unprivileged vulnerabilities and exploits

(subscribe to this query)

Overlayfs did not properly perform permission checking when copying up files in an overlayfs and could be exploited from within a user namespace, if, for example, unprivileged user namespaces were allowed. It was possible to have a file not readable by an unprivileged user to be ...

Linux Linux Kernel Canonical Ubuntu Linux 14.04 Canonical Ubuntu Linux 16.04 Canonical Ubuntu Linux 18.04 Canonical Ubuntu Linux 20.04

A vulnerability in the CLI of Cisco Firepower 4100 Series, Cisco Firepower 9300 Security Appliances, and Cisco UCS 6200, 6300, 6400, and 6500 Series Fabric Interconnects could allow an authenticated, local malicious user to inject unauthorized commands. This vulnerability is due ...

Cisco Ucs Central Software Cisco Ucs 6536 Firmware -Cisco Ucs 64108 Firmware -Cisco Ucs 6454 Firmware -Cisco Ucs 6200 Firmware -Cisco Ucs 6248up Firmware -Cisco Ucs 6296up Firmware -Cisco Ucs 6300 Firmware -Cisco Ucs 6324 Firmware -Cisco Ucs 6332 Firmware -Cisco Ucs 6332-16up Firmware -Cisco Firepower Extensible Operating System -

The dccscan setuid program in LPPlus does not properly check if the user has the permissions to print the file that is specified to dccscan, which allows local users to print arbitrary files.

Plus Technologies Lpplus 3.2.2 Plus Technologies Lpplus 3.3

1 EDB exploit

The RBAC implementation in Cisco Identity Services Engine (ISE) Software does not properly verify privileges for support-bundle downloads, which allows remote authenticated users to obtain sensitive information via a download action, as demonstrated by obtaining read access to th...

Cisco Identity Services Engine Software -

Unspecified vulnerability in NVIDIA graphics driver Release 331, 325, 319, 310, and 304 allows local users to bypass intended access restrictions for the GPU and gain privileges via unknown vectors.

Nvidia Gpu Driver 304.00 Nvidia Gpu Driver 310.00 Nvidia Gpu Driver 319.00 Nvidia Gpu Driver 325.00 Nvidia Gpu Driver 331.00 Apple Mac Os X 10.9.1

The RBAC implementation in Cisco Secure Access Control System (ACS) does not properly verify privileges for support-bundle downloads, which allows remote authenticated users to obtain sensitive information via a download action, as demonstrated by obtaining read access to the use...

Cisco Secure Access Control System -

check_smart prior to 6.9.1 allows unintended drive access by an unprivileged user because it only checks for a substring match of a device path (the /dev/bus substring and a number), aka an unanchored regular expression.

Check Smart Project Check Smart

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Shared Folder). Supported versions that are affected are before 5.0.38 and before 5.1.20. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infr...

Oracle Vm Virtualbox

1 EDB exploit

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are before 5.0.38 and before 5.1.20. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructur...

Oracle Vm Virtualbox

1 EDB exploit

Unspecified vulnerability in the Application Express component in Oracle Database 11.1.0.7 allows remote authenticated users to affect confidentiality, related to APEX. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on reliable resea...

Oracle Database 11g 11.1.0.7

1 EDB exploit

1 2 3 4 5 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook