execution of arbitrary code on the host machine...
CVE-2021-23449
This affects the package vm2 before 3.9.4 via a Prototype Pollution attack vector, which can lead to execution of arbitrary code on the host machine...
Remote code execution
Microsoft discovered a remote code execution RCE vulnerability in the SolarWinds Serv-U product utilizing a Remote Memory Escape Vulnerability. If exploited, a threat actor may be able to gain privileged access to the machine hosting Serv-U Only. SolarWinds Serv-U Managed File Transfer and Serv-U...
CVE-2020-24264
Portainer 1.24.1 and earlier is affected by incorrect access control that may lead to remote arbitrary code execution. The restriction checks for bind mounts are applied only on the client-side and not the server-side, which can lead to spawning a container with bind mount. Once such a container ...
CVE-2020-24264
Portainer 1.24.1 and earlier is affected by incorrect access control that may lead to remote arbitrary code execution. The restriction checks for bind mounts are applied only on the client-side and not the server-side, which can lead to spawning a container with bind mount. Once such a container ...
CVE-2020-24264
Portainer 1.24.1 and earlier is affected by incorrect access control that may lead to remote arbitrary code execution. The restriction checks for bind mounts are applied only on the client-side and not the server-side, which can lead to spawning a container with bind mount. Once such a container ...
CVE-2020-9480
In Apache Spark 2.4.5 and earlier, a standalone resource manager's master may be configured to require authentication spark.authenticate via a shared secret. When enabled, however, a specially-crafted RPC to the master can succeed in starting an application's resources on the Spark cluster, even...
CVE-2020-7710
This affects all versions of package safe-eval. It is possible for an attacker to run an arbitrary command on the host machine...
Command injection
This affects all versions of package safe-eval. It is possible for an attacker to run an arbitrary command on the host machine...
CVE-2020-7710 Sandbox Escape
This affects all versions of package safe-eval. It is possible for an attacker to run an arbitrary command on the host machine...
Directory Traversal
ceph is vulnerable to directory traversal. An unauthenticated attacker is able to exploit the vulnerability to cause information disclosure on the host machine running the Ceph dashboard...
Docker Privileged Container Escape
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework POC modified from https://blog.trailofbits.com/2019/07/19/understanding-docker-container-escapes/ class MetasploitModule 'Docker Privileged Container Escape',...
Path traversal
A path traversal via the iniFile parameter in excel.php in Blaauw Remote Kiln Control through v3.00r4 allows an authenticated attacker to download arbitrary files from the host machine...
CVE-2019-18864
/server-info and /server-status in Blaauw Remote Kiln Control through v3.00r4 allow an unauthenticated attacker to gain sensitive information about the host machine...
The vulnerability of the TriStation 1131 security logic analysis software lies in the presence of a pre-installed account, which allows a perpetrator to gain unauthorized access to the TriStation host machine.
The vulnerability of the TriStation 1131 security logic analysis software is related to the presence of a pre-installed account. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to the TriStation host machine...
CVE-2020-1699
A path traversal flaw was found in the Ceph dashboard implemented in upstream versions v14.2.5, v14.2.6, v15.0.0 of Ceph storage and has been fixed in versions 14.2.7 and 15.1.0. An unauthenticated attacker could use this flaw to cause information disclosure on the host machine running the Ceph...
CVE-2020-7485
VERSION NOT SUPPORTED WHEN ASSIGNED A legacy support account in the TriStation software version v4.9.0 and earlier could cause improper access to the TriStation host machine. This was addressed in TriStation version v4.9.1 and v4.10.1 released on May 30, 2013.1...
RCE in LibreOffice and OpenOffice via the Apache UNO API
LibreOffice and OpenOffice are vulnerable to RCE via the Apache UNO API if either program is running as a listener on the host machine. Recent assessments: space-r7 at September 12, 2019 6:07pm UTC reported: Details The soffice binary allows passing arguments in order to listen on a host ip and...
CVE-2020-1699
A path traversal flaw was found in the Ceph dashboard implemented in Ceph storage. An unauthenticated attacker could use this flaw to cause information disclosure on the host machine running the Ceph dashboard...
hw: Machine Check Error on Page Size Change (IFU)
A flaw was found in the way Intel CPUs handle inconsistency between, virtual to physical memory address translations in CPU's local cache and system software's Paging structure entries. A privileged guest user may use this flaw to induce a hardware Machine Check Error on the host processor,...