Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Packet Storm
Packet Stormadded 2018/10/05 12:0 a.m.31 views

Chrome OS /sbin/crash_reporter Symlink Traversal

Chrome OS: symlink traversal issue in /sbin/crashreporter Tested on: Version 69.0.3473.0 Official Build dev 64-bit CreateDirectoryWithSettings in https://chromium.googlesource.com/chromiumos/platform2/+/master/crash-reporter/crashcollector.cc107 is executed by /sbin/crashreporter every time a...

Exploits0
Packet Storm
Packet Stormadded 2018/09/27 12:0 a.m.48 views

AppArmor Filesystem Blacklisting Bypass

AppArmor: filesystem blacklisting can be bypassed by moving parents Some AppArmor policies attempt to blacklist access to specific directories while broadly granting write access to everything else. For example, the Firefox profile uses the user-files abstraction, which broadly permits write acce...

0.2AI score
Exploits0
Packet Storm
Packet Stormadded 2018/08/28 12:0 a.m.54 views

Wayland wl_connection_demarshal() Out-Of-Bounds Memory Access

Wayland: out-of-bounds memory access in wlconnectiondemarshal on 32-bit systems In wlconnectiondemarshal, incoming strings are parsed as follows: // audit note: length is a u32 // audit note: p points to raw incoming u32 length = p++; if length == 0 closure-argsi.s = NULL; break; // audit note:...

1AI score
Exploits0
Packet Storm
Packet Stormadded 2018/08/06 12:0 a.m.36 views

cgit cgit_clone_objects() Directory Traversal

cgit: directory traversal in cgitcloneobjects CVE-2018-14912 There is a directory traversal vulnerability in cgitcloneobjects, reachable when the configuration flag enable-http-clone is set to 1 default: void cgitcloneobjectsvoid if !ctx.qry.path cgitprinterrorpage400, "Bad request", "Bad request...

0.3AI score0.91123EPSS
Exploits7
Packet Storm
Packet Stormadded 2018/01/12 12:0 a.m.40 views

macOS process_policy Stack Leak

MacOS processpolicy stack leak through uninitialized field CVE-2017-7154 The syscall processpolicyscope=PROCPOLICYSCOPEPROCESS, action=PROCPOLICYACTIONGET, policy=PROCPOLICYRESOURCEUSAGE, policysubtype=PROCPOLICYRUSAGECPU, attrp=, targetpid=0, targetthreadid= causes 4 bytes of uninitialized kerne...

5.6CVSS7.5AI score0.00093EPSS
Exploits4
Packet Storm
Packet Stormadded 2017/09/07 12:0 a.m.59 views

Tor Linux Sandbox Breakout Via X11

Tor: Linux sandbox breakout via X11 From inside the Linux sandbox described in https://blog.torproject.org/blog/tor-browser-70-released, it is still possible to talk to the X server without any restrictions. This means that a compromised browser can e.g. use the XTEST X protocol extension at...

0.1AI score
Exploits0
seebug.org
seebug.orgadded 2017/05/23 12:0 a.m.35 views

VMWare Workstation On Linux Privilege Escalation

This vulnerability permits an unprivileged user on a Linux machine on which VMWare Workstation is installed to gain root privileges. The issue is that, for VMs with audio, the privileged VM host process loads libasound, which parses ALSA configuration files, including one at /.asoundrc. libasound...

7.2CVSS7.7AI score0.11558EPSS
Exploits11
0day.today
0day.todayadded 2017/03/22 12:0 a.m.68 views

OpenSSH On Cygwin SFTP Client Directory Traversal Vulnerability

Portable OpenSSH supports running on Cygwin. However, the SFTP client only filters out forward slashes in dolsreaddir and the directory names "." and ".." in downloaddirinternal. On Windows, including in Cygwin, backslashes can a lso be used for directory traversal. OpenSSH on Cygwin: directory...

7AI score
Exploits0
Rows per page
Query Builder