Lucene search
K

2836 matches found

CNNVD
CNNVD
added 2022/08/23 12:0 a.m.1 views

Ansible Runner 安全漏洞

Ansible Runner is an open source tool and python library for Ansible. It can help when interacting with Ansible directly or as part of another system. A security vulnerability in Ansible Runner version 2.0.0, which stems from the default temporary file configuration being written to a world R/W...

6.6CVSS5.6AI score0.00264EPSS
Exploits0References5
Oracle linux
Oracle linux
added 2022/08/22 12:0 a.m.35 views

podman security update

1.6.4-36.0.1 - Reduce unnecessary writable mounts in NaiveDiffDriver Orabug: 31025483 - handle redirect from the docker registry v2 Orabug: 29874238 [email protected] - remove changes in NaiveDiffDriver 1.6.4-36 - update to the latest content of...

7.5CVSS1.4AI score0.00715EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2022/08/09 8:20 p.m.1 views

CVE-2022-20239

remappfnrange' here may map out of size kernel memory for example, may map the kernel area, and because the 'vma-vmpageprot' can also be controlled by userspace, so userspace may map the kernel area to be writable, which is easy to be exploitedProduct: AndroidVersions: Android SoCAndroid ID:...

8.9AI score0.00249EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/08/01 12:0 a.m.3 views

DSpace 路径遍历漏洞

DSpace is an open source turnkey repository application from the DuraSpace community. A path traversal vulnerability exists in DSpace versions 4.0 through 6.3, which stems from a JSPUI in SubmissionController and FileUploadRequest that allows an attacker to create Tomcat/DSpace user-writable file...

8.2CVSS7.3AI score0.00868EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/08/01 12:0 a.m.3 views

DSpace 路径遍历漏洞

DSpace is an open source turnkey repository application from the DuraSpace community. A path traversal vulnerability exists in DSpace versions 4.0 through 6.3, which stems from the intention that the SAF Simple Archive Format package could lead to the creation of files/directories in any location...

7.2CVSS7AI score0.01096EPSS
Exploits0References4
Kitploit
Kitploit
added 2022/07/28 12:30 p.m.64 views

TerraformGoat - "Vulnerable By Design" Multi Cloud Deployment Tool

TerraformGoat is selefra research lab's "Vulnerable by Design" multi cloud deployment tool. Currently supported cloud vendors include Alibaba Cloud, Tencent Cloud, Huawei Cloud, Amazon Web Services, Google Cloud Platform, Microsoft Azure. Scenarios ID | Cloud Service Company | Types Of Cloud...

7.5AI score
Exploits0References67
Tenable Nessus
Tenable Nessus
added 2022/07/15 12:0 a.m.30 views

EulerOS Virtualization 2.10.1 : util-linux (EulerOS-SA-2022-2069)

According to the versions of the util-linux package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an...

5.5CVSS6.2AI score0.00634EPSS
Exploits4References4
OSV
OSV
added 2022/07/14 4:15 p.m.3 views

CVE-2021-45492

In Sage 300 ERP formerly accpac through 6.8.x, the installer configures the C:\Sage\Sage300\Runtime directory to be the first entry in the system-wide PATH environment variable. However, this directory is writable by unprivileged users because the Sage installer fails to set explicit permissions...

7.8CVSS5.8AI score0.00292EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/07/14 12:0 a.m.5 views

PT-2022-12371 · Sage · Sage 300 Erp

Name of the Vulnerable Software and Affected Versions: Sage 300 ERP versions through 6.8.x Description: The installer configures the C:SageSage300Runtime directory to be the first entry in the system-wide PATH environment variable. However, this directory is writable by unprivileged users because...

7.8CVSS7.8AI score0.00292EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2022/07/13 7:15 p.m.3 views

CVE-2022-20238

'remappfnrange' here may map out of size kernel memory for example, may map the kernel area, and because the 'vma-vmpageprot' can also be controlled by userspace, so userspace may map the kernel area to be writable, which is easy to be exploitedProduct: AndroidVersions: Android SoCAndroid ID:...

10CVSS7.2AI score0.00464EPSS
Exploits0References2
NVD
NVD
added 2022/07/13 7:15 p.m.12 views

CVE-2022-20238

'remappfnrange' here may map out of size kernel memory for example, may map the kernel area, and because the 'vma-vmpageprot' can also be controlled by userspace, so userspace may map the kernel area to be writable, which is easy to be exploitedProduct: AndroidVersions: Android SoCAndroid ID:...

10CVSS0.00464EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/07/13 6:23 p.m.16 views

CVE-2022-20238

'remappfnrange' here may map out of size kernel memory for example, may map the kernel area, and because the 'vma-vmpageprot' can also be controlled by userspace, so userspace may map the kernel area to be writable, which is easy to be exploitedProduct: AndroidVersions: Android SoCAndroid ID:...

9.1AI score0.00464EPSS
Exploits0References1
OSV
OSV
added 2022/07/01 12:0 a.m.6 views

ASB-A-233154555

'remappfnrange' here may map out of size kernel memory for example, may map the kernel area, and because the 'vma-vmpageprot' can also be controlled by userspace, so userspace may map the kernel area to be writable, which is easy to be exploited...

10CVSS7AI score0.00464EPSS
Exploits0References1
NVD
NVD
added 2022/06/30 9:15 p.m.22 views

CVE-2014-0068

It was reported that watchman in openshift node-utils creates /var/run/watchman.pid and /var/log/watchman.ouput with world writable permission...

5.5CVSS0.00223EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/06/30 8:34 p.m.21 views

CVE-2014-0068

It was reported that watchman in openshift node-utils creates /var/run/watchman.pid and /var/log/watchman.ouput with world writable permission...

5.6AI score0.00223EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/06/30 12:0 a.m.2 views

Red Hat openshift node-utils 安全漏洞

Red Hat openshift node-utils is a cloud application Platform-as-a-Service PaaS package from Red Hat, Inc. A security vulnerability exists in Red Hat openshift node-utils, which originates when watchman creates /var/run/watchman.pid and /var/log/watchman.ouput with global writable privileges...

5.5CVSS5.8AI score0.00223EPSS
Exploits0References2
Snyk
Snyk
added 2022/06/16 2:26 p.m.2 views

Insecure Permissions

Overview Affected versions of this package are vulnerable to Insecure Permissions due to the gem file containing world-writeable files. This means everyone who is not the owner Group and Public with access to the instance where this release had been installed could modify the world-writable files...

3.3CVSS6.8AI score0.00251EPSS
Exploits0References2
Snyk
Snyk
added 2022/06/16 2:17 p.m.2 views

Insecure Permissions

Overview octopoller is a micro gem for polling and retrying, perfect for making repeating requests. Affected versions of this package are vulnerable to Insecure Permissions due to the gem file containing world-writable files, this means everyone who is not the owner Group and Public with access t...

3.3CVSS6.8AI score0.00214EPSS
Exploits0References2
Veracode
Veracode
added 2022/06/16 9:6 a.m.15 views

Improper Access Control

octopoller is vulnerable to improper access control. The vulnerability exists because the files are given with world-writable permission without proper validations which allows a malicious attacker to modify files and change the existing behavior...

3.3CVSS4.4AI score0.00214EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCve
added 2022/06/15 11:15 p.m.24 views

CVE-2022-31072

Octokit is a Ruby toolkit for the GitHub API. Versions 4.23.0 and 4.24.0 of the octokit gem were published containing world-writeable files. Specifically, the gem was packed with files having their permissions set to -rw-rw-rw- i.e. 0666 instead of rw-r--r-- i.e. 0644. This means everyone who is...

3.3CVSS5.8AI score0.00251EPSS
Exploits0References3
Rows per page
Query Builder