Lucene search
K

2526 matches found

0day.today
0day.today
added 2017/10/09 12:0 a.m.28 views

Rancher Server - Docker Daemon Code Execution Exploit

Utilizing Rancher Server, an attacker can create a docker container with the '/' path mounted with read/write permissions on the host server that is running the docker container. As the docker container executes command as uid 0 it is honored by the host operating system allowing the attacker to...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2017/10/09 12:0 a.m.47 views

Rancher Server - Docker Daemon Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Rancher Server - Docker Exploit', 'Description' = %q Utilizing Rancher Server, an attacker can create a docker container with the '/' path mounte...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2017/10/08 12:0 a.m.36 views

Rancher Server Docker Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Rancher Server - Docker Exploit', 'Description' = %q Utilizing Rancher Server, an attacker can create a docker container with the '/' path mounte...

0.2AI score
Exploits0
Cvelist
Cvelist
added 2017/09/21 3:0 p.m.13 views

CVE-2017-9720

In all Qualcomm products with Android releases from CAF using the Linux kernel, due to an off-by-one error in a camera driver, an out-of-bounds read/write can occur...

7.8AI score0.00356EPSS
Exploits0References2
CVE
CVE
added 2017/09/21 3:0 p.m.49 views

CVE-2017-9720

CVE-2017-9720 affects Qualcomm camera driver in Android CAF Linux kernel builds, where an off-by-one error can trigger an out-of-bounds read/write. The vulnerability is listed under Qualcomm components as an Elevation of Privilege (EoP) risk with the camera driver as the affected component; expli...

7.8CVSS7.7AI score0.00356EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2017/09/06 8:36 p.m.5 views

kernel: Use after free in SCSI generic device interface

It was found that the blkrqmapuseriov function in the Linux kernel's block device implementation did not properly restrict the type of iterator, which could allow a local attacker to read or write to arbitrary kernel memory locations or cause a denial of service use-after-free by leveraging write...

7.8CVSS6.9AI score0.00437EPSS
Exploits0References4
Fedora
Fedora
added 2017/08/31 8:52 p.m.25 views

[SECURITY] Fedora 25 Update: libsndfile-1.0.28-6.fc25

libsndfile is a C library for reading and writing sound files such as AIFF, AU, WAV, and others through one standard interface. It can currently read/write 8, 16, 24 and 32-bit PCM files as well as 32 and 64-bit floating point WAV files and a number of compressed formats. It compiles and runs on...

9.8CVSS2.3AI score0.03978EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/08/24 12:0 a.m.37 views

SUSE SLES11 Security Update : freeradius-server (SUSE-SU-2017:2244-1)

This update for freeradius-server fixes the following issues: Security issues fixed : - CVE-2017-10981: DHCP - Fix memory leak in frdhcpdecode. bnc1049086 - CVE-2017-10982: Fix buffer over-read in frdhcpdecodeoptions. bsc1049086 - CVE-2017-10983: Fix read overflow when decoding option 63...

9.8CVSS8.2AI score0.22202EPSS
Exploits0References12
OSV
OSV
added 2017/08/18 4:29 p.m.4 views

UBUNTU-CVE-2015-4082

attic before 0.15 does not confirm unencrypted backups with the user, which allows remote attackers with read and write privileges for the encrypted repository to obtain potentially sensitive information by changing the manifest type byte of the repository to "unencrypted / without key file"...

6.5CVSS5.8AI score0.02466EPSS
Exploits1References5
0day.today
0day.today
added 2017/08/16 12:0 a.m.20 views

ClipBucket 2.8.3 - Multiple Vulnerabilities

Exploit for php platform in category web applications @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ .:. Exploit Title ClipBucket 2.8.3 - Multiple Vulnerabilities .:. Google Dorks .:. "Forged by ClipBucket" inurl:viewcollection.php?cid= .:. Date: August 15,...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2017/08/15 12:0 a.m.91 views

ClipBucket 2.8.3 SQL Injection / Arbitrary File Read / Write

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ .:. Exploit Title ClipBucket 2.8.3 - Multiple Vulnerabilities .:. Google Dorks .:. "Forged by ClipBucket" inurl:viewcollection.php?cid= .:. Date: August 15, 2017 .:. Exploit Author: bRpsd .:. Skype contact: vegno...

0.8AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/15 12:0 a.m.45 views

ClipBucket 2.8.3 - Multiple Vulnerabilities

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ .:. Exploit Title ClipBucket 2.8.3 - Multiple Vulnerabilities .:. Google Dorks .:. "Forged by ClipBucket" inurl:viewcollection.php?cid= .:. Date: August 15, 2017 .:. Exploit Author: bRpsd .:. Skype contact: vegno...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/08/10 12:0 a.m.34 views

Oracle Linux 7 : freeradius (ELSA-2017-2389)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-2389 advisory. - Related: Bug1469414 CVE-2017-10984 freeradius: Out-of-bounds write in data2vpwimax - Resolves: Bug1469409 CVE-2017-10978 freeradius: Out-of-bounds...

9.8CVSS8.4AI score0.18318EPSS
Exploits0References7
OSV
OSV
added 2017/08/08 3:29 p.m.4 views

CVE-2017-10238

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. The supported version that is affected is Prior to 5.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to...

7.3CVSS7.3AI score
Exploits0References3
OSV
OSV
added 2017/08/08 3:29 p.m.5 views

CVE-2017-10211

Vulnerability in the Hospitality Suite8 component of Oracle Hospitality Applications subcomponent: WebConnect. The supported version that is affected is 8.10.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Hospitality Suite8. Successf...

6.1CVSS7.3AI score0.0144EPSS
Exploits0References3
OSV
OSV
added 2017/08/08 3:29 p.m.3 views

CVE-2017-10106

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: Portal. Supported versions that are affected are 8.54 and 8.55. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...

6.1CVSS7.3AI score0.0166EPSS
Exploits2References4
OSV
OSV
added 2017/08/08 3:29 p.m.2 views

CVE-2017-10082

Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite subcomponent: Security. Supported versions that are affected are 9.3.5 and 9.3.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Agile PLM...

6.1CVSS7.3AI score0.0147EPSS
Exploits0References3
OSV
OSV
added 2017/08/08 3:29 p.m.3 views

CVE-2017-10088

Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite subcomponent: Security. Supported versions that are affected are 9.3.5 and 9.3.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Agile PLM executes...

3.4CVSS7.3AI score0.00412EPSS
Exploits0References3
OSV
OSV
added 2017/08/08 3:29 p.m.4 views

CVE-2017-10047

Vulnerability in the MICROS BellaVita component of Oracle Hospitality Applications subcomponent: Interface. The supported version that is affected is 2.7.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise MICROS BellaVita. Successful...

6.5CVSS7.3AI score0.01615EPSS
Exploits0References3
OSV
OSV
added 2017/08/08 3:29 p.m.2 views

CVE-2017-10046

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite subcomponent: Web Access. Supported versions that are affected are 8.3, 8.4, 15.1, 15.2 and 16.1. Easily exploitable vulnerability allows low privileged attacker with network...

5.4CVSS7.3AI score0.03916EPSS
Exploits4References4
Rows per page
Query Builder