Lucene search
K

5 matches found

Packet Storm
Packet Storm
added 2026/04/21 12:0 a.m.161 views

📄 Below Symlink Privilege Escalation

This Python script demonstrates a potential privilege escalation technique related to CVE-2025-27591, leveraging symbolic link symlink manipulation in a logging directory used by the below utility. Versions prior to 0.9.0 are affected...

6.8CVSS7AI score0.0036EPSS
Exploits22
NVD
NVD
added 2026/03/13 7:53 p.m.5 views

CVE-2025-8766

A container privilege escalation flaw was found in certain Multi-Cloud Object Gateway Core images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container,...

6.4CVSS0.00163EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/04/01 12:0 a.m.7 views

The vulnerability of the CRI-O Container Engine’s application programming interface allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the CRI-O Container Engine’s application programming interface, a software platform for managing clusters of virtual machines in Kubernetes, stems from the ability to add arbitrary strings to the /etc/passwd file using a specially created environment variable. Exploiting this...

7.8CVSS7AI score0.00266EPSS
Exploits0References4Affected Software2
SUSE CVE
SUSE CVE
added 2023/02/15 5:19 a.m.4 views

SUSE CVE-2015-3246

libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, directly modifies /etc/passwd, which allows local users to cause a denial of service inconsistent file state by causing an error during the modification. NOTE: this issue can be combined wi...

7.2CVSS8.9AI score0.06853EPSS
Exploits10References4
Positive Technologies
Positive Technologies
added 2021/03/24 12:0 a.m.7 views

PT-2021-9022 · Red Hat · Operator-Framework/Presto

Name of the Vulnerable Software and Affected Versions: operator-framework/presto as shipped in Red Hat Openshift 4 affected versions not specified Description: The issue is related to an insecure modification vulnerability in the /etc/passwd file. An attacker with access to the container could...

7CVSS6.6AI score0.00255EPSS
Exploits0References6
Rows per page
Query Builder