Lucene search
+L

147 matches found

OSV
OSV
added 2021/05/04 1:30 p.m.5 views

UBUNTU-CVE-2020-28007

Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. Because Exim operates as root in the log directory owned by a non-root user, a symlink or hard link attack allows overwriting critical root-owned files anywhere on the filesystem...

7.8CVSS6.9AI score0.00526EPSS
Exploits3References4
OSV
OSV
added 2021/04/26 4:15 p.m.5 views

DEBIAN-CVE-2021-27851

A security vulnerability that can lead to local privilege escalation has been found in ’guix-daemon’. It affects multi-user setups in which ’guix-daemon’ runs locally. The attack consists in having an unprivileged user spawn a build process, for instance with guix build, that makes its build...

5.5CVSS5.5AI score0.00334EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2021/04/26 4:15 p.m.26 views

CVE-2021-27851

A security vulnerability that can lead to local privilege escalation has been found in ’guix-daemon’. It affects multi-user setups in which ’guix-daemon’ runs locally. The attack consists in having an unprivileged user spawn a build process, for instance with guix build, that makes its build...

5.5CVSS6AI score0.00334EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2021/04/26 3:35 p.m.23 views

CVE-2021-27851

A security vulnerability that can lead to local privilege escalation has been found in ’guix-daemon’. It affects multi-user setups in which ’guix-daemon’ runs locally. The attack consists in having an unprivileged user spawn a build process, for instance with guix build, that makes its build...

5.5CVSS5.6AI score0.00334EPSS
Exploits0
Cvelist
Cvelist
added 2021/04/26 3:35 p.m.57 views

CVE-2021-27851 Local privilege escalation in GNU Guix via guix-daemon and '--keep-failed'

A security vulnerability that can lead to local privilege escalation has been found in ’guix-daemon’. It affects multi-user setups in which ’guix-daemon’ runs locally. The attack consists in having an unprivileged user spawn a build process, for instance with guix build, that makes its build...

5.9AI score0.00334EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.12 views

SUSE: Security Advisory (SUSE-SU-2019:2781-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.6AI score0.01518EPSS
Exploits0References3
Veracode
Veracode
added 2021/04/11 8:34 p.m.22 views

Privilege Escalation

bullseye is vulnerable to privilege escalation.The attack consists in having an unprivileged user spawn a build process, for instance with guix build, that makes its build directory world-writable. The user then creates a hardlink to a root-owned file such as /etc/shadow in that build directory. ...

5.5CVSS1.2AI score0.00334EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2020/11/24 10:18 a.m.41 views

CVE-2020-28935

A symbolic link traversal vulnerability was found in unbound in the way it writes its PID file while starting up. This flaw allows a local attacker with access to the unbound user to set up a link to another file, owned by root, and make unbound overwrite it during its next restart, destroying th...

5.5CVSS6.1AI score0.00484EPSS
Exploits0References3
OSV
OSV
added 2020/03/03 3:15 p.m.4 views

CVE-2019-19792

A permissions issue in ESET Cyber Security before 6.8.300.0 for macOS allows a local attacker to escalate privileges by appending data to root-owned files...

6.7CVSS6.2AI score0.00399EPSS
Exploits1References1
NVD
NVD
added 2020/03/03 3:15 p.m.16 views

CVE-2019-19792

A permissions issue in ESET Cyber Security before 6.8.300.0 for macOS allows a local attacker to escalate privileges by appending data to root-owned files...

7.2CVSS5.5AI score0.00399EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2019/12/31 12:0 a.m.94 views

F5 Networks BIG-IP : BIG-IP Edge Client for macOS vulnerability (K49827114)

BIG-IP Edge Client for macOS may allow unprivileged users to access files owned by the root account. CVE-2019-6668 Impact BIG-IP Edge Client may allow an unprivileged user on the affected macOS device to get ownership of files owned by the root account on the local client host. C Tenable Network...

5.5CVSS5.7AI score0.00287EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2019/11/19 10:15 p.m.24 views

CVE-2011-3349

lightdm before 0.9.6 writes in .dmrc and Xauthority files using root permissions while the files are in user controlled folders. A local user can overwrite root-owned files via a symlink, which can allow possible privilege escalation...

7.8CVSS7.1AI score0.00363EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2019/11/06 12:0 a.m.25 views

openSUSE Security Update : nfs-utils (openSUSE-2019-2435)

This update for nfs-utils fixes the following issues : - CVE-2019-3689: Fixed root-owned files stored in insecure /var/lib/nfs. bsc1150733 This update was imported from the SUSE:SLE-15-SP1:Update update project. C Tenable Network Security, Inc. The descriptive text and package checks in this plug...

10CVSS7.6AI score0.01518EPSS
Exploits0References2
OSV
OSV
added 2019/11/05 3:30 p.m.6 views

OPENSUSE-SU-2019:2435-1 Security update for nfs-utils

This update for nfs-utils fixes the following issues: - CVE-2019-3689: Fixed root-owned files stored in insecure /var/lib/nfs. bsc1150733 This update was imported from the SUSE:SLE-15-SP1:Update update project...

10CVSS9.4AI score0.01518EPSS
Exploits0References3
OPENSUSE Linux
OPENSUSE Linux
added 2019/11/05 12:0 a.m.92 views

Security update for nfs-utils (moderate)

openSUSE Security Update: Security update for nfs-utils Announcement ID: openSUSE-SU-2019:2435-1 Rating: moderate References: 1150733 Cross-References: CVE-2019-3689 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for nfs-uti...

10CVSS9.3AI score0.01518EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2019/10/30 12:0 a.m.20 views

openSUSE: Security Advisory for nfs-utils (openSUSE-SU-2019:2408-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

10CVSS9.6AI score0.01518EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2019/10/29 12:0 a.m.70 views

Security update for nfs-utils (moderate)

openSUSE Security Update: Security update for nfs-utils Announcement ID: openSUSE-SU-2019:2408-1 Rating: moderate References: 1150733 Cross-References: CVE-2019-3689 Affected Products: openSUSE Leap 15.0 An update that fixes one vulnerability is now available. Description: This update for nfs-uti...

10CVSS9.3AI score0.01518EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2019/10/28 12:0 a.m.62 views

SUSE SLED15 / SLES15 Security Update : nfs-utils (SUSE-SU-2019:2782-1)

This update for nfs-utils fixes the following issues : CVE-2019-3689: Fixed root-owned files stored in insecure /var/lib/nfs. bsc1150733 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automaticall...

10CVSS7.6AI score0.01518EPSS
Exploits0References4
OSV
OSV
added 2019/10/25 12:27 p.m.4 views

SUSE-SU-2019:2782-1 Security update for nfs-utils

This update for nfs-utils fixes the following issues: - CVE-2019-3689: Fixed root-owned files stored in insecure /var/lib/nfs. bsc1150733...

10CVSS9.4AI score0.01518EPSS
Exploits0References3
OSV
OSV
added 2019/10/25 12:27 p.m.5 views

SUSE-SU-2019:2781-1 Security update for nfs-utils

This update for nfs-utils fixes the following issues: - CVE-2019-3689: Fixed root-owned files stored in insecure /var/lib/nfs. bsc1150733...

10CVSS9.4AI score0.01518EPSS
Exploits0References3
Rows per page
Query Builder