CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

Veracode•added 2023/08/17 3:25 a.m.•20 views

Arbitrary Code Execution

org.alluxio:alluxio-core-common is vulnerable to Arbitrary Code Execution. The vulnerability is due to the lluxio.util.CommonUtils.getUnixGroups method which improperly sanitizes the shell command which is used to get the Unix groups of a user. This allows an attacker to inject arbitrary code int...

9.8CVSS7.5AI score0.00369EPSS

Exploits1References4Affected Software1

ATTACKERKB•added 2023/08/15 5:15 p.m.•1 views

CVE-2023-38889

An issue in Alluxio v.2.9.3 and before allows an attacker to execute arbitrary code via a crafted script to the username parameter of lluxio.util.CommonUtils.getUnixGroupsjava.lang.String...

9.8CVSS6.1AI score0.00369EPSS

Exploits1References2

SUSE CVE•added 2023/02/15 6:7 a.m.•1 views

SUSE CVE-2008-3789

Samba 3.2.0 uses weak permissions 0666 for the 1 groupmapping.tdb and 2 groupmapping.ldb files, which allows local users to modify the membership of Unix groups...

2.1CVSS6.6AI score0.01059EPSS

Exploits1References3

OSV•added 2022/01/17 8:11 p.m.•9 views

OPENSUSE-SU-2022:0016-1 Security update for watchman

This update for watchman fixes the following issues: - ship README.suse that explains how to use the template systemd units - add user writable bit for systemd service and socket files - properly handle state directory creation in /run/watchman/$USER-state. The former approach was susceptible to ...

7.8CVSS7.9AI score0.0011EPSS

Exploits0References4

OSV•added 2021/05/05 2:15 p.m.•1 views

ALPINE-CVE-2021-20254

A flaw was found in samba. The Samba smbd file server must map Windows group identities SIDs into unix group ids gids. The code that performs this had a flaw that could allow it to read data beyond the end of the array in the case where a negative cache entry had been added to the mapping cache...

6.8CVSS6.7AI score0.01764EPSS

Exploits0References1

OSV•added 2021/04/29 12:0 a.m.•0 views

UBUNTU-CVE-2021-20254

6.8CVSS6.7AI score0.01764EPSS

Exploits0References5

OSV•added 2008/08/27 8:41 p.m.•1 views

DEBIAN-CVE-2008-3789

Samba 3.2.0 uses weak permissions 0666 for the 1 groupmapping.tdb and 2 groupmapping.ldb files, which allows local users to modify the membership of Unix groups...

2.1CVSS8.9AI score0.01059EPSS

Exploits1References1

UbuntuCve•added 2008/08/27 8:41 p.m.•20 views

CVE-2008-3789

Samba 3.2.0 uses weak permissions 0666 for the 1 groupmapping.tdb and 2 groupmapping.ldb files, which allows local users to modify the membership of Unix groups...

2.1CVSS7.2AI score0.01059EPSS

Exploits1References1

Prion•added 2008/08/27 8:41 p.m.•21 views

Code injection

Samba 3.2.0 uses weak permissions 0666 for the 1 groupmapping.tdb and 2 groupmapping.ldb files, which allows local users to modify the membership of Unix groups...

2.1CVSS6.3AI score0.01059EPSS

Exploits1References8Affected Software1

CVE•added 2008/08/27 8:0 p.m.•83 views

CVE-2008-3789

CVE-2008-3789 (Samba 3.2.0): The vulnerability arises from weak permissions (0666) on the group_mapping.tdb and group_mapping.ldb files, enabling local users to modify Unix group memberships. Concrete details in connected docs confirm the affected component/files and the local-privilege consequen...

2.1CVSS5.9AI score0.01059EPSS

Exploits1References8Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by