CVE-2020-25717
- EPSS 1.61%
- Veröffentlicht 18.02.2022 18:15:08
- Zuletzt bearbeitet 21.11.2024 05:18:33
A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation.
- EPSS 1.67%
- Veröffentlicht 18.02.2022 18:15:08
- Zuletzt bearbeitet 21.11.2024 05:18:34
A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did not strictly require a Kerberos PAC and a...
CVE-2020-25722
- EPSS 1.61%
- Veröffentlicht 18.02.2022 18:15:08
- Zuletzt bearbeitet 21.11.2024 05:18:34
Multiple flaws were found in the way samba AD DC implemented access and conformance checking of stored data. An attacker could use this flaw to cause total domain compromise.
CVE-2021-3155
- EPSS 0.26%
- Veröffentlicht 17.02.2022 23:15:07
- Zuletzt bearbeitet 21.11.2024 06:21:00
snapd 2.54.2 and earlier created ~/snap directories in user home directories without specifying owner-only permissions. This could allow a local attacker to read information that should have been private. Fixed in snapd versions 2.54.3+18.04, 2.54.3+...
CVE-2021-44730
- EPSS 0.35%
- Veröffentlicht 17.02.2022 23:15:07
- Zuletzt bearbeitet 21.11.2024 06:31:28
snapd 2.54.2 did not properly validate the location of the snap-confine binary. A local attacker who can hardlink this binary to another location to cause snap-confine to execute other arbitrary binaries and hence gain privilege escalation. Fixed in ...
CVE-2021-44731
- EPSS 0.95%
- Veröffentlicht 17.02.2022 23:15:07
- Zuletzt bearbeitet 21.11.2024 06:31:28
A race condition existed in the snapd 2.54.2 snap-confine binary when preparing a private mount namespace for a snap. This could allow a local attacker to gain root privileges by bind-mounting their own contents inside the snap's private mount namesp...
CVE-2021-4120
- EPSS 0.44%
- Veröffentlicht 17.02.2022 23:15:07
- Zuletzt bearbeitet 21.11.2024 06:36:56
snapd 2.54.2 fails to perform sufficient validation of snap content interface and layout paths, resulting in the ability for snaps to inject arbitrary AppArmor policy rules via malformed content interface and layout declarations and hence escape stri...
CVE-2021-3560
- EPSS 22.19%
- Veröffentlicht 16.02.2022 19:15:08
- Zuletzt bearbeitet 06.11.2025 14:50:43
It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local attacker to, for example, create a new loc...
CVE-2021-45079
- EPSS 2.76%
- Veröffentlicht 31.01.2022 08:15:07
- Zuletzt bearbeitet 21.11.2024 06:31:54
In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without actually authenticating the client and (in the case of EAP methods with mutual authentication and EAP-only authentication for IKEv2) even without serv...
- EPSS 94.92%
- Veröffentlicht 28.01.2022 20:15:12
- Zuletzt bearbeitet 06.11.2025 14:50:26
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pk...