Lucene search
K

6348 matches found

CVE
CVE
added 2021/07/19 11:55 p.m.81 views

CVE-2021-32773

CVE-2021-32773 affects the Racket sandbox prior to version 8.2. In those versions, code evaluated in the sandbox could cause system modules to erroneously use attacker-created modules instead of their intended dependencies, allowing attackers to control system functions and access restricted faci...

7.5CVSS6.8AI score0.00869EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2021/07/19 11:55 p.m.17 views

CVE-2021-32773

Racket is a general-purpose programming language and an ecosystem for language-oriented programming. In versions prior to 8.2, code evaluated using the Racket sandbox could cause system modules to incorrectly use attacker-created modules instead of their intended dependencies. This could allow...

7.5CVSS7.6AI score0.00869EPSS
Exploits0
OSV
OSV
added 2021/07/19 9:15 p.m.26 views

CVE-2021-32760

containerd is a container runtime. A bug was found in containerd versions prior to 1.4.8 and 1.5.4 where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host’s filesystem. Changes to file permissions can deny access t...

6.3CVSS6.6AI score
Exploits0References5
NVD
NVD
added 2021/07/19 9:15 p.m.20 views

CVE-2021-32760

containerd is a container runtime. A bug was found in containerd versions prior to 1.4.8 and 1.5.4 where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host’s filesystem. Changes to file permissions can deny access t...

6.8CVSS0.01608EPSS
Exploits2References5
OSV
OSV
added 2021/07/19 9:15 p.m.0 views

DEBIAN-CVE-2021-32760

containerd is a container runtime. A bug was found in containerd versions prior to 1.4.8 and 1.5.4 where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host’s filesystem. Changes to file permissions can deny access t...

6.3CVSS6AI score0.01608EPSS
Exploits2References1
OSV
OSV
added 2021/07/19 7:0 p.m.2 views

UBUNTU-CVE-2021-32760

containerd is a container runtime. A bug was found in containerd versions prior to 1.4.8 and 1.5.4 where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host’s filesystem. Changes to file permissions can deny access t...

6.3CVSS6.3AI score0.01608EPSS
Exploits2References5
UbuntuCve
UbuntuCve
added 2021/07/19 12:0 p.m.32 views

CVE-2021-32760

containerd is a container runtime. A bug was found in containerd versions prior to 1.4.8 and 1.5.4 where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host’s filesystem. Changes to file permissions can deny access t...

6.8CVSS6.2AI score0.01608EPSS
Exploits2References4
CNNVD
CNNVD
added 2021/07/19 12:0 a.m.3 views

Racket 安全漏洞

Racket is an open source general-purpose programming language and an ecosystem for language-oriented programming.An access control error vulnerability exists in Racket versions prior to 8.2, which stems from the fact that code evaluated using the Racket sandbox may cause system modules to...

7.5CVSS5.7AI score0.00869EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2021/07/19 12:0 a.m.10 views

PT-2021-3856 · Unknown +6 · Kubernetes Containerd +5

Name of the Vulnerable Software and Affected Versions: containerd versions prior to 1.4.8 and 1.5.4 Description: The issue is related to a bug in containerd that allows pulling and extracting a specially-crafted container image to result in Unix file permission changes for existing files in the...

9.3CVSS6.2AI score0.9857EPSS
Exploits43References127
AlpineLinux
AlpineLinux
added 2021/07/19 12:0 a.m.53 views

CVE-2021-32760

containerd is a container runtime. A bug was found in containerd versions prior to 1.4.8 and 1.5.4 where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host’s filesystem. Changes to file permissions can deny access t...

6.8CVSS6.2AI score0.01608EPSS
Exploits2
OSV
OSV
added 2021/07/16 9:15 p.m.5 views

CVE-2021-3453

Some Lenovo Notebook, ThinkPad, and Lenovo Desktop systems have BIOS modules unprotected by Intel Boot Guard that could allow an attacker with physical access the ability to write to the SPI flash storage...

4.6CVSS5.8AI score0.00236EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2021/07/16 4:51 p.m.19 views

Security Bulletin: IBM Security SOAR could allow a privileged user to import non-approved Python2 modules (CVE-2021-29780).

Summary It was possible for a privileged user to import non-approved Python2 modules to create a malicious script. Vulnerability Details CVEID: CVE-2021-29780 DESCRIPTION: IBM Resilient OnPrem could allow an authenticated user to perform actions that they should not have access to due to improper...

6.5CVSS1.3AI score0.00672EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2021/07/16 7:0 a.m.5 views

kernel/module.c in the Linux kernel before 5.12.14 mishandles Signature Verification aka CID-0c18f29aae7c. Without CONFIG_MODULE_SIG verification that a kernel module is signed for loading via init_module does not occur for a module.sig_enforce=1 command-line argument.

...

7.8CVSS6.4AI score0.00246EPSS
Exploits0
Gitee
Gitee
added 2021/07/15 12:2 p.m.4 views

vulhub

This repository is an offensive tool for vulnerability research and exploitation, specifically targeting various web applications and services. It contains a collection of exploits and tools for identifying and exploiting vulnerabilities in software and systems. The primary vulnerability targeted...

7.1AI score
Exploits0
CNNVD
CNNVD
added 2021/07/13 12:0 a.m.5 views

多款 Lenovo 设备 安全漏洞

Lenovo Desktops and Lenovo ThinkPad are both products of the Chinese company Lenovo.Lenovo Desktops are desktop computersLenovo ThinkPad is a portable computer.Lenovo Desktops are desktop computers and Lenovo ThinkPad is a portable computer.Lenovo Desktops are desktop computers and Lenovo ThinkPa...

6.8CVSS5.1AI score0.00236EPSS
Exploits0References1
Gitee
Gitee
added 2021/07/08 3:17 p.m.4 views

isf

This is an Industrial Exploitation Framework ISF repository, a Python-based framework for exploitation and testing of industrial control systems ICS. The framework is similar to Metasploit and is designed to be used for penetration testing and vulnerability assessment of ICS devices. The reposito...

6.9AI score
Exploits0
Kitploit
Kitploit
added 2021/07/07 9:30 p.m.32 views

FindObjects-BOF - A Cobalt Strike Beacon Object File (BOF) Project Which Uses Direct System Calls To Enumerate Processes For Specific Loaded Modules Or Process Handles

A Cobalt Strike Beacon Object File BOF project which uses direct system calls to enumerate processes for specific modules or process handles. What is this repository for? Use direct systems calls within Beacon Object files to enumerate processes for specific loaded modules e.g. winhttp.dll,...

7.3AI score
Exploits0References3
Imperva Blog
Imperva Blog
added 2021/07/07 6:12 p.m.88 views

Oracle Auditing Part 3: Unified Auditing

This is the third, and last, article on the topic of Oracle auditing. It is relevant to Oracle 12c only. With Unified Auditing, Oracle simplified the task of auditing activities in a modern database environment, and rather than having to learn multiple methods, patterns, and techniques for both...

6.9AI score
Exploits0
OSV
OSV
added 2021/07/07 1:15 a.m.1 views

DEBIAN-CVE-2021-35039

kernel/module.c in the Linux kernel before 5.12.14 mishandles Signature Verification, aka CID-0c18f29aae7c. Without CONFIGMODULESIG, verification that a kernel module is signed, for loading via initmodule, does not occur for a module.sigenforce=1 command-line argument...

7.8CVSS6.2AI score0.00246EPSS
Exploits0References1
OSV
OSV
added 2021/07/07 1:15 a.m.0 views

UBUNTU-CVE-2021-35039

kernel/module.c in the Linux kernel before 5.12.14 mishandles Signature Verification, aka CID-0c18f29aae7c. Without CONFIGMODULESIG, verification that a kernel module is signed, for loading via initmodule, does not occur for a module.sigenforce=1 command-line argument...

7.8CVSS6.7AI score0.00246EPSS
Exploits0References3
Rows per page
Query Builder