Lucene search
K

25 matches found

Debian CVE
Debian CVE
added 2020/07/29 4:25 p.m.30 views

CVE-2020-11934

It was discovered that snapctl user-open allowed altering the $XDGDATADIRS environment variable when calling the system xdg-open. OpenURL in usersession/userd/launcher.go would alter $XDGDATADIRS to append a path to a directory controlled by the calling snap. A malicious snap could exploit this t...

5.9CVSS6.1AI score0.00365EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/07/16 12:0 a.m.40 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : snapd vulnerabilities (USN-4424-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4424-1 advisory. It was discovered that cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices ran on every boot without...

7.3CVSS6.6AI score0.00365EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2020/07/16 12:0 a.m.26 views

Ubuntu: Security Advisory (USN-4424-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.3CVSS6.7AI score0.00365EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2020/07/15 2:49 p.m.92 views

USN-4424-1: snapd vulnerabilities

It was discovered that cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices ran on every boot without restrictions. A physical attacker could exploit this to craft cloud-init user-data/meta-data via external media to perform arbitrary changes on the device to bypass intende...

7.3CVSS6.6AI score0.00365EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2020/07/15 12:0 p.m.34 views

CVE-2020-11934

It was discovered that snapctl user-open allowed altering the $XDGDATADIRS environment variable when calling the system xdg-open. OpenURL in usersession/userd/launcher.go would alter $XDGDATADIRS to append a path to a directory controlled by the calling snap. A malicious snap could exploit this t...

5.9CVSS6.6AI score0.00365EPSS
Exploits0References2
Rows per page
Query Builder