Lucene search
K

7 matches found

Github Security Blog
Github Security Blog
added 2026/05/28 7:55 p.m.13 views

nono: Sandbox escape on Linux via D-Bus: `systemd-run --user`

Summary The nono Landlock/seccomp policies allow access to local Unix domain sockets concrete and abstract. This allows an easy sandbox escape by talking to the per-user systemd dbus socket. Threat scenario: Running Aider, Claude Code, OpenCode or similar tools with "allow bash" policy so that it...

6AI score0.00012EPSS
Exploits0References2Affected Software1
SUSE CVE
SUSE CVE
added 2025/08/04 11:27 p.m.2 views

SUSE CVE-2024-56731

Gogs is an open source self-hosted Git service. Prior to version 0.13.3, it's still possible to delete files under the .git directory and achieve remote command execution due to an insufficient patch for CVE-2024-39931. Unprivileged user accounts can execute arbitrary commands on the Gogs instanc...

9.8CVSS8AI score0.00952EPSS
Exploits0References2
Snyk
Snyk
added 2025/06/24 4:57 a.m.1 views

UNIX Symbolic Link (Symlink) Following

Overview Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following via improper checks of a path's existence under the .git directory. An attacker can execute arbitrary commands with the privileges of the configured account in RUNUSER. By exploiting this flaw, an...

10CVSS7.7AI score0.00952EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:48 a.m.4 views

SUSE CVE-2012-0871

The sessionlinkx11socket function in login/logind-session.c in systemd-logind in systemd, possibly 37 and earlier, allows local users to create or overwrite arbitrary files via a symlink attack on the X11 user directory in /run/user/...

6.3CVSS6.8AI score0.00355EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 3:34 a.m.3 views

SUSE CVE-2022-0959

A malicious, but authorised and authenticated user can construct an HTTP request using their existing CSRF token and session cookie to manually upload files to any location that the operating system user account under which pgAdmin is running has permission to write...

7.4CVSS7AI score0.00931EPSS
Exploits0References4
OSV
OSV
added 2014/04/18 2:55 p.m.3 views

DEBIAN-CVE-2012-0871

The sessionlinkx11socket function in login/logind-session.c in systemd-logind in systemd, possibly 37 and earlier, allows local users to create or overwrite arbitrary files via a symlink attack on the X11 user directory in /run/user/...

6.3CVSS6.5AI score0.00355EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2011/08/10 8:55 p.m.3 views

CVE-2011-3006

The MyAsUtil ActiveX control in MyAsUtil5.2.0.603.dll in McAfee SaaS Endpoint Protection 5.2.1 and earlier allows remote attackers to bypass the MyASUtil.SecureObjectFactory.CreateSecureObject domain execution policy using a cross-site scripting XSS attack, execute arbitrary code using the...

6.8CVSS6AI score0.02129EPSS
Exploits0References5
Rows per page
Query Builder