Lucene search
K

554 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-3480

Malicious code in bioql PyPI...

6.9CVSS6.4AI score0.00735EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2025/10/01 11:10 p.m.7 views

sfcb in sblim-sfcb places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

...

4.4CVSS7AI score0.0034EPSS
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.2 views

Malicious code in portal-shared-library (npm)

The package portal-shared-library was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.0 views

MAL-2025-29523 Malicious code in portal-shared-library (npm)

The package portal-shared-library was found to contain malicious code...

7.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/07/10 12:0 a.m.3 views

EulerOS 2.0 SP10 : glibc (EulerOS-SA-2025-1774)

According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Untrusted LDLIBRARYPATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of...

7.8CVSS7.1AI score0.0039EPSS
Exploits1References2
GithubExploit
GithubExploit
added 2025/07/04 10:28 p.m.245 views

Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo

CVE-2025-32463 Local Privilege Escalation to Root via Sudo chr...

9.3CVSS9.5AI score0.47467EPSS
Exploits70
RedhatCVE
RedhatCVE
added 2025/06/30 2:16 p.m.25 views

CVE-2025-32463

A flaw was found in Sudo. This flaw allows a local attacker to escalate their privileges by tricking Sudo into loading an arbitrary shared library using the user-specified root directory via the -R --chroot option. An attacker can run arbitrary commands as root on systems that support...

9.3CVSS7.3AI score0.47467EPSS
Exploits70References5
RedhatCVE
RedhatCVE
added 2025/05/23 3:31 a.m.12 views

CVE-2023-27199

PAX Technology A930 PayDroid7.1.1VirgoV04.5.0220220722 allows attackers to compile a malicious shared library and use LDPRELOAD to bypass authorization checks...

6.7CVSS6.9AI score0.00212EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:27 a.m.6 views

CVE-2023-27197

PAX A930 device with PayDroid7.1.1VirgoV04.5.0220220722 can allow an attacker to gain root access by running a crafted binary leveraging an exported function from a shared library. The attacker must have shell access to the device in order to exploit this vulnerability...

6.7CVSS7.1AI score0.00215EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:24 a.m.8 views

CVE-2019-17044

An issue was discovered in BMC Patrol Agent 9.0.10i. Weak execution permissions on the PatrolAgent SUID binary could allow an attacker with "patrol" privileges to elevate his/her privileges to the ones of the "root" user by specially crafting a shared library .so file that will be loaded during...

7.8CVSS6.9AI score0.00393EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:31 a.m.7 views

CVE-2010-3381

The 1 tangerine and 2 tangerine-properties scripts in Tangerine 0.3.2.2 place a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

6.9CVSS6.8AI score0.00386EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:31 a.m.5 views

CVE-2010-3378

The 1 scilab, 2 scilab-cli, and 3 scilab-adv-cli scripts in Scilab 5.2.2 place a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

6.9CVSS6.8AI score0.00379EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:30 a.m.8 views

CVE-2010-3365

Mistelix 0.31 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

6.9CVSS6.8AI score0.00381EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:30 a.m.8 views

CVE-2010-3366

MnFit 5.13 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

6.9CVSS6.8AI score0.00386EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:30 a.m.10 views

CVE-2010-3363

roarify in roaraudio 0.3 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

6.9CVSS6.8AI score0.00381EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:15 a.m.5 views

CVE-2010-3380

The 1 init.d/slurm and 2 init.d/slurmdbd scripts in SLURM before 2.1.14 place the . dot directory in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

6.9CVSS6.8AI score0.00303EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:15 a.m.7 views

CVE-2010-3377

The 1 runSalome, 2 runTestMedCorba, 3 runLightSalome, and 4 hxx2salome scripts in SALOME 5.1.3 place a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

6.9CVSS6.8AI score0.00381EPSS
Exploits1References1
CNVD
CNVD
added 2025/05/22 12:0 a.m.2 views

GNU C Library Code Problem Vulnerability

The GNU C Library is an open source, free C language compiler from the GNU community released under the LGPL license. A code issue vulnerability exists in GNU C Library, which can be exploited by an attacker to cause dynamic shared library loading...

7.8CVSS9.5AI score0.0039EPSS
Exploits1References1
NVD
NVD
added 2025/05/16 8:15 p.m.18 views

CVE-2025-4802

Untrusted LDLIBRARYPATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen including internal dlopen calls after setlocale or calls to NSS functions...

7.8CVSS0.0039EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/05/16 7:32 p.m.87 views

CVE-2025-4802

Untrusted LDLIBRARYPATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen including internal dlopen calls after setlocale or calls to NSS functions...

0.0039EPSS
Exploits1References2
Rows per page
Query Builder