Skip to main content

Setroubleshoot

5 CVEs product

Monthly

CVE-2016-4989 HIGH PATCH This Week

setroubleshoot allows local users to bypass an intended container protection mechanism and execute arbitrary commands by (1) triggering an SELinux denial with a crafted file name, which is handled by. Rated high severity (CVSS 7.0). This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

Command Injection Setroubleshoot Enterprise Linux Desktop Enterprise Linux Hpc Node Enterprise Linux Server +1
NVD GitHub
CVSS 3.0
7.0
EPSS
0.0%
CVE-2016-4446 HIGH POC PATCH This Week

The allow_execstack plugin for setroubleshoot allows local users to execute arbitrary commands by triggering an execstack SELinux denial with a crafted filename, related to the commands.getoutput. Rated high severity (CVSS 7.0). Public exploit code available.

Command Injection Setroubleshoot Enterprise Linux Desktop Enterprise Linux Hpc Node Enterprise Linux Server +1
NVD GitHub
CVSS 3.0
7.0
EPSS
0.1%
CVE-2016-4445 HIGH POC PATCH This Week

The fix_lookup_id function in sealert in setroubleshoot before 3.2.23 allows local users to execute arbitrary commands as root by triggering an SELinux denial with a crafted file name, related to. Rated high severity (CVSS 7.0). Public exploit code available.

Command Injection Setroubleshoot Enterprise Linux Desktop Enterprise Linux Hpc Node Enterprise Linux Server +1
NVD GitHub
CVSS 3.0
7.0
EPSS
0.1%
CVE-2016-4444 HIGH POC PATCH This Week

The allow_execmod plugin for setroubleshoot before 3.2.23 allows local users to execute arbitrary commands by triggering an execmod SELinux denial with a crafted binary filename, related to the. Rated high severity (CVSS 7.0). Public exploit code available.

Command Injection Setroubleshoot Enterprise Linux Desktop Enterprise Linux Hpc Node Enterprise Linux Server +1
NVD GitHub
CVSS 3.0
7.0
EPSS
0.1%
CVE-2015-1815 CRITICAL POC THREAT Emergency

The get_rpm_nvr_by_file_path_temporary function in util.py in setroubleshoot before 3.2.22 allows remote attackers to execute arbitrary commands via shell metacharacters in a file name. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 36.5%.

Command Injection Setroubleshoot Fedora
NVD GitHub Exploit-DB
CVSS 2.0
10.0
EPSS
36.5%
Threat
4.6
EPSS 0% CVSS 7.0
HIGH PATCH This Week

setroubleshoot allows local users to bypass an intended container protection mechanism and execute arbitrary commands by (1) triggering an SELinux denial with a crafted file name, which is handled by. Rated high severity (CVSS 7.0). This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

Command Injection Setroubleshoot Enterprise Linux Desktop +3
NVD GitHub
EPSS 0% CVSS 7.0
HIGH POC PATCH This Week

The allow_execstack plugin for setroubleshoot allows local users to execute arbitrary commands by triggering an execstack SELinux denial with a crafted filename, related to the commands.getoutput. Rated high severity (CVSS 7.0). Public exploit code available.

Command Injection Setroubleshoot Enterprise Linux Desktop +3
NVD GitHub
EPSS 0% CVSS 7.0
HIGH POC PATCH This Week

The fix_lookup_id function in sealert in setroubleshoot before 3.2.23 allows local users to execute arbitrary commands as root by triggering an SELinux denial with a crafted file name, related to. Rated high severity (CVSS 7.0). Public exploit code available.

Command Injection Setroubleshoot Enterprise Linux Desktop +3
NVD GitHub
EPSS 0% CVSS 7.0
HIGH POC PATCH This Week

The allow_execmod plugin for setroubleshoot before 3.2.23 allows local users to execute arbitrary commands by triggering an execmod SELinux denial with a crafted binary filename, related to the. Rated high severity (CVSS 7.0). Public exploit code available.

Command Injection Setroubleshoot Enterprise Linux Desktop +3
NVD GitHub
EPSS 36% 4.6 CVSS 10.0
CRITICAL POC THREAT Emergency

The get_rpm_nvr_by_file_path_temporary function in util.py in setroubleshoot before 3.2.22 allows remote attackers to execute arbitrary commands via shell metacharacters in a file name. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 36.5%.

Command Injection Setroubleshoot Fedora
NVD GitHub Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy