Lucene search
K

7 matches found

Vulnrichment
Vulnrichment
added 2024/05/15 4:29 p.m.14 views

CVE-2023-7258 Denial-of-Service in Gvisor

A denial of service exists in Gvisor Sandbox where a bug in reference counting code in mount point tracking could lead to a panic, making it possible for an attacker running as root and with permission to mount volumes to kill the sandbox. We recommend upgrading past...

4.8CVSS6.9AI score0.00165EPSS
Exploits0References1
Veracode
Veracode
added 2019/05/16 3:19 a.m.28 views

Privilege Escalation

Gluster file system is vulnerable to privilege escalation. Remote authenticated attackers with access to mount volumes could elevate their privileges via creating arbitrary, empty files on the target server by manipulating FXATTROPENTRYINKEY argument...

6.5CVSS7.3AI score0.0263EPSS
Exploits0References11Affected Software5
NVD
NVD
added 2018/10/31 7:29 p.m.19 views

CVE-2018-14654

The Gluster file system through version 4.1.4 is vulnerable to abuse of the 'features/index' translator. A remote attacker with access to mount volumes could exploit this via the 'GFXATTROPENTRYINKEY' xattrop to create arbitrary, empty files on the target server...

8.5CVSS6.8AI score0.0263EPSS
Exploits0References6
OSV
OSV
added 2018/10/31 7:29 p.m.22 views

CVE-2018-14654

The Gluster file system through version 4.1.4 is vulnerable to abuse of the 'features/index' translator. A remote attacker with access to mount volumes could exploit this via the 'GFXATTROPENTRYINKEY' xattrop to create arbitrary, empty files on the target server...

6.5CVSS6.6AI score0.0263EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2018/10/31 7:0 p.m.31 views

CVE-2018-14654

The Gluster file system through version 4.1.4 is vulnerable to abuse of the 'features/index' translator. A remote attacker with access to mount volumes could exploit this via the 'GFXATTROPENTRYINKEY' xattrop to create arbitrary, empty files on the target server...

8.5CVSS7AI score0.0263EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2018/04/30 12:51 p.m.6 views

glusterfs: auth.allow allows unauthenticated clients to mount gluster volumes (CVE-2018-1088 regression)

It was found that fix for CVE-2018-1088 introduced a new vulnerability in the way 'auth.allow' is implemented in glusterfs server. An unauthenticated gluster client could mount gluster storage volumes...

8.8CVSS7.3AI score0.02384EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2018/04/30 12:48 p.m.4 views

glusterfs: auth.allow allows unauthenticated clients to mount gluster volumes (CVE-2018-1088 regression)

It was found that fix for CVE-2018-1088 introduced a new vulnerability in the way 'auth.allow' is implemented in glusterfs server. An unauthenticated gluster client could mount gluster storage volumes...

8.8CVSS7.3AI score0.02384EPSS
Exploits1References5
Rows per page
Query Builder