4 matches found
Missing Authorization
Overview openviking is an An Agent-native context database Affected versions of this package are vulnerable to Missing Authorization via the task polling. An attacker can access sensitive metadata belonging to other users by sending unauthenticated requests to the /api/v1/tasks and...
PT-2024-33097 · Unknown · Sunbk201 Umicat
Name of the Vulnerable Software and Affected Versions: SunBK201 umicat versions 0.3.2 and earlier Description: The issue allows an attacker to execute arbitrary code via the poweruct int t x, uct int t n function in src/uct upstream.c. This can be exploited to perform local network attacks...
DEBIAN-CVE-2022-25328
The bashcompletion script for fscrypt allows injection of commands via crafted mountpoint paths, allowing privilege escalation under a specific set of circumstances. A local user who has control over mountpoint paths could potentially escalate their privileges if they create a malicious mountpoin...
UBUNTU-CVE-2022-25326
fscrypt through v0.3.2 creates a world-writable directory by default when setting up a filesystem, allowing unprivileged users to exhaust filesystem space. We recommend upgrading to fscrypt 0.3.3 or above and adjusting the permissions on existing fscrypt metadata directories where applicable...