Lucene search
+L

325 matches found

CNNVD
CNNVD
added 2024/05/17 12:0 a.m.6 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from a memory leak in the drm/lima module...

5.5CVSS6.3AI score0.0021EPSS
Exploits0References10
Packet Storm
Packet Storm
added 2023/06/15 12:0 a.m.463 views

PyLoad 0.5.0 Remote Code Execution

Exploit Title: PyLoad 0.5.0 - Pre-auth Remote Code Execution RCE Date: 06-10-2023 Credits: bAu @bauh0lz Exploit Author: Gabriel Lima 0xGabe Vendor Homepage: https://pyload.net/ Software Link: https://github.com/pyload/pyload Version: 0.5.0 Tested on: Ubuntu 20.04.6 CVE: CVE-2023-0297 import...

9.8CVSS7.1AI score0.95845EPSS
Exploits13
Veracode
Veracode
added 2023/06/09 11:58 a.m.15 views

File System Sandbox Breakout

github.com/lima-vm/lima is vulnerable to a File System Sandbox Breakout. The vulnerability exists due to differential disk images used as the base image, which allows an attacker to aread files off the host machine...

2.7CVSS6.8AI score0.00268EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2023/05/31 11:38 p.m.54 views

In Lima, a malicious disk image could read a single file on the host filesystem as a qcow2/vmdk backing file

Note The official templates of Lima, and the well-known third party products Colima, Rancher Desktop, and Finch are unlikely to be affected by this issue. Impact A virtual machine instance with a malicious disk image could read a single file on the host filesystem, even when no filesystem is...

2.7CVSS6.6AI score0.00268EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2023/05/31 11:38 p.m.18 views

GHSA-F7QW-JJ9C-RPQ9 In Lima, a malicious disk image could read a single file on the host filesystem as a qcow2/vmdk backing file

Note The official templates of Lima, and the well-known third party products Colima, Rancher Desktop, and Finch are unlikely to be affected by this issue. Impact A virtual machine instance with a malicious disk image could read a single file on the host filesystem, even when no filesystem is...

2.7CVSS3.2AI score0.00268EPSS
Exploits0References5
NVD
NVD
added 2023/05/30 6:15 p.m.28 views

CVE-2023-32684

Lima launches Linux virtual machines, typically on macOS, for running containerd. Prior to version 0.16.0, a virtual machine instance with a malicious disk image could read a single file on the host filesystem, even when no filesystem is mounted from the host. The official templates of Lima and t...

2.7CVSS3.4AI score0.00268EPSS
Exploits0References3
Prion
Prion
added 2023/05/30 6:15 p.m.18 views

Path traversal

Lima launches Linux virtual machines, typically on macOS, for running containerd. Prior to version 0.16.0, a virtual machine instance with a malicious disk image could read a single file on the host filesystem, even when no filesystem is mounted from the host. The official templates of Lima and t...

1.2CVSS3.6AI score0.00268EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2023/05/30 5:19 p.m.31 views

CVE-2023-32684 In Lima, a malicious disk image could read a single file on the host filesystem as a qcow2/vmdk backing file

Lima launches Linux virtual machines, typically on macOS, for running containerd. Prior to version 0.16.0, a virtual machine instance with a malicious disk image could read a single file on the host filesystem, even when no filesystem is mounted from the host. The official templates of Lima and t...

2.7CVSS3.8AI score0.00268EPSS
Exploits0References3
CVE
CVE
added 2023/05/30 5:19 p.m.72 views

CVE-2023-32684

Lima (Linux VMs on macOS) prior to v0.16.0 allowed a malicious disk image to read a single host file via a qcow2/vmdk backing file path embedded in the image. It relies on the backing file path string from the instance directory, but Lima does not run as root, limiting full-disk access. The issue...

2.7CVSS3.2AI score0.00268EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/05/30 5:19 p.m.8 views

CVE-2023-32684 In Lima, a malicious disk image could read a single file on the host filesystem as a qcow2/vmdk backing file

Lima launches Linux virtual machines, typically on macOS, for running containerd. Prior to version 0.16.0, a virtual machine instance with a malicious disk image could read a single file on the host filesystem, even when no filesystem is mounted from the host. The official templates of Lima and t...

2.7CVSS3.5AI score0.00268EPSS
Exploits0References3
OSV
OSV
added 2023/05/30 5:19 p.m.22 views

CVE-2023-32684 In Lima, a malicious disk image could read a single file on the host filesystem as a qcow2/vmdk backing file

Lima launches Linux virtual machines, typically on macOS, for running containerd. Prior to version 0.16.0, a virtual machine instance with a malicious disk image could read a single file on the host filesystem, even when no filesystem is mounted from the host. The official templates of Lima and t...

2.7CVSS4.1AI score0.00268EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/05/30 12:0 a.m.7 views

PT-2023-23959 · Lima · Lima

Name of the Vulnerable Software and Affected Versions: Lima versions prior to 0.16.0 Description: A virtual machine instance with a malicious disk image could read a single file on the host filesystem, even when no filesystem is mounted from the host. The attacker has to embed the target file pat...

2.7CVSS6.7AI score0.00268EPSS
Exploits0References9
CNNVD
CNNVD
added 2023/05/30 12:0 a.m.6 views

Lima 安全漏洞

github lima is a software application. Linux virtual machine, on macOS aka "Linux-on-Mac", "macOS subsystem for Linux", "Mac containerd", unofficial. Mac containerd", unofficially A security vulnerability exists in versions prior to Lima 0.16.0 that stems from a virtual machine instance with a...

2.7CVSS4.9AI score0.00268EPSS
Exploits0References4
Openbugbounty
Openbugbounty
added 2023/05/04 3:55 p.m.15 views

camarasantarosadelima.sc.gov.br Cross Site Scripting vulnerability OBB-3293760

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6AI score
Exploits0
Openbugbounty
Openbugbounty
added 2021/08/20 9:27 a.m.16 views

skymater133.lima-city.de Cross Site Scripting vulnerability OBB-2120220

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Exploits0
Openbugbounty
Openbugbounty
added 2018/12/15 9:43 p.m.14 views

lima-airport.com XSS vulnerability

Open Bug Bounty ID: OBB-711458 Description| Value ---|--- Affected Website:| lima-airport.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden...

0.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/11/13 3:45 a.m.8 views

benziger.lima-city.de XSS vulnerability

Open Bug Bounty ID: OBB-697787 Description| Value ---|--- Affected Website:| benziger.lima-city.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:|...

Exploits0
Openbugbounty
Openbugbounty
added 2018/05/23 3:17 a.m.9 views

lima-airport.com XSS vulnerability

Open Bug Bounty ID: OBB-620626 Description| Value ---|--- Affected Website:| lima-airport.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
securityvulns
securityvulns
added 2011/08/05 12:0 a.m.61 views

Community Server - Stored Cross-Site Scripting in User's Signature

Community Server - Stored Cross-site Scripting in user's signature. - Product description: Community Server is a communities and collaboration web application developed by Telligent. It uses ASP.NET platform C and Microsoft SQL Server database. From it's 5.0 version, the software was renamed to...

Exploits0
Packet Storm
Packet Storm
added 2011/08/04 12:0 a.m.23 views

Telligent Community Server 5.x Cross Site Scripting

Editor's note: 4 Advisories are grouped together here. ======================================================================= Community Server - Stored Cross-site Scripting in user's signature. - Product description: Community Server is a communities and collaboration web application developed b...

7.4AI score
Exploits0
Rows per page
Query Builder