kernel/user_namespace.c in the Linux kernel before 3.8.9 does not have appropriate capability requirements for the uid_map and gid_map files, which allows local users to gain privileges by opening a. Rated low severity (CVSS 3.7). Public exploit code available and no vendor patch available.
Privilege Escalation
Linux
Linux Kernel
NVD
Exploit-DB
GitHub
CVSS 2.0
3.7
EPSS
1.4%
The web-based file-restore interface in EMC Avamar Server before 6.1.0 allows remote authenticated users to read arbitrary files via a crafted URL. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.
Information Disclosure
Avamar
NVD
CVSS 2.0
3.5
EPSS
0.2%