Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2025/04/29 12:0 a.m.6 views

Amazon Linux 2 : containerd (ALASDOCKER-2025-061)

The version of containerd installed on the remote host is prior to 1.6.8-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2025-061 advisory. Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Re...

7.5CVSS7AI score0.01544EPSS
Exploits0References6
0day.today
0day.today
added 2021/11/10 12:0 a.m.337 views

Microsoft OMI Management Interface Authentication Bypass Exploit

This Metasploit module demonstrates that by removing the authentication exchange, an attacker can issue requests to the local OMI management socket that will cause it to execute an operating system command as the root user. This vulnerability was patched in OMI version 1.6.8-1 released September...

9.8CVSS7.6AI score0.99723EPSS
Exploits20
0day.today
0day.today
added 2021/10/31 12:0 a.m.485 views

Microsoft OMI Management Interface Authentication Bypass Exploit

By removing the authentication header, an attacker can issue an HTTP request to the OMI management endpoint that will cause it to execute an operating system command as the root user. This vulnerability was patched in OMI version 1.6.8-1 released September 8th 2021. This module requires Metasploi...

9.8CVSS1.1AI score0.99723EPSS
Exploits19
Metasploit
Metasploit
added 2021/10/28 5:51 p.m.152 views

Microsoft OMI Management Interface Authentication Bypass

By removing the authentication header, an attacker can issue an HTTP request to the OMI management endpoint that will cause it to execute an operating system command as the root user. This vulnerability was patched in OMI version 1.6.8-1 released September 8th 2021. Module Options msf use...

9.8CVSS8.1AI score0.99723EPSS
Exploits19
Tenable Nessus
Tenable Nessus
added 2015/02/12 12:0 a.m.30 views

Debian DSA-3161-1 : dbus - security update

Simon McVittie discovered a local denial of service flaw in dbus, an asynchronous inter-process communication system. On systems with systemd-style service activation, dbus-daemon does not prevent forged ActivationFailure messages from non-root processes. A malicious local user could use this fla...

1.9CVSS6.5AI score0.00273EPSS
Exploits0References4
Rows per page
Query Builder