CVE-2016-1457

The web-based GUI in Cisco Firepower Management Center 4.x and 5.x before 5.3.1.2 and 5.4.x before 5.4.0.1 and Cisco Adaptive Security Appliance ASA Software on 5500-X devices with FirePOWER Services 4.x and 5.x before 5.3.1.2 and 5.4.x before 5.4.0.1 allows remote authenticated users to execute...

CVE-2016-2875

IBM Security QRadar SIEM 7.1.x and 7.2.x before 7.2.7 allows remote authenticated users to execute arbitrary OS commands as root via unspecified vectors...

Privilege escalation when changing root password in sti builder image

A flaw was found in the building of containers within OpenShift Enterprise. An attacker could submit an image for building that executes commands within the container as root, allowing them to potentially escalate privileges...

The vulnerability of the Cisco Firepower Extensible Operating System allows a perpetrator to execute arbitrary operating system commands on behalf of the root user.

The vulnerability of the Cisco Firepower Extensible Operating System component exists due to the lack of measures taken to neutralize the special elements used in the operating system’s command line. Exploiting this vulnerability allows a malicious actor, operating locally, to execute arbitrary...

IBM Tivoli Storage Manager for Virtual Environments Command Execution Vulnerability

IBM Tivoli Storage Manager for Virtual Environments is a VM backup and recovery solution from IBM USA. A remote elevation vulnerability exists in IBM Tivoli Storage Manager for Virtual Environments, which allows an attacker to submit a special request to execute operating system commands with roo...

PT-2015-6805 · Red Hat · Red Hat Openshift Enterprise

Name of the Vulnerable Software and Affected Versions: Red Hat OpenShift Enterprise version 3.0.0.0 Description: The issue allows remote authenticated users with build permissions to execute arbitrary shell commands with root permissions on arbitrary build pods. Recommendations: For Red Hat...

openstack-puppet-modules: pacemaker configured with default password

It was discovered that the puppet manifests, as provided with the openstack-puppet-modules package, would configure the pcsd daemon with a known default password. If this password was not changed and an attacker was able to gain access to pcsd, they could potentially run shell commands as root...

UBUNTU-CVE-2014-7208

GParted before 0.15.0 allows local users to execute arbitrary commands with root privileges via shell metacharacters in a crafted filesystem label...

Command Injection Vulnerability

A vulnerability exists whereby an unauthenticated user can inject commands as root on the device. Ref 31091 This vulnerability can result in arbitrary command execution, and can result in total compromise of the device. This issue affects PAN-OS 4.0.4 and earlier; PAN-OS 3.1.9 and earlier. Work...

Interscan Web Security 5.0 - Arbitrary File Upload Privilege Escalation

Interscan Web Security 5.0 - Arbitrary File Upload Privilege Escalation Advisory Name: Local Privilege Escalation in InterScan Web Security Virtual Apliance 5.0 Internal Cybsec Advisory Id: 2010-0604 Vulnerability Class: Local Privilege Escalation Release Date: 22-06-2010 Affected Applications:...

virtualbox -- privilege escalation

Sun reports: A security vulnerability in the VBoxNetAdpCtl configuration tool for certain Sun VirtualBox 3.0 packages may allow local unprivileged users who are authorized to run VirtualBox to execute arbitrary commands with root privileges...

CVE-1999-1560

CVE-1999-1560 describes a local privilege escalation in TAMU Tiger where a vulnerability in a script allows local users to execute arbitrary commands as the Tiger user (usually root). The affected component is a script within TAMU Tiger; the underlying cause is not explicitly detailed in the prov...

Security Advisory: FreeBSD-SA-00:22.apsfilter

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:22 Security Advisory FreeBSD, Inc. Topic: apsfilter allows users to execute arbitrary commands as user lpd Category: ports Module: apsfilter Announced: 2000-06-07 Credits...

Solaris 2.67.0 - lpset -r Local Buffer Overflow (2)

Solaris 2.67.0 - lpset -r Local Buffer Overflow 2 // source: https://www.securityfocus.com/bid/1138/info A vulnerability exists in the handling of the -r option to the lpset program, as included in Solaris 7 from Sun Microsystems. The -r option is undocumented. As such, its use in unknown. Howeve...

CVE-1999-0163

CVE-1999-0163 affects older Sendmail versions. An attacker could use a pipe character to execute root commands, enabling local privilege escalation. Affected data shows multiple advisories citing Sendmail with this pipe-based command execution, including references to specific package versions (e...

CVE-1999-0088

IRIX and AIX automountd services autofsd allow remote users to execute root commands...

CVE-1999-0088

CVE-1999-0088 affects IRIX and AIX automountd services (autofsd). The connected records corroborate that remote users can execute root commands via these services. The available documents do not detail the exact root cause, affected versions, exploitation status, or specific remediation steps. Th...

CVE-1999-0244

The CVE-1999-0244 entry concerns the Livingston RADIUS code, where a buffer overflow vulnerability could allow remote execution of commands with root privileges. Affected software/component: Livingston RADIUS code; vulnerability type: buffer overflow in the code path handling RADIUS messages. Doc...

CVE-1999-0388

DataLynx suGuard (DataLynx) is affected: it trusts the PATH environment variable to execute the ps command, enabling a local user to run commands with root privileges. Root cause: use of PATH for command execution without proper validation. Impact: local privilege escalation to root as described ...

CVE-1999-0204

CVE-1999-0204 affects Sendmail 8.6.9. Multiple connected sources (Red Hat, PT Security, Nessus plugins) describe an ident overflow vulnerability that allows remote attackers to execute commands as root. Root-privilege impact is stated; remediation advised is upgrading to a newer Sendmail version ...