Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2022/02/17 4:52 p.m.72 views

CVE-2022-25182

A flaw was found in Jenkins. The Pipeline: Shared Groovy Libraries Plugin uses the names of Pipeline libraries to create directories without canonicalization or sanitization. This flaw allows attackers with item/configure permission to execute arbitrary code in the context of the Jenkins...

8.8CVSS5.2AI score0.01601EPSS
Exploits0References3
NVD
NVD
added 2022/02/15 5:15 p.m.22 views

CVE-2022-25182

A sandbox bypass vulnerability in Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier allows attackers with Item/Configure permission to execute arbitrary code on the Jenkins controller JVM using specially crafted library names if a global Pipeline library is already...

8.8CVSS0.01601EPSS
Exploits0References1
Prion
Prion
added 2019/07/02 3:15 p.m.23 views

Code injection

IBM Spectrum Protect Servers 7.1 and 8.1 and Storage Agents could allow a local attacker to gain elevated privileges on the system, caused by loading a specially crafted library loaded by the dsmqsan module. By setting up such a library, a local attacker could exploit this vulnerability to gain...

7.2CVSS7.4AI score0.00529EPSS
Exploits0References2Affected Software1
OPENSUSE Linux
OPENSUSE Linux
added 2017/05/24 9:12 p.m.66 views

Security update for samba (important)

This update for samba fixes the following issue: - An unprivileged user with access to the samba server could cause smbd to load a specially crafted shared library, which then had the ability to execute arbitrary code on the server as 'root'. CVE-2017-7494, bso12780, bsc1038231 This update was...

3.3AI score0.99448EPSS
Exploits24References1
Tenable Nessus
Tenable Nessus
added 2014/02/06 12:0 a.m.28 views

GLSA-201402-05 : Banshee: Arbitrary code execution

The remote host is affected by the vulnerability described in GLSA-201402-05 Banshee: Arbitrary code execution Banshee places a zero-length directory name in PATH, which allows libraries to be loaded from the working directory. Impact : A local attacker could put specially crafted library into...

6.9CVSS6.1AI score0.00422EPSS
Exploits1References2
Gentoo Linux
Gentoo Linux
added 2014/02/05 12:0 a.m.28 views

Banshee: Arbitrary code execution

Background Banshee is a multimedia management and playback application for GNOME. Description Banshee places a zero-length directory name in PATH, which allows libraries to be loaded from the working directory. Impact A local attacker could put specially crafted library into working directory of...

6.9CVSS6.8AI score0.00422EPSS
Exploits1
Rows per page
Query Builder