CVE-2018-8739

VPN Unlimited 4.2.0 for macOS suffers from a root privilege escalation vulnerability in its privileged helper tool. The privileged helper tool implements an XPC interface, which allows arbitrary applications to execute system commands as root...

CVE-2017-20148

In the ebuild package through logcheck-1.3.23.ebuild for Logcheck on Gentoo, it is possible to achieve root privilege escalation from the logcheck user because of insecure recursive chown calls...

CVE-2018-7715

PrivateVPN 2.0.31 for macOS suffers from a root privilege escalation vulnerability with its com.privat.vpn.helper privileged helper tool. This privileged helper tool implements an XPC service that allows arbitrary installed applications to connect and send messages. The XPC service extracts the...

CVE-2018-10192

IPVanish 3.0.11 for macOS suffers from a root privilege escalation vulnerability. The com.ipvanish.osx.vpnhelper LaunchDaemon implements an insecure XPC service that could allow an attacker to execute arbitrary code as the root user. IPVanish uses a third-party library for converting xpcobjectt...

CVE-2002-2180

The setitimer2 system call in OpenBSD 2.0 through 3.1 does not properly check certain arguments, which allows local users to write to kernel memory and possibly gain root privileges, possibly via an integer signedness error...

CVE-2025-24234

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A malicious app may be able to gain root privileges...

CVE-2025-22941

A command injection vulnerability in the web interface of Adtran 411 ONT L80.00.0011.M2 allows attackers to escalate privileges to root and execute arbitrary commands...

Adtran 411 ONT 安全漏洞

The Adtran 411 ONT is an optical network terminal ONT from Adtran, Inc. It is used to provide fiber-to-the-home FTTH services and support high-speed Internet access. A security vulnerability exists in the Adtran 411 ONT version L80.00.0011.M2, which originates from a command injection in the web...

below 安全漏洞

below is a resource monitor for modern Linux systems open-sourced by Meta Incubator. A security vulnerability exists in versions of below prior to v0.9.0, which stems from the creation of a globally writable directory that could lead to elevation to root privileges via a symbolic link attack...

Linux Distros Unpatched Vulnerability : CVE-2020-12050

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SQLiteODBC 0.9996, as packaged for certain Linux distributions as 0.9996-4, has a race condition leading to root privilege escalation because any user can repla...

Linux Distros Unpatched Vulnerability : CVE-2020-27777

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down usually due to Secure Boot guest system running ...

Linux Distros Unpatched Vulnerability : CVE-2017-7500

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was found that rpm did not properly handle RPM installations when a destination path was a symbolic link to a directory, possibly changing ownership and...

Azure Linux 3.0 Security Update: oath-toolkit (CVE-2024-47191)

The version of oath-toolkit installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-47191 advisory. - pamoath.so in oath-toolkit 2.6.7 through 2.6.11 before 2.6.12 allows root privilege escalation because...

OpenHarmony 资源管理错误漏洞

OpenHarmony is a kind of Hongmeng operating system open source project of China OpenAtom OpenAtom Foundation. A resource management error vulnerability exists in OpenHarmony 4.1.2 and earlier versions, which stems from improper use of freed resources and could allow a local attacker to boost to...

SonicWALL Gen7 SonicOS Cloud platform NSv 安全漏洞

SonicWALL Gen7 SonicOS Cloud platform NSv is a series of virtual firewalls for cloud platforms from SonicWALL USA. A security vulnerability exists in the SonicWALL Gen7 SonicOS Cloud platform NSv SSH. An attacker can exploit the vulnerability to elevate privileges to "root" and potentially lead t...

Critical Vulnerabilities in Moxa Routers Allow Root Privilege Escalation

Critical security vulnerabilities have been found in Moxa cellular routers and network security appliances. Learn about CVE-2024-9138 &…...

PT-2025-20833

Name of the Vulnerable Software and Affected Versions: GNUScreen version 5.0.1 and earlier Description: The issue affects Linux administrators, cloud engineers, and developers. It is related to a root privilege escalation flaw. Recommendations: For versions prior to 5.0.1, update to version 5.0.1...

PT-2024-36621 · Dtex · Dtex Dec-M

Name of the Vulnerable Software and Affected Versions: DTEX DEC-M DTEX Forwarder version 6.1.1 Description: An issue was discovered in the com.dtexsystems.helper service, which handles privileged operations within the macOS DTEX Event Forwarder agent. The service fails to implement critical clien...

DEBIAN-CVE-2023-1521

On Linux the sccache client can execute arbitrary code with the privileges of a local sccache server, by preloading the code in a shared library passed to LDPRELOAD. If the server is run as root which is the default when installing the snap package https://snapcraft.io/sccache , this means a user...

CVE-2024-50370

CVE-2024-50370 affects Advantech EKI-6333AC-2G (<=1.6.3), EKI-6333AC-2GD (<=1.6.3) and EKI-6333AC-1GPO (1.6.3; 1GPO: >1.2.1) and/or temporarily disable the edgserver service and restrict access to the cfg_cmd_set_eth_conf operation until patches are applied.