CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-5536
https://notcve.org/view.php?id=CVE-2023-5536
12 Dec 2023 — A feature in LXD (LP#1829071), affects the default configuration of Ubuntu Server which allows privileged users in the lxd group to escalate their privilege to root without requiring a sudo password. Una característica en LXD (LP#1829071) afecta la configuración predeterminada de Ubuntu Server que permite a los usuarios privilegiados del grupo lxd escalar su privilegio a root sin requerir una contraseña sudo. • https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/1829071 • CWE-276: Incorrect Default Permissions •
CVSS: 8.8EPSS: 24%CPEs: 3EXPL: 1CVE-2021-3492 – Ubuntu linux kernel shiftfs file system double free vulnerability
https://notcve.org/view.php?id=CVE-2021-3492
16 Apr 2021 — Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, did not properly handle faults occurring during copy_from_user() correctly. These could lead to either a double-free situation or memory not being freed at all. An attacker could use this to cause a denial of service (kernel memory exhaustion) or gain privileges via executing arbitrary code. AKA ZDI-CAN-13562. Shiftfs, un sistema de archivos de apilamiento fuera del árbol incluido en los kernels de Ubuntu Linux, no manejaba aprop... • https://github.com/synacktiv/CVE-2021-3492 • CWE-401: Missing Release of Memory after Effective Lifetime CWE-415: Double Free •
CVSS: 8.8EPSS: 72%CPEs: 3EXPL: 18CVE-2021-3493 – Linux Kernel Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-3493
16 Apr 2021 — The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow unprivileged overlay mounts, an attacker could use this to gain elevated privileges. La implementación de overlayfs en el kernel de Linux no comprobó apropiadamente con respecto a los espacios de nombre de los usuarios, l... • https://packetstorm.news/files/id/162866 • CWE-270: Privilege Context Switching Error CWE-863: Incorrect Authorization •
CVSS: 4.1EPSS: 0%CPEs: 8EXPL: 0CVE-2018-2773 – mysql: pid file can be created in a world-writeable directory (CPU Apr 2018)
https://notcve.org/view.php?id=CVE-2018-2773
19 Apr 2018 — Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 B... • http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html •
CVSS: 9.3EPSS: 16%CPEs: 2EXPL: 3CVE-2016-9949 – Apport 2.x (Ubuntu Desktop 12.10 < 16.04) - Local Code Execution
https://notcve.org/view.php?id=CVE-2016-9949
15 Dec 2016 — An issue was discovered in Apport before 2.20.4. In apport/ui.py, Apport reads the CrashDB field and it then evaluates the field as Python code if it begins with a "{". This allows remote attackers to execute arbitrary Python code. Un problema fue descubierto en Apport en versiones anteriores a 2.20.4. En apport/ui.py, Apport lee el campo CashDB y después evalúa el campo como código Python si comienza con un "{". • https://packetstorm.news/files/id/140207 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 2%CPEs: 2EXPL: 3CVE-2016-9950 – Apport 2.x (Ubuntu Desktop 12.10 < 16.04) - Local Code Execution
https://notcve.org/view.php?id=CVE-2016-9950
15 Dec 2016 — An issue was discovered in Apport before 2.20.4. There is a path traversal issue in the Apport crash file "Package" and "SourcePackage" fields. These fields are used to build a path to the package specific hook files in the /usr/share/apport/package-hooks/ directory. An attacker can exploit this path traversal to execute arbitrary Python files from the local system. Un problema fue descubierto en Apport en versiones anteriores a 2.20.4. • https://packetstorm.news/files/id/140207 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 90%CPEs: 2EXPL: 12CVE-2015-1328 – Linux Kernel (Ubuntu / Fedora / RedHat) - 'Overlayfs' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2015-1328
15 Jun 2015 — The overlayfs implementation in the linux (aka Linux kernel) package before 3.19.0-21.21 in Ubuntu through 15.04 does not properly check permissions for file creation in the upper filesystem directory, which allows local users to obtain root access by leveraging a configuration in which overlayfs is permitted in an arbitrary mount namespace. La implementación de overlayfs en el paquete linux (también conocido como kernel Linux) en versiones anteriores a 3.19.0-21.21 en Ubuntu hasta la versión 15.04 no compr... • https://packetstorm.news/files/id/132334 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.4EPSS: 0%CPEs: 10EXPL: 0CVE-2011-3152
https://notcve.org/view.php?id=CVE-2011-3152
27 Apr 2014 — DistUpgrade/DistUpgradeFetcherCore.py in Update Manager before 1:0.87.31.1, 1:0.134.x before 1:0.134.11.1, 1:0.142.x before 1:0.142.23.1, 1:0.150.x before 1:0.150.5.1, and 1:0.152.x before 1:0.152.25.5 on Ubuntu 8.04 through 11.10 does not verify the GPG signature before extracting an upgrade tarball, which allows man-in-the-middle attackers to (1) create or overwrite arbitrary files via a directory traversal attack using a crafted tar file, or (2) bypass authentication via a crafted meta-release file. Dist... • http://secunia.com/advisories/47024 • CWE-310: Cryptographic Issues •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2011-3154
https://notcve.org/view.php?id=CVE-2011-3154
17 Apr 2014 — DistUpgrade/DistUpgradeViewKDE.py in Update Manager before 1:0.87.31.1, 1:0.134.x before 1:0.134.11.1, 1:0.142.x before 1:0.142.23.1, 1:0.150.x before 1:0.150.5.1, and 1:0.152.x before 1:0.152.25.5 does not properly create temporary files, which allows local users to obtain the XAUTHORITY file content for a user via a symlink attack on the temporary file. DistUpgrade/DistUpgradeViewKDE.py en Update Manager anterior a 1:0.87.31.1, 1:0.134.x anterior a 1:0.134.11.1, 1:0.142.x anterior a 1:0.142.23.1, 1:0.150.... • http://secunia.com/advisories/47024 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2011-3628
https://notcve.org/view.php?id=CVE-2011-3628
15 Apr 2014 — Untrusted search path vulnerability in pam_motd (aka the MOTD module) in libpam-modules before 1.1.3-2ubuntu2.1 on Ubuntu 11.10, before 1.1.2-2ubuntu8.4 on Ubuntu 11.04, before 1.1.1-4ubuntu2.4 on Ubuntu 10.10, before 1.1.1-2ubuntu5.4 on Ubuntu 10.04 LTS, and before 0.99.7.1-5ubuntu6.5 on Ubuntu 8.04 LTS, when using certain configurations such as "session optional pam_motd.so", allows local users to gain privileges by modifying the PATH environment variable to reference a malicious command, as demonstrated ... • http://www.ubuntu.com/usn/USN-1237-1 •