Lucene search
K

567 matches found

OpenVAS
OpenVAS
added 2023/03/20 12:0 a.m.23 views

Huawei EulerOS: Security Advisory for lxc (EulerOS-SA-2023-1557)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.3CVSS4.4AI score0.00702EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/03/20 12:0 a.m.39 views

CBL Mariner 2.0 Security Update: ntfs-3g (CVE-2022-40284)

The version of ntfs-3g installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-40284 advisory. - A buffer overflow was discovered in NTFS-3G before 2022.10.3. Crafted metadata in an NTFS image can cause...

7.8CVSS7.1AI score0.00347EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/03/19 12:0 a.m.47 views

EulerOS 2.0 SP10 : lxc (EulerOS-SA-2023-1557)

According to the versions of the lxc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - lxc-user-nic in lxc through 5.0.1 is installed setuid root, and may allow local users to infer whether any file exists, even within a protected...

3.3CVSS5.5AI score0.00702EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/03/09 12:0 a.m.18 views

Huawei EulerOS: Security Advisory for lxc (EulerOS-SA-2023-1451)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.3CVSS4.4AI score0.00702EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/03/09 12:0 a.m.50 views

EulerOS 2.0 SP9 : lxc (EulerOS-SA-2023-1451)

According to the versions of the lxc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - lxc-user-nic in lxc through 5.0.1 is installed setuid root, and may allow local users to infer whether any file exists, even within a protected...

3.3CVSS5.5AI score0.00702EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/03/08 12:0 a.m.35 views

EulerOS 2.0 SP9 : lxc (EulerOS-SA-2023-1476)

According to the versions of the lxc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - lxc-user-nic in lxc through 5.0.1 is installed setuid root, and may allow local users to infer whether any file exists, even within a protected...

3.3CVSS5.5AI score0.00702EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 6:20 a.m.6 views

SUSE CVE-2004-0564

Roaring Penguin pppoe rp-ppoe, if installed or configured to run setuid root contrary to its design, allows local users to overwrite arbitrary files. NOTE: the developer has publicly disputed the claim that this is a vulnerability because pppoe "is NOT designed to run setuid-root." Therefore this...

2.1CVSS7AI score0.00362EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:19 a.m.5 views

SUSE CVE-2005-0070

Synaesthesia 2.1 and earlier, and possibly other versions, when installed setuid root, does not drop privileges before processing configuration and mixer files, which allows local users to read arbitrary files...

7.2CVSS6.7AI score0.00369EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:17 a.m.3 views

SUSE CVE-2005-3531

fusermount in FUSE before 2.4.1, if installed setuid root, allows local users to corrupt /etc/mtab and possibly modify mount options by performing a mount over a directory whose name contains certain special characters...

2.1CVSS6.6AI score0.00365EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:11 a.m.6 views

SUSE CVE-2007-3848

Linux kernel 2.4.35 and other versions allows local users to send arbitrary signals to a child process that is running at higher privileges by causing a setuid-root parent process to die, which delivers an attacker-controlled parent process death signal PRSETPDEATHSIG...

1.9CVSS6.6AI score0.00363EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 6:10 a.m.4 views

SUSE CVE-2007-5159

The ntfs-3g package before 1.913-2.fc7 in Fedora 7, and an ntfs-3g package in Ubuntu 7.10/Gutsy, assign incorrect permissions setuid root to mount.ntfs-3g, which allows local users with fuse group membership to read from and write to arbitrary block devices, possibly involving a file descriptor...

4.6CVSS6.8AI score0.00354EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:8 a.m.3 views

SUSE CVE-2008-1671

startkdeinit in KDE 3.5.5 through 3.5.9, when installed setuid root, allows local users to cause a denial of service and possibly execute arbitrary code via "user-influenceable input" probably command-line arguments that cause startkdeinit to send SIGUSR1 signals to other processes...

4.6CVSS7.5AI score0.00626EPSS
Exploits2References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:4 a.m.4 views

SUSE CVE-2009-1142

An issue was discovered in open-vm-tools 2009.03.18-154848. Local users can gain privileges via a symlink attack on /tmp files if vmware-user-suid-wrapper is setuid root and the ChmodChownDirectory function is enabled...

6.7CVSS7.4AI score0.00265EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:30 a.m.7 views

SUSE CVE-2014-1845

An unspecified setuid root helper in Enlightenment before 0.17.6 allows local users to gain privileges by leveraging failure to properly sanitize the environment...

7.8CVSS7.7AI score0.00363EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:8 a.m.5 views

SUSE CVE-2016-1531

Exim before 4.86.2, when installed setuid root, allows local users to gain privileges via the perlstartup argument...

7CVSS7.1AI score0.05901EPSS
Exploits13References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:53 a.m.5 views

SUSE CVE-2016-10729

An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. The "runtar" setuid root binary does not check for additional arguments supplied after --create, allowing users to manipulate commands and perform command injection as root...

6.7CVSS7.8AI score0.01187EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:42 a.m.3 views

SUSE CVE-2017-11547

The resamplegauss function in resample.c in TiMidity++ 2.14.0 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted mid file. NOTE: a crash might be relevant when using the --background option. NOTE: the TiMidity++ README.alsaseq documentation suggests a...

5.5CVSS6.9AI score0.01097EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:14 a.m.3 views

SUSE CVE-2019-9755

An integer underflow issue exists in ntfs-3g 2017.3.23. A local attacker could potentially exploit this by running /bin/ntfs-3g with specially crafted arguments from a specially crafted directory to cause a heap buffer overflow, resulting in a crash or the ability to execute arbitrary code. In...

5.5CVSS7.5AI score0.00531EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2023/02/15 3:58 a.m.5 views

SUSE CVE-2020-13696

An issue was discovered in LinuxTV xawtv before 3.107. The function devopen in v4l-conf.c does not perform sufficient checks to prevent an unprivileged caller of the program from opening unintended filesystem paths. This allows a local attacker with access to the v4l-conf setuid-root program to...

4.4CVSS6.7AI score0.00355EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 3:52 a.m.2 views

SUSE CVE-2020-28010

Exim 4 before 4.94.2 allows Out-of-bounds Write because the main function, while setuid root, copies the current working directory pathname into a buffer that is too small on some common platforms...

7.8CVSS8.1AI score0.00417EPSS
Exploits1References6
Rows per page
Query Builder