Lucene search
K

71 matches found

RedHat Linux
RedHat Linux
added 2019/06/20 2:20 p.m.2 views

libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API

It was discovered that libvirtd would permit read-only clients to use the virDomainSaveImageGetXMLDesc API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attacker with access to the libvirtd socket could use this to probe the existence of...

8.8CVSS7.6AI score0.00516EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2018/03/12 4:19 p.m.50 views

CVE-2017-1002101

It was found that volume security can be sidestepped with innocent emptyDir and subpath. This could give an attacker with access to a pod full control over the node host by gaining access to docker socket...

9.6CVSS1.4AI score0.11586EPSS
Exploits2References2
BDU FSTEC
BDU FSTEC
added 2016/08/03 12:0 a.m.7 views

The vulnerability of the Android operating system, which allows a hacker to increase their privileges

The vulnerability of the Android operating system’s socket subsystem is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to enhance their privileges through a specially created application that utilizes the AFMSMIPC socket, or any other socket not...

9.3CVSS7.2AI score0.00389EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2016/06/08 12:0 a.m.5 views

PT-2016-5687 · Red Hat +1 · Red Hat Openshift Enterprise +1

Name of the Vulnerable Software and Affected Versions: Red Hat OpenShift Enterprise version 3.2 Description: The issue is related to improper access restriction to STI builds, allowing remote authenticated users to access the Docker socket and gain privileges. This is achieved through vectors...

8.8CVSS8.4AI score0.01941EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2016/05/19 3:48 p.m.33 views

CVE-2016-3738

A vulnerability was found in the STI build process in OpenShift Enterprise. Access to STI builds was not properly restricted, allowing an attacker to use STI builds to access the Docker socket and escalate their privileges...

8.8CVSS4.2AI score0.01941EPSS
Exploits0References1
OSV
OSV
added 2012/10/03 11:2 a.m.7 views

CVE-2012-3430

The rdsrecvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a 1 recvfrom or 2 recvmsg system call on an RDS socket...

5.2AI score
Exploits0References18
Packet Storm
Packet Storm
added 2010/08/12 12:0 a.m.57 views

Linux Kernel 2.6.33.3 SCTP INIT Denial Of Service

From: http://jon.oberheide.org/files/sctp-boom.py !/usr/bin/env python ''' sctp-boom.py Linux Kernel http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1173 The sctpprocessunkparam function in net/sctp/smmakechunk.c in the Linux kernel 2.6.33.3 and earlie...

7.1CVSS6.3AI score0.21402EPSS
Exploits7
OSV
OSV
added 2005/06/29 4:0 a.m.1 views

DEBIAN-CVE-2005-0201

D-BUS dbus before 0.22 does not properly restrict access to a socket, if the socket address is known, which allows local users to listen or send arbitrary messages on another user's per-user session bus via that socket...

2.1CVSS6.4AI score0.00428EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2005/06/25 12:0 a.m.28 views

traceSolaris.txt

/usr/sbin/traceroute from Solaris 10 is vulnerable to buffer overflow in handling -g argument. After supplying 10 -g parameters, return address is overwritten by IP address argument: atari:root:/home/venglin /usr/sbin/traceroute -g 1 -g 2 -g 3 -g 4 -g 5 -g 6 -g 7 -g 8 -g 9 -g 10 127.0.0.1...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.28 views

Debian DSA-124-1 : mtr - buffer overflow

The authors of mtr released a new upstream version, noting a non-exploitable buffer overflow in their ChangeLog. Przemyslaw Frasunek, however, found an easy way to exploit this bug, which allows an attacker to gain access to the raw socket, which makes IP spoofing and other malicious network...

2.1CVSS5.6AI score0.00501EPSS
Exploits1References3
Cvelist
Cvelist
added 2003/04/02 5:0 a.m.24 views

CVE-2002-0497

Buffer overflow in mtr 0.46 and earlier, when installed setuid root, allows local users to access a raw socket via a long MTROPTIONS environment variable...

6.4AI score0.00501EPSS
Exploits1References4
Rows per page
Query Builder