lxc vulnerabilities and exploits

10
CVSSv2
CVE-2019-7304

Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root. This issue affects: Canonical snapd versions prior to 2.37.1....

CanonicalUbuntu Linux
9.3
CVSSv2
CVE-2017-8570

Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0243....

MicrosoftOffice
7.5
CVSSv2
CVE-2015-0231

Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper...

Php
7.5
CVSSv2
CVE-2014-8142

Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.36, 5.5.x before 5.5.20, and 5.6.x before 5.6.4 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper...

Php
NA
CVE-2019-5786

Google Chrome could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in FileReader. By persuading a victim to visit a specially-crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system....

7.2
CVSSv2
CVE-2019-9729

In Shanda MapleStory Online V160, the SdoKeyCrypt.sys driver allows privilege escalation to NT AUTHORITY\SYSTEM because of not validating the IOCtl 0x8000c01c input value, leading to an integer signedness error and a heap-based buffer underflow....

ShandaMaplestory Online
NA
CVE-2013-1752

Python is updated to address multiple security issues....

NA
CVE-2014-4650

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below. From SUSE_CVE-2014-4650: This CVE is addressed in the SUSE advisories SUSE-SU-2014:0997-1, SUSE-SU-2014:0998-1,...

NA
CVE-2013-1753

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below. From ALAS-2015-552: It was discovered that multiple Python standard library modules implementing network protocols (such...

NA
CVE-2014-8178

Oracle Linux Security Advisory ELSA-2015-3085 linux.oracle.com/errata/ELSA-2015-3085.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux...