12 matches found
CVE-2025-69198 Pterodactyl's improper resource locking allows raced queries to create more resources than alloted
Pterodactyl is a free, open-source game server management panel. Pterodactyl implements rate limits that are applied to the total number of resources e.g. databases, port allocations, or backups that can exist for an individual server. These resource limits are applied on a per-server basis, and...
Privilege Escalation
haproxy, buster is vulnerable to Privilege Escalation. An attacker is able to change their resource allocations, promote containers to privileged mode, or potentially add ssh authorized keys to a remote shell on the target machine by creating new files on the host system. In order for an attacker...
Privilege Escalation
firefox is vulnerable to Privilege Escalation. An attacker is able to change their resource allocations, promote containers to privileged mode, or potentially add ssh authorized keys to a remote shell on the target machine by creating new files on the host system. In order for an attacker to...
Privilege Escalation
firefox is vulnerable to Privilege Escalation. An attacker is able to change their resource allocations, promote containers to privileged mode, or potentially add ssh authorized keys to a remote shell on the target machine by creating new files on the host system. In order for an attacker to...
Privilege Escalation
github.com/pterodactyl/wings is vulnerable to Privilege Escalation. An attacker is able to change their resource allocations, promote containers to privileged mode, or potentially add ssh authorized keys to a remote shell on the target machine by creating new files on the host system. In order fo...
Design/Logic Flaw
Wings is Pterodactyl's server control plane. Affected versions are subject to a vulnerability which can be used to create new files and directory structures on the host system that previously did not exist, potentially allowing attackers to change their resource allocations, promote their...
Pterodactyl Wings contains UNIX Symbolic Link (Symlink) Following
Impact This vulnerability impacts anyone running the affected versions of Wings. The vulnerability can be used to create new files and on the host system that previously did not exist, potentially allowing attackers to change their resource allocations, promote their containers to privileged mode...
GHSA-P8R3-83R8-JWJ5 Pterodactyl Wings contains UNIX Symbolic Link (Symlink) Following
Impact This vulnerability impacts anyone running the affected versions of Wings. The vulnerability can be used to create new files and on the host system that previously did not exist, potentially allowing attackers to change their resource allocations, promote their containers to privileged mode...
Product release: Virtuozzo Hybrid Infrastructure 3.5 Update 5 (3.5.5-26)
This update provides a new feature as well as improvements and bug fixes. Vulnerability id: VSTOR-34750 After failed VM evacuations, resource allocations are duplicated. Vulnerability id: VSTOR-30767 An update to a new major release may fail with the error "Updates to multiple product versions ar...
CVE-2017-17051
An issue was discovered in the default FilterScheduler in OpenStack Nova 16.0.3. By repeatedly rebuilding an instance with new images, an authenticated user may consume untracked resources on a hypervisor host leading to a denial of service, aka doubled resource allocations. This regression was...
CVE-2017-17051
An issue was discovered in the default FilterScheduler in OpenStack Nova 16.0.3. By repeatedly rebuilding an instance with new images, an authenticated user may consume untracked resources on a hypervisor host leading to a denial of service, aka doubled resource allocations. This regression was...
Microsoft Office Project Remote Code Execution Vulnerability (967183)
This host is missing a critical security update according to Microsoft Bulletin MS09-074. OpenVAS Vulnerability Test $Id: secpodms09-074.nasl 5363 2017-02-20 13:07:22Z cfi $ Microsoft Office Project Remote Code Execution Vulnerability 967183 Authors: Antu Sanadi Copyright: Copyright c 2009 SecPod...