5 matches found
CVE-2020-36770
pkgpostinst in the Gentoo ebuild for Slurm through 22.05.3 unnecessarily calls chown to assign root's ownership on files in the live root filesystem. This could be exploited by the slurm user to become the owner of root-owned files...
PT-2024-10822 · Gentoo +1 · Gentoo +1
Name of the Vulnerable Software and Affected Versions: Slurm versions through 22.05.3 Description: The issue arises from the pkg postinst in the Gentoo ebuild for Slurm, which unnecessarily calls chown to assign root's ownership on files in the live root filesystem. This could be exploited by the...
F5 BIG-IP APM and BIG-IP APM Clients svpn elevation of privilege vulnerability
F5 BIG-IP APM and BIG-IP APM Clients are both products of F5 Corporation in the U.S. F5 BIG-IP APM is a suite of access and security solutions. the APM Client is a suite of APM client software. svpn is one of the private VPN components. An elevation of privilege vulnerability exists in F5 BIG-IP...
CVE-2018-5546
The svpn and policyserver components of the F5 BIG-IP APM client prior to version 7.1.7.1 for Linux and macOS runs as a privileged process and can allow an unprivileged user to get ownership of files owned by root on the local client host. A malicious local unprivileged user may gain knowledge of...
KDE 1.1.2 KApplication configfile - Local Privilege Escalation (1)
KDE 1.1.2 KApplication configfile - Local Privilege Escalation 1 source: https://www.securityfocus.com/bid/1291/info The KDE configuration-file management has a bug which could result in root compromise. Due to insecure creation of configuration rc files via KApplication-class, local users can...