16 matches found
EUVD-2025-203853
Nagios XI versions prior to 2026R1.1 are vulnerable to local privilege escalation due to an unsafe interaction between sudo permissions and application file permissions. A user‑accessible maintenance script may be executed as root via sudo and includes an application file that is writable by a...
CVE-2025-34288
Nagios XI versions prior to 2026R1.1 are vulnerable to local privilege escalation due to an unsafe interaction between sudo permissions and application file permissions. A user‑accessible maintenance script may be executed as root via sudo and includes an application file that is writable by a...
CVE-2025-34288
Nagios XI versions prior to 2026R1.1 are vulnerable to local privilege escalation due to an unsafe interaction between sudo permissions and application file permissions. A user‑accessible maintenance script may be executed as root via sudo and includes an application file that is writable by a...
CVE-2025-34288
Nagios XI versions prior to 2026R1.1 are affected by a local privilege-escalation flaw caused by an unsafe interaction between sudo permissions and application file permissions. A maintenance script, accessible to users, may run as root via sudo and includes an application file writable by a lowe...
PT-2025-51789
Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 2026R1.1 Description The software contains a flaw that allows for local privilege escalation. This is due to an unsafe interaction between sudo permissions and application file permissions. A maintenance script...
CVE-2019-11526
An issue was discovered in Softing uaGate SI 1.60.01. A maintenance script, that is executable via sudo, is vulnerable to file path injection. This enables the Attacker to write files with superuser privileges in specific locations...
CVE-2023-1827
A vulnerability has been found in SourceCodester Centralized Covid Vaccination Records System 1.0 and classified as critical. This vulnerability affects unknown code of the file /vaccinated/admin/maintenance/managelocation.php of the component GET Parameter Handler. The manipulation of the argume...
Softing uaGate SI Elevation of Privilege Vulnerability
Softing uaGate SI is a compact industrial gateway product from Softing Germany. An elevation of privilege vulnerability exists in the maintenance script in Softing uaGate SI version 1.60.01, which can be exploited by an attacker to write to a file with superuser privileges...
CVE-2019-11526
An issue was discovered in Softing uaGate SI 1.60.01. A maintenance script, that is executable via sudo, is vulnerable to file path injection. This enables the Attacker to write files with superuser privileges in specific locations...
CVE-2019-11526
An issue was discovered in Softing uaGate SI 1.60.01. A maintenance script, that is executable via sudo, is vulnerable to file path injection. This enables the Attacker to write files with superuser privileges in specific locations...
Path traversal
An issue was discovered in Softing uaGate SI 1.60.01. A maintenance script, that is executable via sudo, is vulnerable to file path injection. This enables the Attacker to write files with superuser privileges in specific locations...
ASMAX AR 804 gu Web Management Console Arbitrary Shell Command Injection Vulnerability
ASMAX 804 gu router is a SOHO class device. It provides ADSL / WiFi / Ethernet interfaces. 2. There is an unauthenticated maintenance script named 'script' in /cgi-bin/ directory of the web management interface. 3. When 'system' paramether is passed to the script it allows running OS shell...
ASMAX AR 804 GU Router Command Execution
ASMAX 804 gu router is a SOHO class device. It provides ADSL / WiFi / Ethernet interfaces. 2. There is an unauthenticated maintenance script named 'script' in /cgi-bin/ directory of the web management interface. 3. When 'system' paramether is passed to the script it allows running OS shell...
ASMAX AR 804 gu Web Management Console - Arbitrary Command Execution
ASMAX AR 804 gu Web Management Console - Arbitrary Command Execution 1. ASMAX 804 gu router is a SOHO class device. It provides ADSL / WiFi / Ethernet interfaces. 2. There is an unauthenticated maintenance script named 'script' in /cgi-bin/ directory of the web management interface. 3. When...
ASMAX AR 804 gu Web Management Console - Arbitrary Command Execution
ASMAX 804 gu router is a SOHO class device. It provides ADSL / WiFi / Ethernet interfaces. 2. There is an unauthenticated maintenance script named 'script' in /cgi-bin/ directory of the web management interface. 3. When 'system' paramether is passed to the script it allows running OS shell...
[SECURITY] [DSA-015-1] New version of sash released
---------------------------------------------------------------------------- Debian Security Advisory DSA-015-1 [email protected] http://www.debian.org/security/ Martin Schulze January 23, 2001 - ---------------------------------------------------------------------------- Package : sash...