Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
Nix is a package manager for Linux and other Unix systems. Builds with Nix 2.30.0 on macOS were executed with elevated privileges (root), instead of the build users. The fix was applied to Nix 2.30.1.
Nix is a package manager for Linux and other Unix systems. A bug in the fix for CVE-2024-27297 allowed for arbitrary overwrites of files writable by the Nix process orchestrating the builds (typically
Nix is a package manager for Linux and other Unix systems. On macOS, built-in builders (such as `builtin:fetchurl`, exposed to users with `import `) were not executed in the macOS sa
Nix is a package manager for Linux and other Unix systems. A bug in Nix 2.24 prior to 2.24.6 allows a substituter or malicious user to craft a NAR that, when unpacked by Nix, causes Nix to write to ar
The Nix, Lix, and Guix package managers allow a bypass of build isolation in which a user can elevate their privileges to the build user account (e.g., nixbld or guixbuild). This affects Nix through 2
A race condition in the Nix, Lix, and Guix package managers enables changing the ownership of arbitrary files to the UID and GID of the build user (e.g., nixbld* or guixbuild*). This affects Nix befor
Nix is a package manager for Linux and other Unix systems. Starting in version 1.11 and prior to versions 2.18.8 and 2.24.8, `` did not verify TLS certificates on HTTPS connections.
The Nix, Lix, and Guix package managers default to using temporary build directories in a world-readable and world-writable location. This allows standard users to deceive the package manager into usi
The Nix, Lix, and Guix package managers fail to properly set permissions when a derivation build fails. This may allow arbitrary processes to modify the content of a store outside of the build sandbox
An issue was discovered in Nix before 2.34.7 and Lix before 2.95.2. Unbounded recursion in the NAR (Nix Archive) parser could lead to a stack-to-heap overflow when the parser is run on a coroutine sta
An issue was discovered in Nix before 2.34.7. Writing to arbitrary files can occur via "nix-prefetch-url --unpack" or "nix store prefetch-file --unpack" directory traversal. The fixed versions are 2.3
A race condition in the Nix, Lix, and Guix package managers allows the removal of content from arbitrary folders. This affects Nix before 2.24.15, 2.26.4, 2.28.4, and 2.29.1; Lix before 2.91.2, 2.92.2
Hydra is a Continuous Integration service for Nix based projects. Evaluation of untrusted non-flake nix code could potentially access secrets that are accessible by the hydra user/group. This should n
Hydra is a Continuous Integration service for Nix based projects. It is possible to trigger evaluations in Hydra without any authentication. Depending on the size of evaluations, this can impact the a
https://www.gnu.org/software/binutils/ nm >=2.43 is affected by: Incorrect Access Control. The type of exploitation is: local. The component is: `nm --without-symbol-version` function.
pnpm is a package manager. Prior to version 10.28.2, when pnpm processes a package's `directories.bin` field, it uses `path.join()` without validating the result stays within the package root. A malic
An issue was discovered in WithSecure Elements Agent through 23.x for macOS, WithSecure Elements Client Security through 23.x for macOS, and WithSecure MDR through 23.x for macOS. Local Privilege Esca
sudo-rs is a memory safe implementation of sudo and su written in Rust. Prior to version 0.2.6, users with limited sudo privileges (e.g. execution of a single command) can list sudo privileges of othe
CVE-2024-34331
CRITICAL CVSS 9.8
Find Similar
A lack of code signature verification in Parallels Desktop for Mac v19.3.0 and below allows attackers to escalate privileges via a crafted macOS installer, because Parallels Service is setuid root.
Anaconda3 macOS installers before 2024.06-1 contain a local privilege escalation vulnerability when installed outside the user's home directory. During installation, world-writable files are created a
Page 1+ Next →