Lucene search
K

206 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2016-6664

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mysqldsafe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1,...

7CVSS6.8AI score0.0308EPSS
Exploits10References2
SUSE CVE
SUSE CVE
added 2025/02/14 5:49 a.m.10 views

SUSE CVE-2024-2746

Incomplete fix for CVE-2024-1929 The problem with CVE-2024-1929 was that the dnf5 D-Bus daemon accepted arbitrary configuration parameters from unprivileged users, which allowed a local root exploit by tricking the daemon into loading a user controlled "plugin". All of this happened before Polkit...

8.8CVSS6.8AI score0.00213EPSS
Exploits1References3
OSV
OSV
added 2024/12/14 1:15 p.m.4 views

CVE-2024-31891

IBM Storage Scale GUI 5.1.9.0 through 5.1.9.6 and 5.2.0.0 through 5.2.1.1 contains a local privilege escalation vulnerability. A malicious actor with command line access to the 'scalemgmt' user can elevate privileges to gain root access to the host operating system...

7.8CVSS6.5AI score0.00158EPSS
Exploits0References1
OSV
OSV
added 2024/11/19 4:0 p.m.6 views

UBUNTU-CVE-2024-48990

Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable...

7.8CVSS7.6AI score0.19924EPSS
Exploits15References4
CNVD
CNVD
added 2024/11/01 12:0 a.m.2 views

Elevation of Privilege Vulnerability in Fangde Desktop Operating System of Zhongke Fangde Software Co.

Fangde desktop operating system is a domestic operating system, adapted to Haikuang, Zhaoxin, Feiteng, Longxin, Shenwei, Kunpeng and other domestic CPUs, supporting x86, ARM, MIPS and other mainstream architectures. There is an elevation of privilege vulnerability in Fangde desktop operating...

7.3AI score
Exploits0
OSV
OSV
added 2024/08/06 12:15 a.m.43 views

UBUNTU-CVE-2024-7538

oFono CUSD AT Command Stack-based Buffer Overflow Code Execution Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...

7.8CVSS7.6AI score0.00292EPSS
Exploits0References4
OSV
OSV
added 2024/07/02 8:15 a.m.5 views

CVE-2024-37133

Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an improper privilege management vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to unauthorized gain of root-level access...

6.7CVSS5.8AI score0.00157EPSS
Exploits0References1
OSV
OSV
added 2024/06/27 7:15 p.m.6 views

CVE-2023-30997

IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain root access due to improper access controls. IBM X-Force ID: 254638...

7.8CVSS5.8AI score0.00231EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2024/06/26 12:0 a.m.9 views

PT-2024-6028 · Dell · Powerscale Onefs

Name of the Vulnerable Software and Affected Versions: Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 Description: The issue is related to an incorrect privilege assignment in the PowerScale OneFS operating system. This could allow a local high-privileged attacker to potentially exploit t...

6.8CVSS6.9AI score0.00156EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2024/04/05 12:0 a.m.3 views

PT-2024-21910 · Dnf5 · Dnf5

Name of the Vulnerable Software and Affected Versions: dnf5 affected versions not specified Description: The issue arises from the dnf5 D-Bus daemon accepting arbitrary configuration parameters from unprivileged users. This allows a local root exploit by tricking the daemon into loading a...

8.8CVSS6.9AI score0.00213EPSS
Exploits1References8
Amazon
Amazon
added 2023/05/31 12:0 a.m.3 views

Important: kernel

Issue Overview: A denial of service problem was found, due to a possible recursive locking scenario, resulting in a deadlock in tableclear in drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing sub-component. CVE-2023-2269 In the Linux kernel through 6.3.1, a use-after-free in...

7.8CVSS6.6AI score0.12966EPSS
Exploits7
RedHat Linux
RedHat Linux
added 2023/05/16 8:31 a.m.5 views

device-mapper-multipath: multipathd: insecure handling of files in /dev/shm leading to symlink attack

A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, in conjunction with CVE-2022-41974. Local users that are able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which may lead to...

7.8CVSS5.6AI score0.00658EPSS
Exploits4References5
OSV
OSV
added 2023/05/08 8:15 p.m.4 views

AZL-26690 CVE-2023-32233 affecting package kernel for versions less than 5.15.112.1-1

In the Linux kernel through 6.3.1, a use-after-free in Netfilter nftables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled...

7.8CVSS6.7AI score0.12966EPSS
Exploits7References1
SUSE CVE
SUSE CVE
added 2023/02/15 6:3 a.m.4 views

SUSE CVE-2009-1883

The z90cryptunlockedioctl function in the z90crypt driver in the Linux kernel 2.6.9 does not perform a capability check for the Z90QUIESCE operation, which allows local users to leverage euid 0 privileges to force a driver outage...

4.4CVSS6.2AI score0.00342EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:27 a.m.6 views

SUSE CVE-2014-5220

The mdcheck script of the mdadm package for openSUSE 13.2 prior to version 3.3.1-5.14.1 does not properly sanitize device names, which allows local attackers to execute arbitrary commands as root...

7.8CVSS7.4AI score0.00505EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:8 a.m.5 views

SUSE CVE-2019-15540

filters/filter-cso/filter-stream.c in the CSO filter in libMirage 3.2.2 in CDemu does not validate the part size, triggering a heap-based buffer overflow that can lead to root access by a local Linux user...

7.8CVSS7.7AI score0.00598EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 3:28 a.m.3 views

SUSE CVE-2022-23613

xrdp is an open source remote desktop protocol RDP server. In affected versions an integer underflow leading to a heap overflow in the sesman server allows any unauthenticated attacker which is able to locally access a sesman server to execute code as root. This vulnerability has been patched in...

7.8CVSS7.9AI score0.00485EPSS
Exploits0References3
OSV
OSV
added 2023/01/17 7:15 p.m.6 views

AZL-38137 CVE-2022-3650 affecting package ceph for versions less than 18.2.1-1

A privilege escalation flaw was found in Ceph. Ceph-crash.service allows a local attacker to escalate privileges to root in the form of a crash dump, and dump privileged information...

7.8CVSS7.1AI score0.00327EPSS
Exploits1References1
NCSC
NCSC
added 2022/11/22 12:0 a.m.4 views

Vulnerability in HPE OfficeConnect switches

HP Enterprise has fixed a vulnerability in several OfficeConnect switches. The vulnerability allows a malicious party to able to bypass authentication. The malicious party can use the acquired access to the switch to execute code on the underlying system with the privileges of the root user...

9.8CVSS7.2AI score0.02641EPSS
Exploits1
ATTACKERKB
ATTACKERKB
added 2022/08/26 12:15 a.m.5 views

CVE-2022-30984

A buffer overflow vulnerability in the Rubrik Backup Service RBS Agent for Linux or Unix-based systems in Rubrik CDM 7.0.1, 7.0.1-p1, 7.0.1-p2 or 7.0.1-p3 before CDM 7.0.2-p2 could allow a local attacker to obtain root privileges by sending a crafted message to the RBS agent...

7.8CVSS7.3AI score0.00209EPSS
Exploits0References3
Rows per page
Query Builder