Lucene search
K

4 matches found

OSV
OSV
added 2021/04/14 8:4 p.m.40 views

GO-2021-0087 Race condition in github.com/opencontainers/runc

A race while mounting volumes allows a possible symlink-exchange attack, allowing a user whom can start multiple containers with custom volume mount configurations to escape the container...

7CVSS7.1AI score0.00457EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2021/03/22 9:28 a.m.31 views

CVE-2021-22191

There's a flaw in Wireshark. An attacker who sends malicious links with schemes other than http/https over the wire or via a pcapng file, and who is able to get a victim user of Wireshark's user interface to click these links, could perform actions such as mounting volumes, or in some cases...

8.8CVSS0.8AI score0.03639EPSS
Exploits0References4
OSV
OSV
added 2021/03/15 8:13 p.m.6 views

USN-4770-1 glusterfs vulnerabilities

It was discovered that GlusterFS incorrectly handled network requests. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM. CVE-2014-3619 It was discovered that GlusterFS incorrectly handled user permissions. An authenticated attacker...

8.8CVSS7AI score0.05374EPSS
Exploits1References23
Positive Technologies
Positive Technologies
added 2018/04/18 12:0 a.m.8 views

PT-2018-3746 · Red Hat +3 · Gluster +3

Name of the Vulnerable Software and Affected Versions: gluster versions 3.x Description: The issue is related to a privilege escalation flaw in the gluster snapshot scheduler, which can be exploited by scheduling a malicious cronjob via symlink. This flaw allows an attacker to escalate privileges...

8.8CVSS6.7AI score0.05374EPSS
Exploits1References119
Rows per page
Query Builder