Lucene search
K

9 matches found

OSV
OSV
added 2020/09/15 7:15 p.m.9 views

CVE-2020-10759

A PGP signature bypass flaw was found in fwupd all versions, which could lead to the installation of unsigned firmware. As per upstream, a signature bypass is theoretically possible, but not practical because the Linux Vendor Firmware Service LVFS is either not implemented or enabled in versions ...

6CVSS5.8AI score0.0049EPSS
Exploits1References2
Cvelist
Cvelist
added 2020/09/15 6:37 p.m.30 views

CVE-2020-10759

A PGP signature bypass flaw was found in fwupd all versions, which could lead to the installation of unsigned firmware. As per upstream, a signature bypass is theoretically possible, but not practical because the Linux Vendor Firmware Service LVFS is either not implemented or enabled in versions ...

5.7AI score0.0049EPSS
Exploits1References2
Saint
Saint
added 2018/05/18 12:0 a.m.600 views

Red Hat DHCP client NetworkManager integration script command injection

Added: 05/18/2018 CVE: CVE-2018-1111 BID: 104195 Background The DHCP client on Red Hat Enterprise Linux includes a script which provides integration with the NetworkManager subsystem. Problem A command injection vulnerability in the NetworkManager integration script could allow arbitrary command...

7.9CVSS7.9AI score0.94457EPSS
Exploits14
Saint
Saint
added 2018/05/18 12:0 a.m.617 views

Red Hat DHCP client NetworkManager integration script command injection

Added: 05/18/2018 CVE: CVE-2018-1111 BID: 104195 Background The DHCP client on Red Hat Enterprise Linux includes a script which provides integration with the NetworkManager subsystem. Problem A command injection vulnerability in the NetworkManager integration script could allow arbitrary command...

7.9CVSS7.9AI score0.94457EPSS
Exploits14
Saint
Saint
added 2015/05/29 12:0 a.m.2499 views

ProFTPD mod_copy command execution

Added: 05/29/2015 CVE: CVE-2015-3306 BID: 74238 OSVDB: 120834 Background ProFTPD is free FTP Server software for Unix and Linux platforms. Problem The modcopy extension, if enabled in ProFTPD, allows unauthenticated attackers to read and write arbitrary files using the SITE CPFR and SITE CPTO...

10CVSS9.1AI score0.96803EPSS
Exploits21
Saint
Saint
added 2014/12/03 12:0 a.m.80 views

Linux kernel futex_requeue privilege elevation

Added: 12/03/2014 CVE: CVE-2014-3153 BID: 67906 OSVDB: 107752 Background The futex system call in Linux provides a mechanism for user-space locking. Problem A vulnerability in the Linux kernel allows an unprivileged user to gain root access using a specially crafted futexrequeue call. Resolution...

7.8CVSS7.2AI score0.37233EPSS
Exploits15
Packet Storm
Packet Storm
added 2014/06/02 12:0 a.m.24 views

Cetil Cross Site Scripting

Post Cross Site Scripting on Cetil - Demonstrativo de Pagamento de Salário + Date: 27/05/2014 + Risk: LOW + CWE number: CWE-79 + Author: Felipe Andrian Peixoto + Vendor Homepage: http://www.cetil.com.br/ + Contact: [email protected] + Tested on: Windows 7 and Linux + Vulnerable File:...

7.4AI score
Exploits0
Saint
Saint
added 2007/06/27 12:0 a.m.45 views

Linux kernel ptrace privilege elevation vulnerability

Added: 06/27/2007 CVE: CVE-2003-0127 BID: 7112 OSVDB: 4565 Background ptrace is a Linux system call which enables a parent process to observe and control another process. Problem Due to a failure by the kernel to restrict trace permissions, a local attacker could gain root privileges by attaching...

7.2CVSS6AI score0.01584EPSS
Exploits5
Saint
Saint
added 2007/06/27 12:0 a.m.26 views

Linux kernel ptrace privilege elevation vulnerability

Added: 06/27/2007 CVE: CVE-2003-0127 BID: 7112 OSVDB: 4565 Background ptrace is a Linux system call which enables a parent process to observe and control another process. Problem Due to a failure by the kernel to restrict trace permissions, a local attacker could gain root privileges by attaching...

7.2CVSS6AI score0.01584EPSS
Exploits5
Rows per page
Query Builder