RootHelper

This is an offensive tool for Linux privilege escalation. The primary CVE ID is not explicitly mentioned, but the tool fetches scripts that aid in privilege escalation, suggesting that it targets vulnerabilities in Linux systems. The tool, called RootHelper, downloads and unzips scripts that...

📄 Netdata ndsudo 1.45.0 Privilege Escalation

ndsudo versions 1.45.0 and below have a vulnerability that allows an attacker to achieve privilege escalation. It leverages an untrusted search path, when searching for additional binary files, such as nvme. An attacker can create a malicious binary with the same name and add the directory of thi...

TencentOS Server 4: pam (TSSA-2025:0538)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0538 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Linux Distros Unpatched Vulnerability : CVE-2021-23999

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional privileges that should...

dirty_sock

dirtysock: Linux Privilege Escalation via snapd In January 2019, current versions of Ubuntu Linux were found to be vulnerable to local privilege escalation due to a bug in the snapd API. This repository contains the original exploit POC, which is being made available for research and education. F...

CVE-2023-50260

Wazuh is a free and open source platform used for threat prevention, detection, and response. A wrong validation in the hostdeny script allows to write any string in the hosts.deny file, which can end in an arbitrary command execution on the target system. This vulnerability is part of the active...

CVE-2025-26675

Out-of-bounds read in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally...

UBUNTU-CVE-2025-26675

Out-of-bounds read in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally...

The Bug Report - March 2025 Edition

The Bug Report - March 2025 Edition By Jonathan Omakun · April 3, 2025 Why am I here? Welcome to the March 2025 edition of The Bug Report—where the bracket-breaking isn’t just happening on the court. While US college basketball fans are busy filling out brackets and chasing Cinderella stories,...

Exploit for Heap-based Buffer Overflow in Gnu Glibc

CVE-2023-4911 This is a PoC Proof Of Concept for the Looney...

The vulnerability of DRM/LIMA components in Linux operating systems allows attackers to increase their privileges within the system.

The vulnerability of DRM/LIMA components in the Linux operating system is related to the state of the competition. Exploiting this vulnerability can allow a hacker to increase their privileges within the system...

CVE-2024-24892 Unauthorized RCE in migration-tools

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection', Improper Privilege Management vulnerability in openEuler migration-tools on Linux allows Command Injection, Restful Privilege Elevation. This vulnerability is associated with program files...

CVE-2023-26031

Relative library resolution in linux container-executor binary in Apache Hadoop 3.3.1-3.3.4 on Linux allows local user to gain root privileges. If the YARN cluster is accepting work from remote authenticated users, this MAY permit remote users to gain root privileges. Hadoop 3.3.0 updated the "...

The vulnerability of the vmwgfx module in Linux operating systems allows attackers to increase their privileges.

The vulnerability of the vmwgfx module in Linux operating systems is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...

CVE-2023-46277

please aka pleaser through 0.5.4 allows privilege escalation through the TIOCSTI and/or TIOCLINUX ioctl. If both TIOCSTI and TIOCLINUX are disabled, this cannot be exploited...

SUSE CVE-2023-28410

Improper restriction of operations within the bounds of a memory buffer in some IntelR i915 Graphics drivers for linux before kernel version 6.2.10 may allow an authenticated user to potentially enable escalation of privilege via local access...

The vulnerability of the indexing filter of the traffic control system tcindex (net/sched/cls_tcindex.c) in the Linux operating system allows a hacker to increase their privileges.

The vulnerability of the indexing filter in the tcindex traffic control system net/sched/clstcindex.c in the Linux operating system is related to improper handling of filters, resulting in the re-release of previously released memory. Exploiting this vulnerability can allow an attacker to increas...

SUSE CVE-2021-3982

Linux distributions using CAPSYSNICE for gnome-shell may be exposed to a privilege escalation issue. An attacker, with low privilege permissions, may take advantage of the way CAPSYSNICE is currently implemented and eventually load code to increase its process scheduler priority leading to possib...

OESA-2022-2097 python3 security update

Python combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems. New built-in modules are easily written in C or C...

Exploit for Incorrect Authorization in Polkit_Project Polkit

PolicyKit CVE-2021-3560 Exploitation Authentication Agent ====...