Lucene search
K

410 matches found

Cvelist
Cvelist
added 2 days ago28 views

CVE-2026-52533

An issue in D-Link DIR-1253 v.1.0.1.250923.142435 allows an attacker to escalate privileges via the etc/shadow component file...

0.00166EPSS
Exploits0References3
CVE
CVE
added 2 days ago7 views

CVE-2026-52533

CVE-2026-52533 affects D-Link DIR-1253 v1.0.1.250923.142435. The issue enables privilege escalation via the etc/shadow component file. Details across connected sources consistently describe the same affected product and vector; no exploit steps or patches are provided in the supplied documents. T...

9.8CVSS6.1AI score0.00166EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/01 12:21 p.m.10 views

Malicious code in date-fns-lite (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4694a079d83e33dcee7f87140c41737009d9f0b19f351c23f2ae3dbce9a47a51 [email protected] presents as a lightweight date-formatting utility but ships a malicious postinstall.js that runs automatically on npm install. T...

5.9AI score
Exploits0References13
RedHat Linux
RedHat Linux
added 2026/06/30 11:30 a.m.5 views

kernel: Read root-owned files as an unprivileged user

A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully...

7.8CVSS6.4AI score0.0138EPSS
Exploits6References7
NVD
NVD
added 2026/06/18 7:16 p.m.12 views

CVE-2026-47833

setupBpmLogs follows symlink for bpm.log open and chown — container-to-host privilege escalation via /etc/shadow. A compromised process inside a bpm container can cause root to chown an arbitrary host file to vcap and append bpm JSON log lines to it. The chown alone lets the attacker take ownersh...

6.9CVSS0.00125EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/18 6:30 p.m.7 views

CVE-2026-47833

setupBpmLogs follows symlink for bpm.log open and chown — container-to-host privilege escalation via /etc/shadow. A compromised process inside a bpm container can cause root to chown an arbitrary host file to vcap and append bpm JSON log lines to it. The chown alone lets the attacker take ownersh...

6.9CVSS5.4AI score0.00125EPSS
Exploits0References2
CVE
CVE
added 2026/06/18 6:30 p.m.22 views

CVE-2026-47833

The CVE-2026-47833 issue affects bpm-release (all versions prior to v1.4.30). A compromised process inside a bpm container can trigger setupBpmLogs to follow a symlink for bpm.log, then perform chown on a host file to the user vcap, enabling container-to-host privilege escalation via the host’s /...

6.9CVSS5.5AI score0.00125EPSS
Exploits0References1
Metasploit
Metasploit
added 2026/06/16 7:2 p.m.222 views

Linux Kernel __ptrace_may_access() Exit Race chage File Disclosure

This module exploits a race condition in the Linux kernel doexit teardown path affecting ptracemayaccess. During process termination, privileged file descriptors may remain accessible through pidfdgetfd after task-mm becomes NULL, allowing sensitive file disclosure from privileged SUID binaries...

7.8CVSS6.5AI score0.0138EPSS
Exploits6
RedHat Linux
RedHat Linux
added 2026/06/09 1:49 p.m.16 views

kernel: Read root-owned files as an unprivileged user

A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully...

7.8CVSS5.8AI score0.0138EPSS
Exploits6References7
RedhatCVE
RedhatCVE
added 2026/06/05 7:29 p.m.11 views

CVE-2026-31927

Anviz CX7 Firmware is vulnerable to an authenticated CSV upload which allows path traversal to overwrite arbitrary files e.g., /etc/shadow, enabling unauthorized SSH access when combined with debug‑setting changes...

4.9CVSS5.6AI score0.00354EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/04 10:8 p.m.10 views

kernel: Read root-owned files as an unprivileged user

A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully...

7.8CVSS6AI score0.0138EPSS
Exploits6References7
RedHat Linux
RedHat Linux
added 2026/06/04 9:47 p.m.14 views

kernel: Read root-owned files as an unprivileged user

A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully...

7.8CVSS6AI score0.0138EPSS
Exploits6References7
RedHat Linux
RedHat Linux
added 2026/06/04 9:24 p.m.12 views

kernel: Read root-owned files as an unprivileged user

A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully...

7.8CVSS6AI score0.0138EPSS
Exploits6References7
RedHat Linux
RedHat Linux
added 2026/06/03 4:14 p.m.8 views

kernel: Read root-owned files as an unprivileged user

A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully...

7.8CVSS6AI score0.0138EPSS
Exploits6References7
NVD
NVD
added 2026/05/27 2:16 p.m.20 views

CVE-2026-36538

Netis AC1200 Router NC21 V4.0.1.4296 contains a hard-coded root credential stored in /etc/shadow.sample. The password for the root account is set to the trivially weak value root, allowing an attacker with access to the device to authenticate as root and gain full control of the underlying...

7.3CVSS0.00301EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/27 12:0 a.m.8 views

CVE-2026-36538

Netis AC1200 Router NC21 V4.0.1.4296 contains a hard-coded root credential stored in /etc/shadow.sample. The password for the root account is set to the trivially weak value root, allowing an attacker with access to the device to authenticate as root and gain full control of the underlying...

5.8AI score0.00301EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/05/26 6:6 a.m.63 views

kernel: Read root-owned files as an unprivileged user

A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully...

7.8CVSS6AI score0.0138EPSS
Exploits6References7
RedHat Linux
RedHat Linux
added 2026/05/21 6:10 p.m.10 views

kernel: Read root-owned files as an unprivileged user

A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully...

7.8CVSS6AI score0.0138EPSS
Exploits6References7
RedHat Linux
RedHat Linux
added 2026/05/21 12:41 p.m.8 views

kernel: Read root-owned files as an unprivileged user

A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully...

7.8CVSS6AI score0.0138EPSS
Exploits6References7
RedHat Linux
RedHat Linux
added 2026/05/20 11:40 p.m.11 views

kernel: Read root-owned files as an unprivileged user

A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully...

7.8CVSS5.8AI score0.0138EPSS
Exploits6References7
Rows per page
Query Builder