EUVD-2026-37929

setupBpmLogs follows symlink for bpm.log open and chown — container-to-host privilege escalation via /etc/shadow. A compromised process inside a bpm container can cause root to chown an arbitrary host file to vcap and append bpm JSON log lines to it. The chown alone lets the attacker take ownersh...

TencentOS Server 4: systemd (TSSA-2025:0441)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0441 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

CVE-2020-11491

Monitoring::Logs in Zen Load Balancer 3.10.1 allows remote authenticated admins to conduct absolute path traversal attacks, as demonstrated by a filelog=/etc/shadow request to index.cgi...

PT-2024-36411 · Wavlink · Wavlink Wn531P3

Name of the Vulnerable Software and Affected Versions: WAVLINK WN531P3 version 202383 Description: A hardcoded password vulnerability was discovered in /etc/shadow, allowing attackers to log in as root. This issue enables unauthorized access to the system with elevated privileges. Recommendations...

Exploit for Use After Free in Linux Linux_Kernel

https://github.com/Notselwyn/CVE-2024-1086 usage docker...

SCO Unixware 7.1 pkginstall Buffer Overflow

No description provided by source. source: http://www.securityfocus.com/bid/853/info It is possible to view the entries in /etc/shadow through exploiting a buffer overflow in pkgcat and pkginstall. Though neither of these binaries are setuid, the dacread permissions which are granted in...

Perl 5.6.0 (on Linux) getpwuid() leave /etc/shadow opened

I'm not sure how serious this issue is, but I think it may cause problems in some environments. The system is Linux, RedHat 7.0, Perl 5.6.0, glibc 2.2.4, latest updates. Recently I run 'lsof' on unprivileged Apache httpd process running modperl application and was pretty surprised to see...

SCO Unixware 7.1 pkgcat - Local Buffer Overflow

// source: https://www.securityfocus.com/bid/853/info It is possible to view the entries in /etc/shadow through exploiting a buffer overflow in pkgcat and pkginstall. Though neither of these binaries are setuid, the dacread permissions which are granted in /etc/security/tcb/privs give them the...

SCO Unixware 7.1 pkginstall - Local Buffer Overflow

// source: https://www.securityfocus.com/bid/853/info It is possible to view the entries in /etc/shadow through exploiting a buffer overflow in pkgcat and pkginstall. Though neither of these binaries are setuid, the dacread permissions which are granted in /etc/security/tcb/privs give them the...