runc vulnerabilities and exploits

6.5
MEDIUM
CVE-2019-3921

The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to a stack buffer overflow via crafted HTTP POST request sent by a remote, authenticated attacker to /GponForm/usb_Form?script/. An attacker can leverage this vulnerability to potentially...

NokiaI-240w-q Gpon Ont Firmware
NA
CVE-2019-5376

Exploit for CVE-2019-5736 Version 1 (inspired by original idea DragonSector) use a malicious.so(which used by runc) with malicious entry point (like #!/proc/self/exe) to hijack the execution of runc, and then open '/proc/self/exe' to hold the file descriptor. Then...

10
HIGH
CVE-2018-15982

Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution....

NA
CVE-2018-4338

Apple iOS could allow a local attacker to obtain sensitive information, caused by the improper validation of input in the Wi-Fi component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to read restricted memory....

NA
CVE-2016-5346

The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Alongside the bulletin, we have released a security update to Nexus devices through an over-the-air (OTA) update. The Google device firmware images have also been released to...

NA
CVE-2018-9411

The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Security patch levels of 2018-07-05 or later address all of these issues. To learn how to check a device's security patch level, see Check and update your Android...

NA
CVE-2018-13452

ProjectSend version R1053 suffers from a remote SQL injection vulnerability....

NA
CVE-2018-13149

Awesome CVE PoC A curated list of CVE PoCs. Here is a collection about Proof of Concepts of Common Vulnerabilities and Exposures, and you may also want to check out awesome-web-security. Please read the contribution guidelines before contributing. This repo is full of...

NA
CVE-2017-5123

Impact: Important Public Date: 2017-10-12 CWE: CWE-391 Bugzilla: ...

NA
CVE-2017-11859

Awesome CVE PoC A curated list of CVE PoCs. Here is a collection about Proof of Concepts of Common Vulnerabilities and Exposures, and you may also want to check out awesome-web-security. Please read the contribution guidelines before contributing. This repo is full of...