CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

151 matches found

CVE•added 2017/09/05 6:0 p.m.•130 views

CVE-2017-14159

CVE-2017-14159 affects slapd in OpenLDAP 2.4.45 and earlier: a PID file is created after dropping privileges to a non-root account, which may allow local users to kill arbitrary processes by modifying the PID file before a root script executes a kill cat /pathname command, as demonstrated by open...

4.7CVSS4.9AI score0.00349EPSS

Exploits0References2Affected Software1

UbuntuCve•added 2017/09/01 5:29 a.m.•16 views

CVE-2017-14102

MIMEDefang 2.80 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill cat /pathname" command, as...

7.8CVSS7.1AI score0.00358EPSS

Exploits0References3

Debian CVE•added 2017/09/01 5:0 a.m.•18 views

CVE-2017-14102

7.8CVSS7.5AI score0.00358EPSS

Exploits0

Tenable Nessus•added 2017/08/28 12:0 a.m.•21 views

Debian DLA-1069-1 : tenshi security update

Tenshi creates a tenshi.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for tenshi.pid modification before a root script executes a 'kill cat /pathname/tenshi.pid' command. For Debian...

7.8CVSS7.2AI score0.0109EPSS

Exploits0References3

Debian•added 2017/08/27 6:35 p.m.•17 views

[SECURITY] [DLA 1069-1] tenshi security update

Package : tenshi Version : 0.13-2+deb7u1 CVE ID : CVE-2017-11746 Debian Bug : 871321 Tenshi creates a tenshi.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for tenshi.pid modificatio...

7.8CVSS7.8AI score0.0109EPSS

Exploits0

Prion•added 2017/08/23 9:29 p.m.•19 views

Command injection

Nagios Core before 4.3.3 creates a nagios.lock PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for nagios.lock modification before a root script executes a "kill cat...

6.3CVSS6.4AI score0.00786EPSS

Exploits0References6Affected Software1

Prion•added 2017/08/23 9:29 p.m.•12 views

Command injection

UnrealIRCd 4.0.13 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill cat /pathname" command. NOTE: t...

2.1CVSS5.7AI score0.00284EPSS

Exploits0References2Affected Software1

NVD•added 2017/08/23 9:29 p.m.•23 views

CVE-2017-12847

6.3CVSS6.2AI score0.00786EPSS

Exploits0References6

Cvelist•added 2017/08/23 9:0 p.m.•26 views

CVE-2017-12847

6.8AI score0.00786EPSS

Exploits0References6

Cvelist•added 2017/08/23 9:0 p.m.•23 views

CVE-2017-13649

5.6AI score0.00284EPSS

Exploits0References2

CNVD•added 2017/08/02 12:0 a.m.•1 views

Tenshi Elevation of Privilege Vulnerability

Tenshi is a log monitoring tool with the ability to view one or more logs. A security vulnerability exists in Tenshi version 0.15. A local attacker can exploit the vulnerability to terminate arbitrary processes...

7.8CVSS7.3AI score0.0109EPSS

Exploits0References1

OpenVAS•added 2017/07/31 12:0 a.m.•74 views

Tinyproxy < 1.10.0 DoS Vulnerability

Tinyproxy is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:banu:tinyproxy"; if...

5.5CVSS5.3AI score0.00292EPSS

Exploits0References2

Prion•added 2017/07/30 4:29 p.m.•11 views

Command injection

Tenshi 0.15 creates a tenshi.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for tenshi.pid modification before a root script executes a "kill cat /pathname/tenshi.pid" command...

7.8CVSS7.4AI score0.0109EPSS

Exploits0References2Affected Software1

UbuntuCve•added 2017/07/30 4:29 p.m.•21 views

CVE-2017-11746

7.8CVSS7.2AI score0.0109EPSS

Exploits0References2

OSV•added 2017/07/30 4:29 p.m.•1 views

DEBIAN-CVE-2017-11746

7.5CVSS7.3AI score0.0109EPSS

Exploits0References1

NVD•added 2017/07/30 4:29 p.m.•15 views

CVE-2017-11746

7.8CVSS7.4AI score0.0109EPSS

Exploits0References2

NVD•added 2017/07/30 4:29 p.m.•20 views

CVE-2017-11747

main.c in Tinyproxy 1.8.4 and earlier creates a /run/tinyproxy/tinyproxy.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for tinyproxy.pid modification before a root script executes a...

5.5CVSS5.8AI score0.00292EPSS

Exploits0References2

Cvelist•added 2017/07/30 4:0 p.m.•13 views

CVE-2017-11746

7.4AI score0.0109EPSS

Exploits0References2

Cvelist•added 2017/07/30 4:0 p.m.•21 views

CVE-2017-11747

5.7AI score0.00292EPSS

Exploits0References2

CVE•added 2017/07/30 4:0 p.m.•54 views

CVE-2017-11746

CVE-2017-11746 affects Tenshi 0.15. The issue: tenshi.pid is created after dropping privileges to a non-root account, permitting a local attacker to kill arbitrary processes by modifying tenshi.pid before a root script issues a kill command. Impact: local privilege/escalation and process terminat...

7.8CVSS7.3AI score0.0109EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by