Pax
by Pax Project
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2007-0257 | Hig | 0.54 | 7.8 | 0.01 | Jan 16, 2007 | Unspecified vulnerability in the expand_stack function in grsecurity PaX allows local users to gain privileges via unspecified vectors. NOTE: the grsecurity developer has disputed this issue, stating that "the function they claim the vulnerability to be in is a trivial function,… | ||
| CVE-2019-5023 | 0.00 | — | 0.01 | Oct 31, 2019 | An exploitable vulnerability exists in the grsecurity PaX patch for the function read_kmem, in PaX from version pax-linux-4.9.8-test1 to 4.9.24-test7, grsecurity official from version grsecurity-3.1-4.9.8-201702060653 to grsecurity-3.1-4.9.24-201704252333, grsecurity unofficial… | |||
| CVE-2015-1194 | 0.00 | — | 0.02 | Jan 21, 2015 | pax 1:20140703 allows remote attackers to write to arbitrary files via a symlink attack in an archive. | |||
| CVE-2015-1193 | 0.00 | — | 0.02 | Jan 21, 2015 | Multiple directory traversal vulnerabilities in pax 1:20140703 allow remote attackers to write to arbitrary files via a (1) full pathname or (2) .. (dot dot) in an archive. |
- risk 0.54cvss 7.8epss 0.01
Unspecified vulnerability in the expand_stack function in grsecurity PaX allows local users to gain privileges via unspecified vectors. NOTE: the grsecurity developer has disputed this issue, stating that "the function they claim the vulnerability to be in is a trivial function,…
- CVE-2019-5023Oct 31, 2019risk 0.00cvss —epss 0.01
An exploitable vulnerability exists in the grsecurity PaX patch for the function read_kmem, in PaX from version pax-linux-4.9.8-test1 to 4.9.24-test7, grsecurity official from version grsecurity-3.1-4.9.8-201702060653 to grsecurity-3.1-4.9.24-201704252333, grsecurity unofficial…
- CVE-2015-1194Jan 21, 2015risk 0.00cvss —epss 0.02
pax 1:20140703 allows remote attackers to write to arbitrary files via a symlink attack in an archive.
- CVE-2015-1193Jan 21, 2015risk 0.00cvss —epss 0.02
Multiple directory traversal vulnerabilities in pax 1:20140703 allow remote attackers to write to arbitrary files via a (1) full pathname or (2) .. (dot dot) in an archive.