110 matches found
docker: Ambient capability usage in containers
The runc version as used in docker 1.12.2 was incorrectly setting ambient capabilities for all processes executed inside containers. This caused processes of non-root users to run with unexpected privileges, allowing them to escalate their privileges to root...
Virtuozzo Hybrid Server 7.5 Update 1 Hotfix 3 (7.5.1-737)
The Hotfix 3 for Virtuozzo Hybrid Server 7.5 Update 1 provides a stability and usability bug fix. Vulnerability id: PSBM-130586 VM disk resize functionality could stop working for non-root users after upgrading to version 7.5.1...
SUSE SLED15 / SLES15 Security Update : samba (SUSE-SU-2020:1133-1)
This update for samba fixes the following issues : Security issue fixed : CVE-2020-10704: Fixed a stack overflow in the AD DC CLDAP server bsc1169851. Non-security issues fixed : Fixed spnego fallback from kerberos to ntlmssp in smbd server bsc1169473. Fixed warning messages for non root users...
CVE-2018-17954 crowbar provision leaks admin password to all nodes in cleartext
An Improper Privilege Management in crowbar of SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud 9, SUSE OpenStack Cloud Crowbar 8, SUSE OpenStack Cloud Crowbar 9 allows root users on any crowbar managed node to cause become root on any other node. This issue affects: SUSE...
Huawei EulerOS: Security Advisory for fuse (EulerOS-SA-2019-1382)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for fuse (EulerOS-SA-2019-1186)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2019-17436
A Local Privilege Escalation vulnerability exists in GlobalProtect Agent for Linux and Mac OS X version 5.0.4 and earlier and version 4.1.12 and earlier, that can allow non-root users to overwrite root files on the file system...
CVE-2019-17436
A Local Privilege Escalation vulnerability exists in GlobalProtect Agent for Linux and Mac OS X version 5.0.4 and earlier and version 4.1.12 and earlier, that can allow non-root users to overwrite root files on the file system...
Privilege escalation
A Local Privilege Escalation vulnerability exists in GlobalProtect Agent for Linux and Mac OS X version 5.0.4 and earlier and version 4.1.12 and earlier, that can allow non-root users to overwrite root files on the file system...
CVE-2019-17436
A Local Privilege Escalation vulnerability exists in GlobalProtect Agent for Linux and Mac OS X version 5.0.4 and earlier and version 4.1.12 and earlier, that can allow non-root users to overwrite root files on the file system...
NewStart CGSL CORE 5.04 / MAIN 5.04 : fuse Vulnerability (NS-SA-2019-0073)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has fuse packages installed that are affected by a vulnerability: - A vulnerability was discovered in fuse. When SELinux is active, fusermount is vulnerable to a restriction bypass. This allows non-root users to mount a FUSE fi...
CVE-2019-13100
The Send Anywhere application 9.4.18 for Android stores confidential information insecurely on the system i.e., in cleartext, which allows a non-root user to find out the username/password of a valid user via /data/data/com.estmob.android.sendanywhere/sharedprefs/sendanywheredevice.xml...
EulerOS Virtualization for ARM 64 3.0.1.0 : fuse (EulerOS-SA-2019-1382)
According to the version of the fuse packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - A vulnerability was discovered in fuse. When SELinux is active, fusermount 1is vulnerable to a restriction bypass. This...
Amazon Linux AMI : fuse (ALAS-2018-1123)
A vulnerability was discovered in fuse. When SELinux is active, fusermount is vulnerable to a restriction bypass. This allows non-root users to mount a FUSE file system with the 'allowother' mount option regardless of whether 'userallowother' is set in the fuse configuration. An attacker may use...
openSUSE Security Update : fuse (openSUSE-2019-823)
This update for fuse fixes the following issues : - CVE-2018-10906: fusermount was vulnerable to a restriction bypass when SELinux is active. This allowed non-root users to mount a FUSE file system with the 'allowother' mount option regardless of whether 'userallowother' is set in the fuse...
Privilege Escalation
github.com/projectatomic/libpod is vulnerable to privilege escalation attack. The vulnerability exists because it does not limit the capabilities of containers executed by non-root users in the default setting, resulting in the container running with higher privileges than required...
Clean My Mac X securelyRemoveItemAtPath privilege escalation vulnerability
Summary An exploitable privilege escalation vulnerability exists in the helper service of Clean My Mac X, version 4.04, due to improper input validation. An attacker with local access could exploit this vulnerability to modify the file system as root. Tested Versions Clean My Mac X 4.04 Product...
EulerOS Virtualization 2.5.2 : fuse (EulerOS-SA-2018-1409)
According to the version of the fuse packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - In fuse before versions 2.9.8 and 3.x before 3.2.5, fusermount is vulnerable to a restriction bypass when SELinux is active. This allo...
Amazon Linux 2 : fuse (ALAS-2018-1123)
A vulnerability was discovered in fuse. When SELinux is active, fusermount is vulnerable to a restriction bypass. This allows non-root users to mount a FUSE file system with the 'allowother' mount option regardless of whether 'userallowother' is set in the fuse configuration. An attacker may use...
F5 Networks BIG-IP : vCMP vulnerability (K03165684)
Malicious root users with access to a vCMP guest can disrupt service on adjacent vCMP guests running on the same host. Exploiting this vulnerability causes the vcmpd process on the adjacent vCMP guest to restart and produce a core file. This issue is only exploitable on a vCMP guest which is...