CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 2CVE-2018-10906 – fusermount - user_allow_other Restriction Bypass and SELinux Label Control
https://notcve.org/view.php?id=CVE-2018-10906
24 Jul 2018 — In fuse before versions 2.9.8 and 3.x before 3.2.5, fusermount is vulnerable to a restriction bypass when SELinux is active. This allows non-root users to mount a FUSE file system with the 'allow_other' mount option regardless of whether 'user_allow_other' is set in the fuse configuration. An attacker may use this flaw to mount a FUSE file system, accessible by other users, and trick them into accessing files on that file system, possibly causing Denial of Service or other unspecified effects. En fuse, en v... • https://packetstorm.news/files/id/148749 • CWE-269: Improper Privilege Management CWE-285: Improper Authorization •
CVSS: 9.8EPSS: 89%CPEs: 70EXPL: 6CVE-2018-1270 – spring-framework: Possible RCE via spring messaging
https://notcve.org/view.php?id=CVE-2018-1270
06 Apr 2018 — Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack. Spring Framework, en versiones 5.0 anteriores a la 5.0.5 y versiones 4.3 anteriores a la 4.3.15, así como versiones más antiguas no soportadas, permite ... • https://packetstorm.news/files/id/147974 • CWE-20: Improper Input Validation CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-358: Improperly Implemented Security Check for Standard •
CVSS: 7.5EPSS: 1%CPEs: 9EXPL: 0CVE-2018-1199 – spring-framework: Improper URL path validation allows for bypassing of security checks on static resources
https://notcve.org/view.php?id=CVE-2018-1199
16 Mar 2018 — Spring Security (Spring Security 4.1.x before 4.1.5, 4.2.x before 4.2.4, and 5.0.x before 5.0.1; and Spring Framework 4.3.x before 4.3.14 and 5.0.x before 5.0.3) does not consider URL path parameters when processing security constraints. By adding a URL path parameter with special encodings, an attacker may be able to bypass a security constraint. The root cause of this issue is a lack of clarity regarding the handling of path parameters in the Servlet Specification. Some Servlet containers include path par... • https://access.redhat.com/errata/RHSA-2018:2405 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 94%CPEs: 174EXPL: 2CVE-2017-5645 – log4j: Socket receiver deserialization vulnerability
https://notcve.org/view.php?id=CVE-2017-5645
17 Apr 2017 — In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code. En Apache Log4j 2.x en versiones anteriores a 2.8.2, cuando se utiliza el servidor de socket TCP o el servidor de socket UDP para recibir sucesos de registro serializados de otra aplicación, puede enviarse una carga binaria especialmente diseñada que, cuando se des... • https://github.com/pimps/CVE-2017-5645 • CWE-502: Deserialization of Untrusted Data •
CVSS: 9.8EPSS: 94%CPEs: 4EXPL: 8CVE-2016-4437 – Apache Shiro Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-4437
03 Jun 2016 — Apache Shiro before 1.2.5, when a cipher key has not been configured for the "remember me" feature, allows remote attackers to execute arbitrary code or bypass intended access restrictions via an unspecified request parameter. Apache Shiro en versiones anteriores a 1.2.5, cuando una clave de cifrado no ha sido configurada por la característica "remember me", permite a atacantes remotos ejecutar código arbitrario o eludir las restricciones destinadas al acceso a través de un parámetro request no especificado... • https://packetstorm.news/files/id/157497 • CWE-287: Improper Authentication CWE-321: Use of Hard-coded Cryptographic Key •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2016-1233 – Debian Security Advisory 3451-1
https://notcve.org/view.php?id=CVE-2016-1233
22 Jan 2016 — An unspecified udev rule in the Debian fuse package in jessie before 2.9.3-15+deb8u2, in stretch before 2.9.5-1, and in sid before 2.9.5-1 sets world-writable permissions for the /dev/cuse character device, which allows local users to gain privileges via a character device in /dev, related to an ioctl. Una regla udev no especificada en el paquete fuse de Debian en jessie en versiones anteriores a 2.9.3-15+deb8u2, en stretch en versiones anteriores a 2.9.5-1 y en sid en versiones anteriores a 2.9.5-1 fija lo... • http://www.debian.org/security/2016/dsa-3451 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 4CVE-2015-3202 – Fuse 2.9.3-15 - Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2015-3202
21 May 2015 — fusermount in FUSE before 2.9.3-15 does not properly clear the environment before invoking (1) mount or (2) umount as root, which allows local users to write to arbitrary files via a crafted LIBMOUNT_MTAB environment variable that is used by mount's debugging feature. fusermount en FUSE anterior a 2.9.3-15 no limpia correctamente el entorno antes de llamar a (1) mount o (2) umount como root, lo que permite a usuarios locales escribir en ficheros arbitrarios a través de una variable de entorno LIBMOUNT_MTAB ... • https://packetstorm.news/files/id/132021 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.1EPSS: 0%CPEs: 33EXPL: 0CVE-2011-0541 – fuse: unprivileged user can unmount arbitrary locations via symlink attack
https://notcve.org/view.php?id=CVE-2011-0541
02 Sep 2011 — fuse 2.8.5 and earlier does not properly handle when /etc/mtab cannot be updated, which allows local users to unmount arbitrary directories via a symlink attack. Fuse v2.8.5 y anteriores no se comporta de forma adecuada cuando /etc/mtlab no puede ser actualizado, lo que permite a usuarios locales desmontar directorios de su elección a través de un ataque de enlaces simbólicos. • http://fuse.git.sourceforge.net/git/gitweb.cgi?p=fuse/fuse%3Ba=commit%3Bh=bf5ffb5fd8558bd799791834def431c0cee5a11f • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 9.1EPSS: 0%CPEs: 33EXPL: 0CVE-2011-0542 – fuse: unprivileged user can unmount arbitrary locations via symlink attack
https://notcve.org/view.php?id=CVE-2011-0542
02 Sep 2011 — fusermount in fuse 2.8.5 and earlier does not perform a chdir to / before performing a mount or umount, which allows local users to unmount arbitrary directories via unspecified vectors. Fusermount en Fuse v2.8.5 y anteriores no realizar un chdir a / después de realizar el montado o desmontado, lo que permite a usuarios locales desmontar directorios de su elección a través de vectores no especificados. • http://fuse.git.sourceforge.net/git/gitweb.cgi?p=fuse/fuse%3Ba=commit%3Bh=1e7607ff89c65b005f69e27aeb1649d624099873 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 33EXPL: 0CVE-2011-0543 – fuse: unprivileged user can unmount arbitrary locations via symlink attack
https://notcve.org/view.php?id=CVE-2011-0543
02 Sep 2011 — Certain legacy functionality in fusermount in fuse 2.8.5 and earlier, when util-linux does not support the --no-canonicalize option, allows local users to bypass intended access restrictions and unmount arbitrary directories via a symlink attack. Cierta funcionalidad en Fusermount en fuse v2.8.5 y anteriores, cuando util-linux no es compatible con la opción --no-canonicalize, permite a usuarios locales eludir restricciones de acceso y desmontar directorios de su elección mediante un ataque de enlaces simból... • http://fuse.git.sourceforge.net/git/gitweb.cgi?p=fuse/fuse%3Ba=commit%3Bh=cbd3a2a84068aae6e3fe32939d88470d712dbf47 • CWE-264: Permissions, Privileges, and Access Controls •