Lucene search
K

2839 matches found

RedHat Linux
RedHat Linux
added 2022/01/24 10:22 a.m.3 views

OpenJDK: Incorrect marking of writeable fields (Hotspot, 8270386)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allow...

5.3CVSS7.4AI score0.02896EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/01/24 9:49 a.m.8 views

OpenJDK: Incorrect marking of writeable fields (Hotspot, 8270386)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allow...

5.3CVSS7.4AI score0.02896EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/01/24 9:46 a.m.2 views

OpenJDK: Incorrect marking of writeable fields (Hotspot, 8270386)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allow...

5.3CVSS7.4AI score0.02896EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/01/24 9:24 a.m.3 views

OpenJDK: Incorrect marking of writeable fields (Hotspot, 8270386)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allow...

5.3CVSS7.4AI score0.02896EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/01/24 12:0 a.m.7 views

PT-2022-1460 · Unknown +5 · Util-Linux +5

Name of the Vulnerable Software and Affected Versions: util-linux affected versions not specified Description: A logic error was found in the libmount library of util-linux, allowing an unprivileged user to unmount a FUSE filesystem. This flaw enables a local user on a vulnerable system to unmoun...

5.5CVSS5.8AI score0.34771EPSS
Exploits6References70
ATTACKERKB
ATTACKERKB
added 2022/01/18 4:15 p.m.3 views

CVE-2022-23302

JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP service the attacker has access to. The attacker can provide a TopicConnectionFactoryBindingName...

8.8CVSS7.6AI score0.81147EPSS
Exploits9References7Affected Software1
Github Security Blog
Github Security Blog
added 2022/01/06 11:53 p.m.36 views

Book page text, count, and author/title length is not limited in PocketMine-MP

Impact Players can fill book pages with as many characters as they like; the server does not check this. In addition, the maximum of 50 pages is also not enforced, meaning that players can create "book bombs". This causes a variety of problems: - Oversized NBT on the wire costing excess bandwidth...

1AI score
Exploits0References2Affected Software1
Prion
Prion
added 2021/12/14 3:15 p.m.21 views

Input validation

Rapid7 Insight Agent, versions 3.0.1 to 3.1.2.34, suffer from a local privilege escalation due to an uncontrolled DLL search path. Specifically, when Insight Agent versions 3.0.1 to 3.1.2.34 start, the Python interpreter attempts to load python3.dll at "C:\DLLs\python3.dll," which normally is...

7.2CVSS7.5AI score0.00868EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2021/12/14 12:15 p.m.9 views

DEBIAN-CVE-2021-4104

JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can provide TopicBindingName and TopicConnectionFactoryBindingName configurations causing JMSAppender to perform JNDI requests that result in...

7.5CVSS8.6AI score0.81147EPSS
Exploits9References1
OSV
OSV
added 2021/12/07 3:15 a.m.1 views

DEBIAN-CVE-2021-44512

World-writable permissions on the /tmp/tmate/sessions directory in tmate-ssh-server 2.3.0 allow a local attacker to compromise the integrity of session handling, or obtain the read-write session ID from a read-only session symlink in this directory...

7CVSS7AI score0.00254EPSS
Exploits0References1
NVD
NVD
added 2021/12/07 3:15 a.m.12 views

CVE-2021-44512

World-writable permissions on the /tmp/tmate/sessions directory in tmate-ssh-server 2.3.0 allow a local attacker to compromise the integrity of session handling, or obtain the read-write session ID from a read-only session symlink in this directory...

7CVSS0.00254EPSS
Exploits0References2
OSV
OSV
added 2021/12/07 3:15 a.m.0 views

UBUNTU-CVE-2021-44512

World-writable permissions on the /tmp/tmate/sessions directory in tmate-ssh-server 2.3.0 allow a local attacker to compromise the integrity of session handling, or obtain the read-write session ID from a read-only session symlink in this directory...

7CVSS5.8AI score0.00254EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2021/12/07 3:15 a.m.14 views

CVE-2021-44512

World-writable permissions on the /tmp/tmate/sessions directory in tmate-ssh-server 2.3.0 allow a local attacker to compromise the integrity of session handling, or obtain the read-write session ID from a read-only session symlink in this directory...

7CVSS7AI score0.00254EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2021/12/07 2:7 a.m.13 views

CVE-2021-44512

World-writable permissions on the /tmp/tmate/sessions directory in tmate-ssh-server 2.3.0 allow a local attacker to compromise the integrity of session handling, or obtain the read-write session ID from a read-only session symlink in this directory...

7CVSS6.7AI score0.00254EPSS
Exploits0
NVD
NVD
added 2021/12/06 4:15 a.m.16 views

CVE-2021-43040

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The privileged vaultServer could be leveraged to create arbitrary writable files, leading to privilege escalation...

8.8CVSS0.01769EPSS
Exploits1References3
OSV
OSV
added 2021/12/06 4:15 a.m.6 views

CVE-2021-43040

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The privileged vaultServer could be leveraged to create arbitrary writable files, leading to privilege escalation...

8.8CVSS5.9AI score0.01769EPSS
Exploits1References3
OSV
OSV
added 2021/12/06 4:15 a.m.1 views

CVE-2021-43034

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. A world writable file allowed local users to execute arbitrary code as the user apache, leading to privilege escalation...

7.8CVSS6.1AI score0.00438EPSS
Exploits1References3
Prion
Prion
added 2021/12/06 4:15 a.m.11 views

Privilege escalation

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. A world writable file allowed local users to execute arbitrary code as the user apache, leading to privilege escalation...

4.6CVSS7.8AI score0.00438EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2021/12/06 12:0 a.m.5 views

PT-2021-23723 · Kaseya · Kaseya Unitrends Backup Appliance

Name of the Vulnerable Software and Affected Versions: Kaseya Unitrends Backup Appliance versions prior to 10.5.5 Description: An issue was discovered in the Kaseya Unitrends Backup Appliance, where a world writable file allowed local users to execute arbitrary code as the user apache, leading to...

7.8CVSS7.8AI score0.00438EPSS
Exploits1References7
CNNVD
CNNVD
added 2021/12/06 12:0 a.m.5 views

Unitrends Backup 安全漏洞

Unitrends Backup is designed to eliminate data loss, ransomware and risk. An elevation of privilege vulnerability exists in versions of Unitrends Backup prior to 10.5.5, which originates from the creation of arbitrary writable files on a privileged vault server, and can be exploited by an attacke...

8.8CVSS5.9AI score0.01769EPSS
Exploits1References4
Rows per page
Query Builder