CVE-2021-3999

A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd in a setuid program could use this flaw to potentially execute...

CVE-2021-3999

A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd in a setuid program could use this flaw to potentially execute...

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2022-2218)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2022-6819 · Ppp +3 · Ppp +3

Name of the Vulnerable Software and Affected Versions: ppp affected versions not specified Description: The issue is related to the function dumpppp of the file pppdump/pppdump.c of the component pppdump. It involves improper validation of array index due to the manipulation of the argument...

Exploit for Out-of-bounds Write in Polkit_Project Polkit

CVE-2021-4034 One day for the polkit privilege escalation expl...

The vulnerability of the ImageCast X ballot marking device’s software, related to access control errors, allows a violator to execute arbitrary code.

The vulnerability of the ImageCast X ballot marking device’s software is related to access control errors. Exploiting this vulnerability could allow a perpetrator to execute arbitrary code using a specially created binary file with the setuid flag...

EulerOS 2.0 SP10 : glibc (EulerOS-SA-2022-1823)

According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd may lead to memory corruption when the size of the buffer is...

CVE-2022-31214

A Privilege Context Switching issue was discovered in join.c in Firejail 0.9.68. By crafting a bogus Firejail container that is accepted by the Firejail setuid-root program as a join target, a local attacker can enter an environment in which the Linux user namespace is still the initial user...

CVE-2022-31214

A Privilege Context Switching issue was discovered in join.c in Firejail 0.9.68. By crafting a bogus Firejail container that is accepted by the Firejail setuid-root program as a join target, a local attacker can enter an environment in which the Linux user namespace is still the initial user...

UBUNTU-CVE-2022-31214

A Privilege Context Switching issue was discovered in join.c in Firejail 0.9.68. By crafting a bogus Firejail container that is accepted by the Firejail setuid-root program as a join target, a local attacker can enter an environment in which the Linux user namespace is still the initial user...

Design/Logic Flaw

A Privilege Context Switching issue was discovered in join.c in Firejail 0.9.68. By crafting a bogus Firejail container that is accepted by the Firejail setuid-root program as a join target, a local attacker can enter an environment in which the Linux user namespace is still the initial user...

CVE-2022-31214

A Privilege Context Switching issue was discovered in join.c in Firejail 0.9.68. By crafting a bogus Firejail container that is accepted by the Firejail setuid-root program as a join target, a local attacker can enter an environment in which the Linux user namespace is still the initial user...

PT-2022-3261

Name of the Vulnerable Software and Affected Versions Dominion Voting Systems ImageCast X affected versions not specified Description The issue is related to errors in access control, allowing an attacker to execute arbitrary code with elevated privileges by exploiting a system-level service. Thi...

USN-5380-1: Bash vulnerability | Cloud Foundry

Severity Low Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description It was discovered that Bash did not properly drop privileges when the binary had the setuid bit enabled. An attacker could possibly use this issue to escalate privileges. Update...

NewStart CGSL CORE 5.04 / MAIN 5.04 : docker-ce Multiple Vulnerabilities (NS-SA-2022-0018)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has docker-ce packages installed that are affected by multiple vulnerabilities: - Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where attempting to...

CLSA-2022-1651685129 Fix CVE(s): CVE-2019-18276

SECURITY UPDATE: privilege gain via setuid - debian/patches/CVE-2019-18276.patch: replace the use of setuid and setgid when possible with setresuid and setresgid, respectively. - CVE-2019-18276...

CVE-2022-29849

In Progress OpenEdge before 11.7.14 and 12.x before 12.2.9, certain SUID binaries within the OpenEdge application were susceptible to privilege escalation. If exploited, a local attacker could elevate their privileges and compromise the affected system...

EulerOS 2.0 SP8 : glibc (EulerOS-SA-2022-1565)

According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The deprecated compatibility function clntcreate in the sunrpc module of the GNU C Library aka glibc through 2.34 copies its hostname argument on...

USN-5380-1: Bash vulnerability

It was discovered that Bash did not properly drop privileges when the binary had the setuid bit enabled. An attacker could possibly use this issue to escalate privileges...

Buffer Overflow

glibc is vulnerable to buffer overflow. The vulnerability exists due to a memory corruption when the size of the buffer is exactly 1 which allows an attacker to control the input buffer and size passed to getcwd in a setuid program...