Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

31 matches found

RedhatCVE
RedhatCVEadded 2026/01/07 9:37 a.m.5 views

CVE-1999-0062

The chpass command in OpenBSD allows a local user to gain root access through file descriptor leakage...

7.2CVSS7.1AI score0.0006EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-1999-0062

Malware in sbrugna...

7.2CVSS6.4AI score0.0006EPSS
Exploits0References2
SUSE CVE
SUSE CVEadded 2023/02/15 4:4 a.m.1 views

SUSE CVE-2019-1010259

SaltStack Salt 2018.3, 2019.2 is affected by: SQL Injection. The impact is: An attacker could escalate privileges on MySQL server deployed by cloud provider. It leads to RCE. The component is: The mysql.userchpass function from the MySQL module for Salt. The attack vector is: specially crafted...

9.8CVSS7.7AI score0.00363EPSS
Exploits1References3
Exploit DB
Exploit DBadded 2019/12/30 12:0 a.m.374 views

OpenBSD - Dynamic Loader chpass Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OpenBSD Dynamic Loader chpass Privilege Escalation', 'Description' = %q This module exploits a vulnerability in the OpenBSD ld.so dynamic loader...

7.8CVSS7.6AI score0.0938EPSS
Exploits12
0day.today
0day.todayadded 2019/12/27 12:0 a.m.267 views

OpenBSD Dynamic Loader chpass Privilege Escalation Exploit

This Metasploit module exploits a vulnerability in the OpenBSD ld.so dynamic loader CVE-2019-19726. The dlgetenv function fails to reset the LDLIBRARYPATH environment variable when set with approximately ARGMAX colons. This can be abused to load libutil.so from an untrusted path, using...

7.8CVSS0.5AI score0.0938EPSS
Exploits12
Packet Storm
Packet Stormadded 2019/12/27 12:0 a.m.262 views

OpenBSD Dynamic Loader chpass Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OpenBSD Dynamic Loader chpass Privilege Escalation', 'Description' = %q This module exploits a vulnerability in the OpenBSD ld.so dynamic loader...

7.2CVSS0.7AI score0.0938EPSS
Exploits12
Metasploit
Metasploitadded 2019/12/22 8:46 a.m.259 views

OpenBSD Dynamic Loader chpass Privilege Escalation

This module exploits a vulnerability in the OpenBSD ld.so dynamic loader CVE-2019-19726. The dlgetenv function fails to reset the LDLIBRARYPATH environment variable when set with approximately ARGMAX colons. This can be abused to load libutil.so from an untrusted path, using LDLIBRARYPATH in...

7.8CVSS0.4AI score0.0938EPSS
Exploits12
0day.today
0day.todayadded 2019/12/17 12:0 a.m.346 views

OpenBSD 6.x - Dynamic Loader Privilege Escalation Exploit

Local Privilege Escalation in OpenBSD's dynamic loader CVE-2019-19726 ============================================================================== Contents ============================================================================== Summary Analysis Demonstration Acknowledgments...

7.8CVSS0.7AI score0.0938EPSS
Exploits12
Exploit DB
Exploit DBadded 2019/12/16 12:0 a.m.223 views

OpenBSD 6.x - Dynamic Loader Privilege Escalation

Qualys Security Advisory Local Privilege Escalation in OpenBSD's dynamic loader CVE-2019-19726 ============================================================================== Contents ============================================================================== Summary Analysis Demonstration...

7.8CVSS7.8AI score0.0938EPSS
Exploits12
OSV
OSVadded 2019/12/12 1:15 a.m.0 views

CVE-2019-19726

OpenBSD through 6.6 allows local users to escalate to root because a check for LDLIBRARYPATH in setuid programs can be defeated by setting a very small RLIMITDATA resource limit. When executing chpass or passwd which are setuid root, dlsetupenv in ld.so tries to strip LDLIBRARYPATH from the...

7.8CVSS7.2AI score
Exploits0References9
NVD
NVDadded 2019/12/12 1:15 a.m.23 views

CVE-2019-19726

OpenBSD through 6.6 allows local users to escalate to root because a check for LDLIBRARYPATH in setuid programs can be defeated by setting a very small RLIMITDATA resource limit. When executing chpass or passwd which are setuid root, dlsetupenv in ld.so tries to strip LDLIBRARYPATH from the...

7.8CVSS7.7AI score0.0938EPSS
Exploits12References9
Prion
Prionadded 2019/12/12 1:15 a.m.83 views

Code injection

OpenBSD through 6.6 allows local users to escalate to root because a check for LDLIBRARYPATH in setuid programs can be defeated by setting a very small RLIMITDATA resource limit. When executing chpass or passwd which are setuid root, dlsetupenv in ld.so tries to strip LDLIBRARYPATH from the...

7.2CVSS7.6AI score0.0938EPSS
Exploits12References9Affected Software1
Packet Storm
Packet Stormadded 2019/12/12 12:0 a.m.255 views

Qualys Security Advisory - OpenBSD Dynamic Loader Privilege Escalation

Qualys Security Advisory Local Privilege Escalation in OpenBSD's dynamic loader CVE-2019-19726 ============================================================================== Contents ============================================================================== Summary Analysis Demonstration...

0.5AI score0.0938EPSS
Exploits12
Positive Technologies
Positive Technologiesadded 2019/12/12 12:0 a.m.1 views

PT-2019-15929 · Openbsd · Openbsd

Name of the Vulnerable Software and Affected Versions: OpenBSD versions through 6.6 Description: The issue allows local users to escalate to root because a check for LD LIBRARY PATH in setuid programs can be defeated by setting a very small RLIMIT DATA resource limit. When executing chpass or...

7.8CVSS7.5AI score0.0938EPSS
Exploits12References20
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.11 views

OpenBSD 2.x/3.x CHPass Temporary File Link File Content Revealing Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6748/info It has been reported that a problem with chpass included with OpenBSD may allow local users to gain access to the content of specific files. This vulnerability requires that lines in the target file be construct...

7.1AI score
Exploits0
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.29 views

Apple Directory Services Memory Corruption

No description provided by source. Apple Directory Services Memory Corruption CVE-2010-1840 INTRODUCTION chfn, chpass and chsh dos not properly parse authname switch -u, which causes the applications to crash when parsing a long string. Those binaries are setuid root by default. This problem was...

7.5CVSS0.6AI score0.0436EPSS
Exploits3
securityvulns
securityvulnsadded 2010/11/18 12:0 a.m.68 views

Apple Directory Services Memory Corruption - CVE-2010-1840

Dear List, I'm writing on behalf of the Check Point Vulnerability Discovery Team to publish the following vulnerability. Check Point Software Technologies - Vulnerability Discovery Team VDT http://www.checkpoint.com/defense/ Apple Directory Services Memory Corruption CVE-2010-1840 INTRODUCTION...

7.5CVSS0.3AI score0.0436EPSS
Exploits3
Exploit DB
Exploit DBadded 2010/11/11 12:0 a.m.35 views

Apple Directory Services - Memory Corruption

Apple Directory Services Memory Corruption CVE-2010-1840 INTRODUCTION chfn, chpass and chsh dos not properly parse authname switch "-u", which causes the applications to crash when parsing a long string. Those binaries are setuid root by default. This problem was confirmed in the following versio...

7.5CVSS9.6AI score0.0436EPSS
Exploits3
exploitpack
exploitpackadded 2010/11/11 12:0 a.m.33 views

Apple Directory Services - Memory Corruption

Apple Directory Services - Memory Corruption Apple Directory Services Memory Corruption CVE-2010-1840 INTRODUCTION chfn, chpass and chsh dos not properly parse authname switch "-u", which causes the applications to crash when parsing a long string. Those binaries are setuid root by default. This...

7.5CVSS0.7AI score0.0436EPSS
Exploits3
Packet Storm
Packet Stormadded 2010/05/19 12:0 a.m.26 views

Apple 10.6.3 chpass BSD Insecure Temp File Creating In /etc

!/bin/sh Apple private/etc fantastics-macbook: fantastic$ ./prdelka-vs-APPLE-chpass.sh Apple /etc/I.HAX.9GrrKm fantastics-macbook: fantastic$ cat /etc/I.HAX.9GrrKm Turtle power -- prdelka cat evil.c include include int mainint ar...

7.4AI score
Exploits0
Rows per page
Query Builder