Lucene search
K

91 matches found

nvd
nvd
added 2025/08/26 11:15 p.m.7 views

CVE-2025-0078

In main of main.cpp, there is a possible way to bypass SELinux due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8.8CVSS0.00283EPSS
Exploits0References2
cvelist
cvelist
added 2025/08/26 10:48 p.m.7 views

CVE-2025-0078

In main of main.cpp, there is a possible way to bypass SELinux due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

0.00283EPSS
Exploits0References2
cve
cve
added 2025/08/26 10:48 p.m.91 views

CVE-2025-0078

CVE-2025-0078 describes a logic error in the Android main.cpp main function that may bypass SELinux, enabling local elevation of privilege with no extra privileges or user interaction required. The vulnerability is categorized as EoP with a high impact, and current sources indicate the issue affe...

8.8CVSS6.8AI score0.00283EPSS
Exploits0References2Affected Software1
nessus
nessus
added 2025/08/24 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2008-3234

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH snapshot, allows remote authenticated users to obtain access to arbitrary SELinux roles by...

6.5CVSS8.1AI score0.05773EPSS
Exploits1References2
nessus
nessus
added 2025/08/08 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2017-2618

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files before 4.9.10. An empty null write to this file can crash...

5.5CVSS6.4AI score0.00459EPSS
Exploits0References2
osv
osv
added 2025/05/05 3:15 a.m.3 views

CVE-2025-20665

In devinfo, there is a possible information disclosure due to a missing SELinux policy. This could lead to local information disclosure of device identifier with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09555228; Issue ID: MSV-2760...

5.5CVSS5.9AI score
Exploits0References1
cnnvd
cnnvd
added 2025/05/05 12:0 a.m.5 views

MediaTek Chipsets 安全漏洞

MediaTek Chipsets is a series of chips from Chinese company MediaTek. A security vulnerability exists in MediaTek Chipsets, which stems from the lack of a SELinux policy and could lead to the disclosure of local information...

5.5CVSS6.2AI score0.00089EPSS
Exploits0References2
redhat
redhat
added 2025/03/13 6:7 a.m.3 views

podman: buildah: Container breakout by using --jobs=2 and a race condition when building a malicious Containerfile

A vulnerability was found in podman build and buildah. This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the hos...

8.6CVSS7.1AI score0.00358EPSS
Exploits0References5
bdu_fstec
bdu_fstec
added 2025/02/18 12:0 a.m.5 views

The vulnerability of the functions services_compute_xperms_decision() in the security/selinux/ss/services.c module of the SELinux access control kernel of the Linux operating system allows a attacker to execute arbitrary code.

The vulnerability of the functions servicescomputexpermsdecision in the security/selinux/ss/services.c module of the SELinux access control system in the Linux operating system is related to errors in permission handling. Exploiting this vulnerability could allow a remote attacker to execute...

8CVSS7.1AI score0.0021EPSS
Exploits0References24Affected Software7
redhat
redhat
added 2025/02/10 3:45 p.m.2 views

podman: buildah: Container breakout by using --jobs=2 and a race condition when building a malicious Containerfile

A vulnerability was found in podman build and buildah. This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the hos...

8.6CVSS7.1AI score0.00358EPSS
Exploits0References5
attackerkb
attackerkb
added 2025/01/22 5:15 a.m.4 views

CVE-2024-11218

A vulnerability was found in podman build and buildah. This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the hos...

8.6CVSS7.1AI score0.00358EPSS
Exploits0References33Affected Software17
cnnvd
cnnvd
added 2025/01/21 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the selinux module not ignoring unknown permissions when handling extended permissions. This could lead to syste...

5.5CVSS6.5AI score0.0021EPSS
Exploits0References9
bdu_fstec
bdu_fstec
added 2024/04/01 12:0 a.m.5 views

The vulnerability of the Libvirt virtualization management library, related to the incorrect assignment of permissions to critical resources, allows a hacker to gain access to confidential information.

The vulnerability of the Libvirt virtualization management library is related to the creation of SELinux MCS category pairs for dynamic virtual machine tags. Exploiting this vulnerability can allow a malicious actor to gain access to confidential information...

6.3CVSS6.8AI score0.00493EPSS
Exploits1References5Affected Software3
osv
osv
added 2024/01/18 4:15 p.m.6 views

AZL-35354 CVE-2024-0408 affecting package xorg-x11-server for versions less than 1.20.10-5

A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource as with a GetGeometry or when it creates another resource that needs to access that buffer, such as...

5.5CVSS6.7AI score0.00321EPSS
Exploits0References1
osv
osv
added 2024/01/16 3:20 p.m.7 views

USN-6587-1 xorg-server, xwayland vulnerabilities

Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the DeviceFocusEvent and ProcXIQueryPointer APIs. An attacker could possibly use this issue to cause the X Server to crash, obtain sensitive information, or execute arbitrary code. CVE-2023-6816 Jan-Nikl...

9.8CVSS7AI score0.02106EPSS
Exploits0References7
redhat
redhat
added 2023/11/07 9:3 a.m.2 views

kernel: selinux: Add boundary check in put_entry()

In the Linux kernel, the following vulnerability has been resolved: selinux: Add boundary check in putentry Just like nextentry, boundary check is necessary to prevent memory out-of-bound access...

7.1CVSS6.3AI score0.00214EPSS
Exploits0References5
redhat
redhat
added 2023/11/07 8:47 a.m.3 views

runc: AppArmor can be bypassed when `/proc` inside the container is symlinked with a specific mount configuration

A flaw was found in runc. This vulnerability could allow a remote attacker to bypass security restrictions and create a symbolic link inside a container to the /proc directory, bypassing AppArmor and SELinux protections...

7.8CVSS6.9AI score0.00343EPSS
Exploits0References5
susecve
susecve
added 2023/02/15 6:13 a.m.3 views

SUSE CVE-2006-6056

Linux kernel 2.6.x up to 2.6.18 and possibly other versions, when SELinux hooks are enabled, allows local users to cause a denial of service crash via a malformed file stream that triggers a NULL pointer dereference in the superblockdoinit function, as demonstrated using an HFS filesystem image...

4.9CVSS6.5AI score0.00525EPSS
Exploits1References4
susecve
susecve
added 2023/02/15 3:45 a.m.3 views

SUSE CVE-2021-23240

selinuxeditcopytfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user to gain file ownership and escalate privileges by replacing a temporary file with a symlink to an arbitrary file target. This affects SELinux RBAC support in permissive mode. Machines without SELinux are not...

7.8CVSS8.4AI score0.01066EPSS
Exploits1References22
susecve
susecve
added 2023/02/15 3:36 a.m.4 views

SUSE CVE-2021-43816

containerd is an open source container runtime. On installations using SELinux, such as EL8 CentOS, RHEL, Fedora, or SUSE MicroOS, with containerd since v1.5.0-beta.0 as the backing container runtime interface CRI, an unprivileged pod scheduled to the node may bind mount, via hostPath volume, any...

9.1CVSS7.1AI score0.0169EPSS
Exploits1References3
Rows per page
Query Builder