Lucene search
+L

27 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:53 a.m.5 views

SUSE CVE-2011-1658

ld.so in the GNU C Library aka glibc or libc6 2.13 and earlier expands the $ORIGIN dynamic string token when RPATH is composed entirely of this token, which might allow local users to gain privileges by creating a hard link in an arbitrary directory to a 1 setuid or 2 setgid program with this RPA...

3.7CVSS5.2AI score0.00311EPSS
Exploits0References4
OSV
OSV
added 2017/12/12 7:29 p.m.7 views

CVE-2017-17562

Embedthis GoAhead before 3.6.5 allows remote code execution if CGI is enabled and a CGI program is dynamically linked. This is a result of initializing the environment of forked CGI scripts using untrusted HTTP request parameters in the cgiHandler function in cgi.c. When combined with the glibc...

8.1CVSS7.8AI score0.96327EPSS
Exploits15References9
Positive Technologies
Positive Technologies
added 2017/06/08 12:0 a.m.10 views

PT-2017-3348

Name of the Vulnerable Software and Affected Versions Embedthis GoAhead versions prior to 3.6.5 Description The issue is related to the initialization of the environment of forked CGI scripts using untrusted HTTP request parameters in the cgiHandler function. This can be abused for remote code...

8.1CVSS8.4AI score0.96327EPSS
Exploits15References21
OSV
OSV
added 2016/04/30 12:0 a.m.4 views

UBUNTU-CVE-2015-8325

The dosetupenv function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pamenvironment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the /bin/login program, as...

7.8CVSS7.3AI score0.00627EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2016/03/09 12:0 a.m.17 views

PT-2016-3440

Name of the Vulnerable Software and Affected Versions OpenSSH versions through 7.2p2 Description The issue allows local users to gain privileges by triggering a crafted environment for the /bin/login program, as demonstrated by an LD PRELOAD environment variable. This is related to the do setup e...

8.1CVSS7AI score0.99506EPSS
Exploits114References132
OSV
OSV
added 2009/02/03 11:30 p.m.1 views

DEBIAN-CVE-2009-0415

Untrusted search path vulnerability in trickle 1.07 allows local users to execute arbitrary code via a Trojan horse trickle-overload.so in the current working directory, which is referenced in the LDPRELOAD path...

3.7CVSS7.2AI score0.00456EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2001/04/17 12:0 a.m.13 views

PT-2001-1001 · Openssh +1 · Openssh-Askpass-Gnome +5

Name of the Vulnerable Software and Affected Versions: OpenSSH versions 3.0.1 and earlier openssh-server-2.9p2 openssh-clients-2.9p2 openssh-2.9p2 openssh-askpass-2.9p2 openssh-askpass-gnome-2.9p2 ssh-askpass-ptk Description: The issue concerns multiple vulnerabilities in OpenSSH and related...

10CVSS8.2AI score0.99506EPSS
Exploits208References350
Rows per page
Query Builder