Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3209 matches found

OSV
OSVadded 2023/01/01 6:15 a.m.0 views

UBUNTU-CVE-2022-47952

lxc-user-nic in lxc through 5.0.1 is installed setuid root, and may allow local users to infer whether any file exists, even within a protected directory tree, because "Failed to open" often indicates that a file does not exist, whereas "does not refer to a network namespace path" often indicates...

3.3CVSS5.7AI score0.02322EPSS
Exploits0References5
UbuntuCve
UbuntuCveadded 2023/01/01 6:15 a.m.28 views

CVE-2022-47952

lxc-user-nic in lxc through 5.0.1 is installed setuid root, and may allow local users to infer whether any file exists, even within a protected directory tree, because "Failed to open" often indicates that a file does not exist, whereas "does not refer to a network namespace path" often indicates...

3.3CVSS5.8AI score0.02322EPSS
Exploits0References4
AlpineLinux
AlpineLinuxadded 2023/01/01 12:0 a.m.61 views

CVE-2022-47952

lxc-user-nic in lxc through 5.0.1 is installed setuid root, and may allow local users to infer whether any file exists, even within a protected directory tree, because "Failed to open" often indicates that a file does not exist, whereas "does not refer to a network namespace path" often indicates...

3.3CVSS4.2AI score0.02322EPSS
Exploits0
Debian CVE
Debian CVEadded 2023/01/01 12:0 a.m.31 views

CVE-2022-47952

lxc-user-nic in lxc through 5.0.1 is installed setuid root, and may allow local users to infer whether any file exists, even within a protected directory tree, because "Failed to open" often indicates that a file does not exist, whereas "does not refer to a network namespace path" often indicates...

3.3CVSS3.6AI score0.02322EPSS
Exploits0
OSV
OSVadded 2022/12/25 7:15 p.m.1 views

DEBIAN-CVE-2022-37706

enlightenmentsys in Enlightenment before 0.25.4 allows local users to gain privileges because it is setuid root, and the system library function mishandles pathnames that begin with a /dev/.. substring...

7.8CVSS7.5AI score0.54631EPSS
Exploits14References1
OSV
OSVadded 2022/12/25 7:15 p.m.6 views

CVE-2022-37706

enlightenmentsys in Enlightenment before 0.25.4 allows local users to gain privileges because it is setuid root, and the system library function mishandles pathnames that begin with a /dev/.. substring...

7.8CVSS7.6AI score0.54631EPSS
Exploits14References3
UbuntuCve
UbuntuCveadded 2022/12/25 7:15 p.m.39 views

CVE-2022-37706

enlightenmentsys in Enlightenment before 0.25.4 allows local users to gain privileges because it is setuid root, and the system library function mishandles pathnames that begin with a /dev/.. substring...

7.8CVSS7.1AI score0.54631EPSS
Exploits14References2
OSV
OSVadded 2022/12/25 7:15 p.m.0 views

UBUNTU-CVE-2022-37706

enlightenmentsys in Enlightenment before 0.25.4 allows local users to gain privileges because it is setuid root, and the system library function mishandles pathnames that begin with a /dev/.. substring...

7.8CVSS5.8AI score0.54631EPSS
Exploits14References3
Vulnrichment
Vulnrichmentadded 2022/12/25 12:0 a.m.5 views

CVE-2022-37706

enlightenmentsys in Enlightenment before 0.25.4 allows local users to gain privileges because it is setuid root, and the system library function mishandles pathnames that begin with a /dev/.. substring...

7.6AI score0.54631EPSS
Exploits14References3
Cvelist
Cvelistadded 2022/12/25 12:0 a.m.35 views

CVE-2022-37706

enlightenmentsys in Enlightenment before 0.25.4 allows local users to gain privileges because it is setuid root, and the system library function mishandles pathnames that begin with a /dev/.. substring...

7.8AI score0.54631EPSS
Exploits14References3
OSV
OSVadded 2022/11/23 6:15 p.m.3 views

DEBIAN-CVE-2009-1142

An issue was discovered in open-vm-tools 2009.03.18-154848. Local users can gain privileges via a symlink attack on /tmp files if vmware-user-suid-wrapper is setuid root and the ChmodChownDirectory function is enabled...

6.7CVSS6.4AI score0.00046EPSS
Exploits0References1
CNNVD
CNNVDadded 2022/11/23 12:0 a.m.3 views

VMware open-vm-tools 后置链接漏洞

VMware open-vm-tools is a set of services and modules from VMware, Inc. It includes kernel modules to enhance the performance of virtual machines running Linux or other VMware-supported Unix-like guest operating systems. A security vulnerability exists in VMware open-vm-tools version...

6.7CVSS6.5AI score0.00046EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2022/11/23 12:0 a.m.5 views

CVE-2009-1142

An issue was discovered in open-vm-tools 2009.03.18-154848. Local users can gain privileges via a symlink attack on /tmp files if vmware-user-suid-wrapper is setuid root and the ChmodChownDirectory function is enabled...

7AI score0.00046EPSS
Exploits0References2
OSV
OSVadded 2022/11/06 11:15 p.m.3 views

AZL-11388 CVE-2022-40284 affecting package ntfs-3g for versions less than 2022.10.3-1

A buffer overflow was discovered in NTFS-3G before 2022.10.3. Crafted metadata in an NTFS image can cause code execution. A local attacker can exploit this if the ntfs-3g binary is setuid root. A physically proximate attacker can exploit this if NTFS-3G software is configured to execute upon...

7.8CVSS7.1AI score0.00049EPSS
Exploits0References1
OSV
OSVadded 2022/11/06 11:15 p.m.33 views

CVE-2022-40284

A buffer overflow was discovered in NTFS-3G before 2022.10.3. Crafted metadata in an NTFS image can cause code execution. A local attacker can exploit this if the ntfs-3g binary is setuid root. A physically proximate attacker can exploit this if NTFS-3G software is configured to execute upon...

7.8CVSS4AI score
Exploits0References7
AlpineLinux
AlpineLinuxadded 2022/11/06 12:0 a.m.39 views

CVE-2022-40284

A buffer overflow was discovered in NTFS-3G before 2022.10.3. Crafted metadata in an NTFS image can cause code execution. A local attacker can exploit this if the ntfs-3g binary is setuid root. A physically proximate attacker can exploit this if NTFS-3G software is configured to execute upon...

7.8CVSS4AI score0.00049EPSS
Exploits0
UbuntuCve
UbuntuCveadded 2022/10/31 12:0 a.m.47 views

CVE-2022-40284

A buffer overflow was discovered in NTFS-3G before 2022.10.3. Crafted metadata in an NTFS image can cause code execution. A local attacker can exploit this if the ntfs-3g binary is setuid root. A physically proximate attacker can exploit this if NTFS-3G software is configured to execute upon...

7.8CVSS7.1AI score0.00049EPSS
Exploits0References4
GithubExploit
GithubExploitadded 2022/10/23 11:43 a.m.4 views

Exploit for Command Injection in Zmanda Amanda

Suggested description Amanda 3.5.1 has a flaw that allows...

6.7CVSS8.1AI score0.00129EPSS
Exploits1
NVD
NVDadded 2022/10/17 8:15 p.m.16 views

CVE-2022-3421

An attacker can pre-create the /Applications/Google\ Drive.app/Contents/MacOS directory which is expected to be owned by root to be owned by a non-root user. When the Drive for Desktop installer is run for the first time, it will place a binary in that directory with execute permissions and set i...

7.3CVSS0.00013EPSS
Exploits0References1
OSV
OSVadded 2022/10/17 8:15 p.m.0 views

CVE-2022-3421

An attacker can pre-create the /Applications/Google\ Drive.app/Contents/MacOS directory which is expected to be owned by root to be owned by a non-root user. When the Drive for Desktop installer is run for the first time, it will place a binary in that directory with execute permissions and set i...

7.3CVSS5.8AI score
Exploits0References1
Rows per page
Query Builder