CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2022-34292
https://notcve.org/view.php?id=CVE-2022-34292
27 Apr 2023 — Docker Desktop for Windows before 4.6.0 allows attackers to overwrite any file through a symlink attack on the hyperv/create dockerBackendV2 API by controlling the DataFolder parameter for DockerDesktop.vhdx, a similar issue to CVE-2022-31647. • https://docs.docker.com/desktop/release-notes/#docker-desktop-460 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-37326
https://notcve.org/view.php?id=CVE-2022-37326
27 Apr 2023 — Docker Desktop for Windows before 4.6.0 allows attackers to delete (or create) any file through the dockerBackendV2 windowscontainers/start API by controlling the pidfile field inside the DaemonJSON field in the WindowsContainerStartRequest class. This can indirectly lead to privilege escalation. • https://docs.docker.com/desktop/release-notes/#docker-desktop-460 • CWE-863: Incorrect Authorization •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-38730
https://notcve.org/view.php?id=CVE-2022-38730
27 Apr 2023 — Docker Desktop for Windows before 4.6 allows attackers to overwrite any file through the windowscontainers/start dockerBackendV2 API by controlling the data-root field inside the DaemonJSON field in the WindowsContainerStartRequest class. This allows exploiting a symlink vulnerability in ..\dataRoot\network\files\local-kv.db because of a TOCTOU race condition. • https://docs.docker.com/desktop/release-notes/#docker-desktop-460 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-1802 – In Docker Desktop 4.17.x the Artifactory Integration falls back to sending registry credentials over plain HTTP if the HTTPS health check has failed
https://notcve.org/view.php?id=CVE-2023-1802
06 Apr 2023 — In Docker Desktop 4.17.x the Artifactory Integration falls back to sending registry credentials over plain HTTP if the HTTPS health check has failed. A targeted network sniffing attack can lead to a disclosure of sensitive information. Only users who have Access Experimental Features enabled and have logged in to a private registry are affected. In Docker Desktop 4.17.x the Artifactory Integration falls back to sending registry credentials over plain HTTP if the HTTPS health check has failed. A targeted net... • https://docs.docker.com/desktop/release-notes/#4180 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-29000 – Nextcloud Desktop client does not verify received singed certificate in end-to-end encryption
https://notcve.org/view.php?id=CVE-2023-29000
04 Apr 2023 — The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server. Starting with version 3.0.0 and prior to version 3.7.0, by trusting that the server will return a certificate that belongs to the keypair of the user, a malicious server could get the desktop client to encrypt files with a key known to the attacker. This issue is fixed in Nextcloud Desktop 3.7.0. No known workarounds are available. • https://github.com/nextcloud/desktop/pull/4949 • CWE-295: Improper Certificate Validation •
CVSS: 8.0EPSS: 0%CPEs: 3EXPL: 1CVE-2023-28999 – Nextcloud: Lack of authenticity of metadata keys allows a malicious server to gain access to E2EE folders
https://notcve.org/view.php?id=CVE-2023-28999
04 Apr 2023 — Nextcloud is an open-source productivity platform. In Nextcloud Desktop client 3.0.0 until 3.8.0, Nextcloud Android app 3.13.0 until 3.25.0, and Nextcloud iOS app 3.0.5 until 4.8.0, a malicious server administrator can gain full access to an end-to-end encrypted folder. They can decrypt files, recover the folder structure and add new files. This issue is fixed in Nextcloud Desktop 3.8.0, Nextcloud Android 3.25.0, and Nextcloud iOS 4.8.0. No known workarounds are available. • https://ethz.ch/content/dam/ethz/special-interest/infk/inst-infsec/appliedcrypto/education/theses/report_DanieleCoppola.pdf • CWE-311: Missing Encryption of Sensitive Data CWE-325: Missing Cryptographic Step •
CVSS: 7.7EPSS: 0%CPEs: 1EXPL: 1CVE-2023-28998 – Nextcloud Desktop client misbehaves with E2EE when the server returns empty list of metadata keys
https://notcve.org/view.php?id=CVE-2023-28998
04 Apr 2023 — The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server. Starting with version 3.0.0 and prior to version 3.6.5, a malicious server administrator can gain full access to an end-to-end encrypted folder. They can decrypt files, recover the folder structure, and add new files. Users should upgrade the Nextcloud Desktop client to 3.6.5 to receive a patch. No known workarounds are available. • https://ethz.ch/content/dam/ethz/special-interest/infk/inst-infsec/appliedcrypto/education/theses/report_DanieleCoppola.pdf • CWE-325: Missing Cryptographic Step •
CVSS: 7.7EPSS: 0%CPEs: 1EXPL: 1CVE-2023-28997 – Nextcloud Desktop: Initialization vector reuse in E2EE allows malicious server admin to break, manipulate, access files
https://notcve.org/view.php?id=CVE-2023-28997
04 Apr 2023 — The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server. Starting with version 3.0.0 and prior to version 3.6.5, a malicious server administrator can recover and modify the contents of end-to-end encrypted files. Users should upgrade the Nextcloud Desktop client to 3.6.5 to receive a patch. No known workarounds are available. • https://ethz.ch/content/dam/ethz/special-interest/infk/inst-infsec/appliedcrypto/education/theses/report_DanieleCoppola.pdf • CWE-323: Reusing a Nonce, Key Pair in Encryption •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-27327 – Parallels Desktop Toolgate Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-27327
07 Mar 2023 — Parallels Desktop Toolgate Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper locking when performing operations on an object. • https://github.com/kn32/parallels-plist-escape • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27328 – Parallels Desktop Toolgate XML Injection Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-27328
07 Mar 2023 — Parallels Desktop Toolgate XML Injection Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of a user-supplied string before using it to construct an XML docum... • https://kb.parallels.com/125013 • CWE-91: XML Injection (aka Blind XPath Injection) •