CVE-2024-48990.zip
3.3 KB
CVE-2024-48990
Author: o-sec
Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable.
GitHub Link:
https://github.com/o-sec/CVE-2024-48990
Author: o-sec
Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable.
GitHub Link:
https://github.com/o-sec/CVE-2024-48990
CVE-2017-0144.zip
152.5 KB
CVE-2017-0144
Author: Mitsu-bis
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.
GitHub Link:
https://github.com/Mitsu-bis/Eternal-Blue-CVE-2017-0144-THM-Write-Up
Author: Mitsu-bis
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.
GitHub Link:
https://github.com/Mitsu-bis/Eternal-Blue-CVE-2017-0144-THM-Write-Up
CVE-2022-0492
Author: smallcat9612
A vulnerability was found in the Linux kernel’s cgroupreleaseagentwrite in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 releaseagent feature to escalate privileges and bypass the namespace isolation unexpectedly.
GitHub Link:
https://github.com/smallcat9612/CVE-2022-0492-Docker-Breakout-Checker-and-PoC
Author: smallcat9612
A vulnerability was found in the Linux kernel’s cgroupreleaseagentwrite in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 releaseagent feature to escalate privileges and bypass the namespace isolation unexpectedly.
GitHub Link:
https://github.com/smallcat9612/CVE-2022-0492-Docker-Breakout-Checker-and-PoC