Lucene search
K

2835 matches found

Metasploit
Metasploit
added 2022/03/03 5:42 p.m.868 views

Local Privilege Escalation in polkits pkexec

A bug exists in the polkit pkexec binary in how it processes arguments. If the binary is provided with no arguments, it will continue to process environment variables as argument variables, but without any security checking. By using the execve call we can specify a null argument list and populat...

7.8CVSS7.1AI score0.94921EPSS
Exploits151
OSV
OSV
added 2022/02/25 11:15 a.m.2 views

DEBIAN-CVE-2022-25326

fscrypt through v0.3.2 creates a world-writable directory by default when setting up a filesystem, allowing unprivileged users to exhaust filesystem space. We recommend upgrading to fscrypt 0.3.3 or above and adjusting the permissions on existing fscrypt metadata directories where applicable...

5.5CVSS5.6AI score0.00129EPSS
Exploits0References1
OSV
OSV
added 2022/02/25 11:15 a.m.24 views

CVE-2022-25326

fscrypt through v0.3.2 creates a world-writable directory by default when setting up a filesystem, allowing unprivileged users to exhaust filesystem space. We recommend upgrading to fscrypt 0.3.3 or above and adjusting the permissions on existing fscrypt metadata directories where applicable...

5.5CVSS5.4AI score
Exploits0References1
Prion
Prion
added 2022/02/25 11:15 a.m.14 views

Design/Logic Flaw

fscrypt through v0.3.2 creates a world-writable directory by default when setting up a filesystem, allowing unprivileged users to exhaust filesystem space. We recommend upgrading to fscrypt 0.3.3 or above and adjusting the permissions on existing fscrypt metadata directories where applicable...

2.1CVSS5.3AI score0.00129EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2022/02/25 11:15 a.m.1 views

UBUNTU-CVE-2022-25326

fscrypt through v0.3.2 creates a world-writable directory by default when setting up a filesystem, allowing unprivileged users to exhaust filesystem space. We recommend upgrading to fscrypt 0.3.3 or above and adjusting the permissions on existing fscrypt metadata directories where applicable...

5.5CVSS5.8AI score0.00129EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2022/02/25 11:0 a.m.5 views

CVE-2022-25326 Denial of Service in fscrypt

fscrypt through v0.3.2 creates a world-writable directory by default when setting up a filesystem, allowing unprivileged users to exhaust filesystem space. We recommend upgrading to fscrypt 0.3.3 or above and adjusting the permissions on existing fscrypt metadata directories where applicable...

5.5CVSS5.3AI score0.00129EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/02/25 12:0 a.m.2 views

PT-2022-17214 · Fscrypt +1 · Fscrypt +1

Name of the Vulnerable Software and Affected Versions: fscrypt versions through 0.3.2 Description: The issue allows unprivileged users to exhaust filesystem space due to a world-writable directory created by default when setting up a filesystem. Recommendations: For fscrypt versions through 0.3.2...

7.3CVSS5.7AI score0.00199EPSS
Exploits0References24
ATTACKERKB
ATTACKERKB
added 2022/02/24 3:15 a.m.5 views

CVE-2022-24679

A security link following local privilege escalation vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service, Trend Micro Worry-Free Business Security 10.0 SP1 and Trend Micro Worry-Free Business Security Services agents could allow a local attacker to create an writable folder i...

7.8CVSS7.4AI score0.00469EPSS
Exploits0References4
OSV
OSV
added 2022/02/24 3:15 a.m.4 views

CVE-2022-24679

A security link following local privilege escalation vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service, Trend Micro Worry-Free Business Security 10.0 SP1 and Trend Micro Worry-Free Business Security Services agents could allow a local attacker to create an writable folder i...

7.8CVSS6.1AI score0.00469EPSS
Exploits0References3
Cvelist
Cvelist
added 2022/02/24 2:45 a.m.23 views

CVE-2022-24679

A security link following local privilege escalation vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service, Trend Micro Worry-Free Business Security 10.0 SP1 and Trend Micro Worry-Free Business Security Services agents could allow a local attacker to create an writable folder i...

8.2AI score0.00469EPSS
Exploits0References3
OSV
OSV
added 2022/02/15 12:40 a.m.27 views

GHSA-WXJ3-QWV4-CVFM Privilege Escalation in Docker

Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors...

8.4CVSS8.2AI score0.00393EPSS
Exploits1References6
OSV
OSV
added 2022/02/01 12:0 a.m.5 views

UBUNTU-CVE-2021-3996

A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows a local user on a vulnerable system to unmount other users' filesystems that are either world-writable themselves like /tmp or mounted in a...

5.5CVSS6.2AI score0.00634EPSS
Exploits3References5
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.24 views

Mageia: Security Advisory (MGASA-2013-0358)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.2CVSS9.6AI score0.00623EPSS
Exploits5References4
RedHat Linux
RedHat Linux
added 2022/01/24 1:3 p.m.3 views

OpenJDK: Incorrect marking of writeable fields (Hotspot, 8270386)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allow...

5.3CVSS7.4AI score0.02841EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/01/24 1:2 p.m.3 views

OpenJDK: Incorrect marking of writeable fields (Hotspot, 8270386)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allow...

5.3CVSS7.4AI score0.02841EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/01/24 11:39 a.m.3 views

OpenJDK: Incorrect marking of writeable fields (Hotspot, 8270386)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allow...

5.3CVSS7.4AI score0.02841EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/01/24 10:22 a.m.3 views

OpenJDK: Incorrect marking of writeable fields (Hotspot, 8270386)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allow...

5.3CVSS7.4AI score0.02841EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/01/24 9:49 a.m.8 views

OpenJDK: Incorrect marking of writeable fields (Hotspot, 8270386)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allow...

5.3CVSS7.4AI score0.02841EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/01/24 9:46 a.m.2 views

OpenJDK: Incorrect marking of writeable fields (Hotspot, 8270386)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allow...

5.3CVSS7.4AI score0.02841EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/01/24 9:24 a.m.3 views

OpenJDK: Incorrect marking of writeable fields (Hotspot, 8270386)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allow...

5.3CVSS7.4AI score0.02841EPSS
Exploits0References4
Rows per page
Query Builder