Lucene search
K

9 matches found

Positive Technologies
Positive Technologies
added 2025/09/19 12:0 a.m.6 views

PT-2025-38611

Name of the Vulnerable Software and Affected Versions Vasion Print formerly PrinterLogic Virtual Appliance Host and Application VA and SaaS deployments affected versions not specified Description The Vasion Print Virtual Appliance Host and Application has overly-permissive filesystem permissions...

9.3CVSS6.8AI score0.00475EPSS
Exploits1References10
Amazon
Amazon
added 2024/12/19 12:0 a.m.15 views

Medium: apr

Issue Overview: Lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local users read access to named shared memory segments, potentially revealing sensitive application data. This issue does not affect non-Unix platforms, or builds with APRUSESHMEMSHMGET=1 apr...

5.5CVSS5.7AI score0.00332EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2024/11/01 7:0 a.m.4 views

Apache Portable Runtime (APR): Unexpected lax shared memory permissions

...

5.5CVSS7AI score0.00332EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/09/04 12:0 a.m.21 views

Fedora 40 : apr (2024-b40491b84b)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-b40491b84b advisory. This update to the apr package fixes a security issue in the handling of shared memory permissions. SECURITY: CVE-2023-49582: Apache Portable Runtime APR:...

5.5CVSS6.4AI score0.00332EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2023/04/12 8:40 p.m.26 views

OpenFeature Operator vulnerable to Cluster-level Privilege Escalation

Impact On a node controlled by an attacker or malicious user, the lax permissions configured on open-feature-operator-controller-manager can be used to further escalate the privileges of any service account in the cluster. The increased privileges could be used to modify cluster state, leading to...

8.8CVSS8.2AI score0.00659EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2023/04/12 12:0 a.m.4 views

PT-2023-22090 · Unknown · Openfeature Operator

Name of the Vulnerable Software and Affected Versions: OpenFeature Operator versions prior to 0.2.32 Description: The issue allows an attacker to escalate the privileges of any service account in the cluster, assuming the pre-existence of a vulnerability that enables arbitrary code execution. Thi...

8.8CVSS8AI score0.00659EPSS
Exploits0References9
OSV
OSV
added 2018/06/17 8:29 p.m.2 views

DEBIAN-CVE-2018-12029

A race condition in the nginx module in Phusion Passenger 3.x through 5.x before 5.3.2 allows local escalation of privileges when a non-standard passengerinstanceregistrydir with insufficiently strict permissions is configured. Replacing a file with a symlink after the file was created, but befor...

7CVSS6.7AI score0.00276EPSS
Exploits0References1
CNVD
CNVD
added 2015/11/04 12:0 a.m.3 views

Design Vulnerability in Baidu Moplus SDK (WormHole Vulnerability)

The Moplus SDK is a public development kit developed in-house by Baidu, which is integrated into numerous Android applications. The "WormHole" vulnerability exists in Baidu's Moplus SDK, which is mainly used to enhance the expansion of Baidu's search engine in smart terminals, and to realize the...

6.7AI score
Exploits0References1
securityvulns
securityvulns
added 2002/05/21 12:0 a.m.35 views

Security Advisory FreeBSD-SA-02:25.bzip2

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-02:25 Security Advisory The FreeBSD Project Topic: bzip2 contains multiple security vulnerabilities Category: core/ports Module: bzip2 Announced: 2002-05-20 Credits: Volker...

6.9AI score
Exploits0
Rows per page
Query Builder