koharin

13 exploits Active since Mar 2020
CVE-2020-0041 NOMISEC HIGH WORKING POC
Android - Privilege Escalation
In binder_transaction of binder.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-145988638References: Upstream kernel
CVSS 7.8
CVE-2020-35184 WRITEUP CRITICAL WRITEUP
Composer Docker <1.8.3 - Privilege Escalation
The official composer docker images before 1.8.3 contain a blank password for a root user. System using the composer docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password.
CVSS 9.8
CVE-2020-35185 WRITEUP CRITICAL WRITEUP
Ghost Docker <2.16.1-alpine - Privilege Escalation
The official ghost docker images before 2.16.1-alpine (Alpine specific) contain a blank password for a root user. System using the ghost docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password.
CVSS 9.8
CVE-2020-35186 WRITEUP CRITICAL WRITEUP
Adminer Docker <4.7.0-fastcgi - Privilege Escalation
The official adminer docker images before 4.7.0-fastcgi contain a blank password for a root user. System using the adminer docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password.
CVSS 9.8
CVE-2020-35187 WRITEUP CRITICAL WRITEUP
Telegraf Docker <1.9.4-alpine - Privilege Escalation
The official telegraf docker images before 1.9.4-alpine (Alpine specific) contain a blank password for a root user. System using the telegraf docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password.
CVSS 9.8
CVE-2020-35189 WRITEUP CRITICAL WRITEUP
Kong Docker <1.0.2-alpine - Privilege Escalation
The official kong docker images before 1.0.2-alpine (Alpine specific) contain a blank password for a root user. System using the kong docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password.
CVSS 9.8
CVE-2020-35190 WRITEUP CRITICAL WRITEUP
plone Docker <4.3.18-alpine - Privilege Escalation
The official plone Docker images before version of 4.3.18-alpine (Alpine specific) contain a blank password for a root user. System using the plone docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password.
CVSS 9.8
CVE-2020-35192 WRITEUP CRITICAL WRITEUP
Vault Docker <0.11.6 - Privilege Escalation
The official vault docker images before 0.11.6 contain a blank password for a root user. System using the vault docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password.
CVSS 9.8
CVE-2020-35193 WRITEUP CRITICAL WRITEUP
SonarQube Docker <alpine - Privilege Escalation
The official sonarqube docker images before alpine (Alpine specific) contain a blank password for a root user. System using the sonarqube docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password.
CVSS 9.8
CVE-2020-35195 WRITEUP CRITICAL WRITEUP
Haproxy Docker <1.8.18-alpine - Privilege Escalation
The official haproxy docker images before 1.8.18-alpine (Alpine specific) contain a blank password for a root user. System using the haproxy docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password.
CVSS 9.8
CVE-2020-35196 WRITEUP CRITICAL WRITEUP
RabbitMQ Docker Image < 3.7.13-beta.1-management-alpine - Blank Root Password
The official rabbitmq docker images before 3.7.13-beta.1-management-alpine (Alpine specific) contain a blank password for a root user. System using the rabbitmq docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password.
CVSS 9.8
CVE-2020-35197 WRITEUP CRITICAL WRITEUP
Memcached Docker <1.5.11-alpine - Privilege Escalation
The official memcached docker images before 1.5.11-alpine (Alpine specific) contain a blank password for a root user. System using the memcached docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password.
CVSS 9.8
CVE-2025-54564 WRITEUP HIGH WRITEUP
ChargePoint Home Flex <5.5.4.13 - Command Injection
uploadsm in ChargePoint Home Flex 5.5.4.13 does not validate a user-controlled string for bz2 decompression, which allows command execution as the nobody user.
CVSS 7.8