34 matches found
CVE-2021-41091 Insufficiently restricted permissions on data directory in Docker Engine
Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where the data directory typically /var/lib/docker contained subdirectories with insufficiently restricted permissions, allowing otherwise unprivileged Linux users to traver...
CVE-2021-41091
Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where the data directory typically /var/lib/docker contained subdirectories with insufficiently restricted permissions, allowing otherwise unprivileged Linux users to traver...
Insufficiently restricted permissions on plugin directories
Impact A bug was found in containerd where container root directories and some plugins had insufficiently restricted permissions, allowing otherwise unprivileged Linux users to traverse directory contents and execute programs. When containers included executable programs with extended permission...
CVE-2021-41103
containerd is an open source container runtime with an emphasis on simplicity, robustness and portability. A bug was found in containerd where container root directories and some plugins had insufficiently restricted permissions, allowing otherwise unprivileged Linux users to traverse directory...
CVE-2021-41103
containerd is an open source container runtime with an emphasis on simplicity, robustness and portability. A bug was found in containerd where container root directories and some plugins had insufficiently restricted permissions, allowing otherwise unprivileged Linux users to traverse directory...
CVE-2021-41103 Insufficiently restricted permissions on plugin directories
containerd is an open source container runtime with an emphasis on simplicity, robustness and portability. A bug was found in containerd where container root directories and some plugins had insufficiently restricted permissions, allowing otherwise unprivileged Linux users to traverse directory...
CVE-2021-41103
containerd is an open source container runtime with an emphasis on simplicity, robustness and portability. A bug was found in containerd where container root directories and some plugins had insufficiently restricted permissions, allowing otherwise unprivileged Linux users to traverse directory...
Amazon Linux AMI : containerd (ALAS-2021-1540)
The version of containerd installed on the remote host is prior to 1.4.6-3.9. It is, therefore, affected by a vulnerability as referenced in the ALAS-2021-1540 advisory. A bug was found in containerd where container root directories and some plugins had insufficiently restricted permissions,...
Authorization
An improper authorization vulnerability in PAN-OS that mistakenly uses the permissions of local linux users instead of the intended SAML permissions of the account when the username is shared for the purposes of SSO authentication. This can result in authentication bypass and unintended resource...
PAN-OS: Improper SAML SSO authorization of shared local users
An improper authorization vulnerability in PAN-OS that mistakenly uses the permissions of local linux users instead of the intended SAML permissions of the account when the username is shared for the purposes of SSO authentication. This can result in authentication bypass and unintended resource...
CVE-2017-9483
The Comcast firmware on Cisco DPC3939 firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST devices allows Network Processor NP Linux users to obtain root access to the Application Processor AP Linux system via shell metacharacters in commands...
HPSBHF03513 rev.2 - HP PCs and Workstations running Windows and Linux with NVIDIA Graphics Driver, Local Denial of Service (DoS), Elevation of Privilege
Potential Security Impact Denial of Service DoS, elevation of privilege VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with certain HP PCs and workstations with Windows and Linux running the NVIDIA Graphics Driver. The vulnerabilities could be locally exploited...
SuSE 11.2 Security Update : Mozilla Firefox (SAT Patch Number 7599)
Mozilla Firefox has been updated to the 17.0.5ESR release fixing bugs and security issues. Also Mozilla NSS has been updated to version 3.14.3 and Mozilla NSPR to 4.9.6. - Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other...
Important: Red Hat Security Advisory: squirrelmail security update
An updated squirrelmail package that fixes multiple security issues is now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. SquirrelMail is a standards-based webmail package written in PHP. A...