Lucene search
K

423 matches found

OSV
OSV
added 2025/09/13 12:8 a.m.6 views

OSV-2025-729 UNKNOWN READ in sam_hrecs_free_tags

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=444492076 Crash type: UNKNOWN READ Crash state: samhrecsfreetags samhrecsparsesingleline samhdrbuildfromsamfile...

7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2021-3738

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In DCE/RPC it is possible to share the handles cookies for resource state between multiple connections via a mechanism called 'association groups'. These handle...

8.8CVSS7AI score0.01888EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 4:7 p.m.6 views

CVE-2020-2180

Jenkins AWS SAM Plugin 1.2.2 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability...

8.8CVSS7.7AI score0.02282EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/21 6:9 p.m.9 views

CVE-1999-0435

MC/ServiceGuard and MC/LockManager in HP-UX allows local users to gain privileges through SAM...

7.2CVSS6.9AI score0.00617EPSS
Exploits0References1
Veracode
Veracode
added 2025/04/08 3:36 a.m.13 views

Unauthorized File Access

awssamcli is vulnerable to Unauthorized File Access. The vulnerability is due to insecure symlink resolution during the build process, which causes the contents of symlinks to be copied into the local workspace cache as regular files, allows an attacker to access restricted files...

6.9CVSS6.4AI score0.0062EPSS
Exploits0References6Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/04/04 12:0 a.m.5 views

AWS SAM CLI Installed (Windows)

Binary data awssamcliwindetect.nbin...

7.3AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/04/04 12:0 a.m.9 views

AWS SAM CLI < 1.133.0 multiple vulnerabilities

The version of AWS SAM CLI installed on the remote host is prior to 1.133.0 and is, therefore, affected by multiple vulnerabilities: - When running the AWS SAM CLI build process with Docker and symlinks are included in the build files, the container environment allows a user to access privileged...

6.9CVSS5.5AI score0.00724EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/04/02 3:42 p.m.11 views

CVE-2025-3047

When running the AWS Serverless Application Model Command Line Interface SAM CLI build process with Docker and symlinks are included in the build files, the container environment allows a user to access privileged files on the host by leveraging the elevated permissions granted to the tool. A use...

6.9CVSS7.3AI score0.00724EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/02 3:40 p.m.9 views

CVE-2025-3048

After completing a build with AWS Serverless Application Model Command Line Interface SAM CLI which include symlinks, the content of those symlinks are copied to the cache of the local workspace as regular files or directories. As a result, a user who does not have access to those symlinks outsid...

6.9CVSS7.3AI score0.0062EPSS
Exploits0References1
OSV
OSV
added 2025/03/31 10:36 p.m.6 views

GHSA-PP64-WJ43-XQCR AWS SAM CLI Path Traversal allows file copy to local cache

Summary The AWS Serverless Application Model Command Line Interface AWS SAM CLI is an open-source CLI tool that helps Lambda developers to build and develop Lambda applications locally on their computers using Docker. After completing a build with AWS SAM CLI which include symlinks, the content o...

6.9CVSS7AI score0.0062EPSS
Exploits0References6
vulnersOsv
vulnersOsv
added 2025/03/31 10:36 p.m.4 views

better-lambda-deploy (>=0.0.4 <=0.6.9), localambda (=0.0.1) potentially affected by CVE-2025-3048 via aws-sam-cli (>=0.40.0 <=1.12.0)

aws-sam-cli PYPI version =0.40.0, =0.0.4, =0.6.9 - localambda =0.0.1 Source cves: CVE-2025-3048 Source advisory: OSV:GHSA-PP64-WJ43-XQCR...

6.9CVSS5.4AI score0.0062EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2025/03/31 10:36 p.m.12 views

AWS SAM CLI Path Traversal allows file copy to local cache

Summary The AWS Serverless Application Model Command Line Interface AWS SAM CLI is an open-source CLI tool that helps Lambda developers to build and develop Lambda applications locally on their computers using Docker. After completing a build with AWS SAM CLI which include symlinks, the content o...

6.9CVSS6.7AI score0.0062EPSS
Exploits0References6Affected Software1
vulnersOsv
vulnersOsv
added 2025/03/31 10:36 p.m.6 views

better-lambda-deploy (>=0.0.4 <=0.6.9), localambda (=0.0.1) potentially affected by CVE-2025-3047 via aws-sam-cli (>=0.40.0 <=1.12.0)

aws-sam-cli PYPI version =0.40.0, =0.0.4, =0.6.9 - localambda =0.0.1 Source cves: CVE-2025-3047 Source advisory: OSV:GHSA-PX37-JPQX-97Q9...

6.9CVSS5.4AI score0.00724EPSS
Exploits0
OSV
OSV
added 2025/03/31 10:36 p.m.6 views

GHSA-PX37-JPQX-97Q9 AWS SAM CLI Path Traversal allows file copy to build container

Summary The AWS Serverless Application Model Command Line Interface AWS SAM CLI is an open-source CLI tool that helps Lambda developers to build and develop Lambda applications locally on their computers using Docker. When running the AWS SAM CLI build process with Docker and symlinks are include...

6.9CVSS6.9AI score0.00724EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/03/31 3:21 p.m.8 views

CVE-2025-3048 Path Traversal in AWS SAM CLI allows file copy to local cache

After completing a build with AWS Serverless Application Model Command Line Interface SAM CLI which include symlinks, the content of those symlinks are copied to the cache of the local workspace as regular files or directories. As a result, a user who does not have access to those symlinks outsid...

6.9CVSS6.7AI score0.0062EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/03/31 3:21 p.m.28 views

CVE-2025-3048 Path Traversal in AWS SAM CLI allows file copy to local cache

After completing a build with AWS Serverless Application Model Command Line Interface SAM CLI which include symlinks, the content of those symlinks are copied to the cache of the local workspace as regular files or directories. As a result, a user who does not have access to those symlinks outsid...

6.9CVSS0.0062EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/03/31 3:21 p.m.6 views

CVE-2025-3047 Path Traversal in AWS SAM CLI allows file copy to build container

When running the AWS Serverless Application Model Command Line Interface SAM CLI build process with Docker and symlinks are included in the build files, the container environment allows a user to access privileged files on the host by leveraging the elevated permissions granted to the tool. A use...

6.9CVSS6.6AI score0.00724EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/03/31 3:21 p.m.18 views

CVE-2025-3047 Path Traversal in AWS SAM CLI allows file copy to build container

When running the AWS Serverless Application Model Command Line Interface SAM CLI build process with Docker and symlinks are included in the build files, the container environment allows a user to access privileged files on the host by leveraging the elevated permissions granted to the tool. A use...

6.9CVSS0.00724EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/03/31 12:0 a.m.5 views

AWS SAM CLI 安全漏洞

AWS SAM CLI is an Amazon Web Services open source CLI tool for building, testing, debugging, and deploying serverless applications using AWS SAM. A security vulnerability exists in AWS SAM CLI that stems from the possibility that symbolic link content could be copied to the local workspace cache...

6.9CVSS6.2AI score0.0062EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2025/03/11 12:0 a.m.245 views

Sam Spade 1.14 SEH Overflow / DLL Injection

Sam Spade version 1.14 SEH overflow exploit that leverages DLL injection. Exploit Title: Sam Spade 1.14 - SEH Overflow via Arbitrary DLL Injection Date: 14.03.2024 Software Link: https://www.majorgeeks.com/files/details/samspade.html Exploit Author: Ahmet Ümit BAYRAM Tested Version: 1.14 Tested o...

8AI score
Exploits0
Rows per page
Query Builder