Lucene search
K

2838 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 3:26 a.m.1 views

SUSE CVE-2022-29527

Amazon AWS amazon-ssm-agent before 3.1.1208.0 creates a world-writable sudoers file, which allows local attackers to inject Sudo rules and escalate privileges to root. This occurs in certain situations involving a race condition...

8.4CVSS6.7AI score0.00296EPSS
Exploits1References5
Cvelist
Cvelist
added 2023/02/14 1:44 p.m.23 views

CVE-2023-25149 TimescaleDB has incorrect access control

TimescaleDB, an open-source time-series SQL database, has a privilege escalation vulnerability in versions 2.8.0 through 2.9.2. During installation, TimescaleDB creates a telemetry job that is runs as the installation user. The queries run as part of the telemetry data collection were not run wit...

8.8CVSS9.3AI score0.00775EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2023/02/14 1:44 p.m.51 views

CVE-2023-25149

TimescaleDB, an open-source time-series SQL database, has a privilege escalation vulnerability in versions 2.8.0 through 2.9.2. During installation, TimescaleDB creates a telemetry job that is runs as the installation user. The queries run as part of the telemetry data collection were not run wit...

8.8CVSS9.1AI score0.00775EPSS
Exploits0
Packet Storm
Packet Storm
added 2023/02/03 12:0 a.m.347 views

macOS Dirty Cow Arbitrary File Write Local Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'macOS Dirty Cow Arbitrary File Write Local Privilege Escalation', 'Description' = %q An app may be able to execute arbitrary code with kernel...

7CVSS0.5AI score0.44678EPSS
Exploits9
0day.today
0day.today
added 2023/02/03 12:0 a.m.283 views

macOS Dirty Cow Arbitrary File Write Local Privilege Escalation Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'macOS Dirty Cow Arbitrary File Write Local Privilege Escalation', 'Description' = %q An app may be able to execute arbitrary code with kernel...

7CVSS7.1AI score0.44678EPSS
Exploits9
OSV
OSV
added 2022/12/22 8:15 p.m.3 views

CVE-2022-22736

If Firefox was installed to a world-writable directory, a local privilege escalation could occur when Firefox searched the current directory for system libraries. However the install directory is not world-writable by default.This bug only affects Firefox for Windows in a non-default installation...

7CVSS7.3AI score0.00244EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2022/12/22 8:15 p.m.34 views

CVE-2022-22736

If Firefox was installed to a world-writable directory, a local privilege escalation could occur when Firefox searched the current directory for system libraries. However the install directory is not world-writable by default.This bug only affects Firefox for Windows in a non-default installation...

7CVSS7.1AI score0.00244EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2022/12/15 12:0 a.m.269 views

Acronis TrueImage XPC Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Acronis TrueImage XPC Privilege Escalation', 'Description' = %q Acronis TrueImage versions 2019 update 1 through 2021 update 1 are vulnerable to...

7.8CVSS0.7AI score0.02152EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2022/12/15 12:0 a.m.23 views

Zoom Client for Meetings < 5.3.2 Vulnerability (ZSB-21004)

The version of Zoom Client for Meetings installed on the remote host is prior to 5.3.2. It is, therefore, affected by a vulnerability as referenced in the ZSB-21004 advisory. - A user-writable directory created during the installation of the Zoom Client for Meetings for Windows version prior to...

7.8CVSS7.4AI score0.00443EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/11/16 12:0 a.m.25 views

RHEL 9 : dotnet7.0 (RHSA-2022:8434)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:8434 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. N...

7.8CVSS7.5AI score0.01057EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2022/11/15 4:8 p.m.2 views

dotnet: Nuget cache poisoning on Linux via world-writable cache directory

A vulnerability was found in dotnet. This flaw allows an attacker to triage a NuGet cache poisoning on Linux via a world-writable cache directory...

7.8CVSS5.7AI score0.01057EPSS
Exploits0References5
OSV
OSV
added 2022/11/08 3:15 p.m.2 views

CVE-2022-41757

An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to obtain write access to read-only memory, or obtain access to already freed memory. This affects Valhall r29p0 through r38p1 before r38p2, and r39p0 before r40p0...

8.8CVSS5.8AI score0.00678EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2022/11/08 11:35 a.m.3 views

dotnet: Nuget cache poisoning on Linux via world-writable cache directory

A vulnerability was found in dotnet. This flaw allows an attacker to triage a NuGet cache poisoning on Linux via a world-writable cache directory...

7.8CVSS5.7AI score0.01057EPSS
Exploits0References5
Packet Storm
Packet Storm
added 2022/10/27 12:0 a.m.370 views

Vagrant Synced Folder Vagrantfile Breakout

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Vagrant Synced Folder Vagrantfile Breakout', 'Description' = %q This module exploits a default Vagrant synced folder shared folder to append a Ru...

7.4AI score
Exploits0
RedhatCVE
RedhatCVE
added 2022/10/13 3:31 p.m.25 views

CVE-2022-41032

A vulnerability was found in dotnet. This flaw allows an attacker to triage a NuGet cache poisoning on Linux via a world-writable cache directory...

7.8CVSS4.2AI score0.01057EPSS
Exploits0References4
Veracode
Veracode
added 2022/10/13 2:11 a.m.33 views

Privilege Escalation

NuGet Client is vulnerable to Privilege Escalation. The vulnerability exists because the library does not properly handle a world-writable cache directory, allowing an attacker to inject and execute malicious code, resulting in the elevation of privilege...

7.8CVSS7.6AI score0.01057EPSS
Exploits0References13Affected Software4
RedHat Linux
RedHat Linux
added 2022/10/12 8:22 a.m.4 views

dotnet: Nuget cache poisoning on Linux via world-writable cache directory

A vulnerability was found in dotnet. This flaw allows an attacker to triage a NuGet cache poisoning on Linux via a world-writable cache directory...

7.8CVSS5.7AI score0.01057EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/10/12 8:4 a.m.5 views

dotnet: Nuget cache poisoning on Linux via world-writable cache directory

A vulnerability was found in dotnet. This flaw allows an attacker to triage a NuGet cache poisoning on Linux via a world-writable cache directory...

7.8CVSS5.7AI score0.01057EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/10/12 8:3 a.m.3 views

dotnet: Nuget cache poisoning on Linux via world-writable cache directory

A vulnerability was found in dotnet. This flaw allows an attacker to triage a NuGet cache poisoning on Linux via a world-writable cache directory...

7.8CVSS5.7AI score0.01057EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/10/12 8:3 a.m.1 views

dotnet: Nuget cache poisoning on Linux via world-writable cache directory

A vulnerability was found in dotnet. This flaw allows an attacker to triage a NuGet cache poisoning on Linux via a world-writable cache directory...

7.8CVSS5.7AI score0.01057EPSS
Exploits0References5
Rows per page
Query Builder