SUSE CVE-2008-7002

PHP 5.2.5 does not enforce a openbasedir and b safemodeexecdir restrictions for certain functions, which might allow local users to bypass intended access restrictions and call programs outside of the intended directory via the 1 exec, 2 system, 3 shellexec, 4 passthru, or 5 popen functions,...

SUSE CVE-2010-0307

The loadelfbinary function in fs/binfmtelf.c in the Linux kernel before 2.6.32.8 on the x8664 platform does not ensure that the ELF interpreter is available before a call to the SETPERSONALITY macro, which allows local users to cause a denial of service system crash via a 32-bit application that...

SUSE CVE-2010-3858

The setupargpages function in fs/exec.c in the Linux kernel before 2.6.36, when CONFIGSTACKGROWSDOWN is used, does not properly restrict the stack memory consumption of the 1 arguments and 2 environment for a 32-bit application on a 64-bit platform, which allows local users to cause a denial of...

SUSE CVE-2010-4243

fs/exec.c in the Linux kernel before 2.6.37 does not enable the OOM Killer to assess use of stack memory by arrays representing the 1 arguments and 2 environment, which allows local users to cause a denial of service memory consumption via a crafted exec system call, aka an "OOM dodging issue," a...

SUSE CVE-2011-0999

mm/hugememory.c in the Linux kernel before 2.6.38-rc5 does not prevent creation of a transparent huge page THP during the existence of a temporary stack for an exec system call, which allows local users to cause a denial of service memory consumption or possibly have unspecified other impact via ...

SUSE CVE-2012-0028

The robust futex implementation in the Linux kernel before 2.6.28 does not properly handle processes that make exec system calls, which allows local users to cause a denial of service or possibly gain privileges by writing to a memory location in a child process...

SUSE CVE-2013-0914

The flushsignalhandlers function in kernel/signal.c in the Linux kernel before 3.8.4 preserves the value of the sarestorer field across an exec operation, which makes it easier for local users to bypass the ASLR protection mechanism via a crafted application containing a sigaction system call...

SUSE CVE-2014-3956

The smcloseonexec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FDCLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program...

SUSE CVE-2016-5828

The startthread function in arch/powerpc/kernel/process.c in the Linux kernel through 4.6.3 on powerpc platforms mishandles transactional state, which allows local users to cause a denial of service invalid process state or TM Bad Thing exception, and system crash or possibly have unspecified oth...

SUSE CVE-2016-9962

RunC allowed additional container processes via 'runc exec' to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file-descriptors of these new processes during the initialization and can lead to container escapes or...

SUSE CVE-2017-8114

Roundcube Webmail allows arbitrary password resets by authenticated users. This affects versions before 1.0.11, 1.1.x before 1.1.9, and 1.2.x before 1.2.5. The problem is caused by an improperly restricted exec call in the virtualmin and sasl drivers of the password plugin...

SUSE CVE-2018-1071

zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the exec.c:hashcmd function. A local attacker could exploit this to cause a denial of service...

SUSE CVE-2018-12035

In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds write vulnerability in yrexecutecode in libyara/exec.c...

SUSE CVE-2018-12615

An issue was discovered in switchGroup in agent/ExecHelper/ExecHelperMain.cpp in Phusion Passenger before 5.3.2. The set of groups gidset is not set correctly, leaving it up to randomness i.e., uninitialized memory which supplementary groups are actually being set while lowering privileges...

SUSE CVE-2018-16510

An issue was discovered in Artifex Ghostscript before 9.24. Incorrect exec stack handling in the "CS" and "SC" PDF primitives could be used by remote attackers able to supply crafted PDFs to crash the interpreter or possibly have unspecified other impact...

SUSE CVE-2019-5736

runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary and consequently obtain host root access by leveraging the ability to execute a command as root within one of these types of containers: 1 a new container with an...

SUSE CVE-2019-10026

An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec in Function.cc for the psOpRoll case...

SUSE CVE-2020-12826

A signal access-control issue was discovered in the Linux kernel before 5.6.5, aka CID-7395ea4e65c2. Because execid in include/linux/sched.h is only 32 bits, an integer overflow can interfere with a donotifyparent protection mechanism. A child process can send an arbitrary signal to a parent...

SUSE CVE-2020-28012

Exim 4 before 4.94.2 allows Exposure of File Descriptor to Unintended Control Sphere because rdainterpret uses a privileged pipe that lacks a close-on-exec flag...

SUSE CVE-2021-21381

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In Flatpack since version 0.9.4 and before version 1.10.2 has a vulnerability in the "file forwarding" feature which can be used by an attacker to gain access to files that would not ordinarily be...