Lucene search
K

39 matches found

OSV
OSV
added 2021/03/02 6:6 p.m.11 views

SUSE-SU-2021:0685-1 Security update for grub2

This update for grub2 fixes the following issues: grub2 now implements the new 'SBAT' method for SHIM based secure boot revocation. bsc1182057 Following security issues are fixed that can violate secure boot constraints: - CVE-2020-25632: Fixed a use-after-free in rmmod command bsc1176711 -...

8.2CVSS8AI score0.01738EPSS
Exploits0References16
Fedora
Fedora
added 2020/03/16 8:47 p.m.59 views

[SECURITY] Fedora 32 Update: sudo-1.9.0-0.1.b1.fc32

Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all commands and arguments. Sudo operates on a per-command basis. It is not a replacement for the shell. Features include: the ability to restrict...

9CVSS2.2AI score0.63917EPSS
Exploits21
OSV
OSV
added 2019/10/14 3:2 p.m.3 views

SUSE-SU-2019:2656-1 Security update for sudo

This update for sudo fixes the following issue: - CVE-2019-14287: Fixed an issue where a user with sudo privileges that allowed them to run commands with an arbitrary uid, could run commands as root, despite being forbidden to do so in sudoers bsc1153674...

9CVSS8.8AI score0.63917EPSS
Exploits10References3
OSV
OSV
added 2018/10/31 2:29 p.m.3 views

CVE-2018-15327

In BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1 or Enterprise Manager 3.1.1, when authenticated administrative users run commands in the Traffic Management User Interface TMUI, also referred to as the BIG-IP Configuration utility, restrictions on allowed commands may not be enforced...

7.2CVSS5.8AI score0.01178EPSS
Exploits0References1
CVE
CVE
added 2018/06/01 2:0 p.m.59 views

CVE-2018-5523

Summary of CVE-2018-5523 (F5 BIG-IP TMUI command restriction bypass) This issue affects BIG-IP TMUI (BIG-IP Configuration utility) on multiple versions, where authenticated administrative users can run commands without enforcement of restrictions. A privilege-escalation path exists for authentica...

7.2CVSS6.9AI score0.02263EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCve
added 2017/04/14 6:59 p.m.30 views

CVE-2016-7032

sudonoexec.so in Sudo before 1.8.15 on Linux might allow local users to bypass intended noexec command restrictions via an application that calls the 1 system or 2 popen function...

7CVSS6.8AI score0.00337EPSS
Exploits0References6
Cvelist
Cvelist
added 2015/04/01 2:0 p.m.35 views

CVE-2015-2756

QEMU, as used in Xen 3.3.x through 4.5.x, does not properly restrict access to PCI command registers, which might allow local HVM guest users to cause a denial of service non-maskable interrupt and host crash by disabling the 1 memory or 2 I/O decoding for a PCI Express device and then accessing...

5.8AI score0.0045EPSS
Exploits0References13
NVD
NVD
added 2015/03/12 2:59 p.m.34 views

CVE-2015-2150

Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest OS users to cause a denial of service non-maskable interrupt and host crash by disabling the 1 memory or 2 I/O decoding for a PCI Express device and...

4.9CVSS5.5AI score0.00534EPSS
Exploits0References21
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

Accellion Secure File Transfer Appliance Multiple Command Restriction Weakness Local Privilege Escalation

No description provided by source. source: http://www.securityfocus.com/bid/38176/info Accellion File Transfer Appliance is prone to multiple remote vulnerabilities, including: - Multiple privilege-escalation issues - A directory-traversal issue - An HTML-injection issue - A remote...

7.1AI score
Exploits0
OSV
OSV
added 2012/06/05 10:55 p.m.9 views

CVE-2012-0920

Use-after-free vulnerability in Dropbear SSH Server 0.52 through 2012.54, when command restriction and public key authentication are enabled, allows remote authenticated users to execute arbitrary code and bypass command restrictions via multiple crafted command requests, related to "channels...

7.1CVSS7.5AI score0.06489EPSS
Exploits0References9
Prion
Prion
added 2012/06/05 10:55 p.m.13 views

Design/Logic Flaw

Use-after-free vulnerability in Dropbear SSH Server 0.52 through 2012.54, when command restriction and public key authentication are enabled, allows remote authenticated users to execute arbitrary code and bypass command restrictions via multiple crafted command requests, related to "channels...

7.1CVSS8.1AI score0.06489EPSS
Exploits0References9Affected Software2
CVE
CVE
added 2012/06/05 10:0 p.m.134 views

CVE-2012-0920

Dropbear SSH Server 0.52–2012.54 is affected by a use-after-free (UAF) vulnerability when command restriction and public key authentication are enabled, exploitable by remote authenticated users via crafted command requests related to channels concurrency. Impact per sources includes arbitrary co...

7.1CVSS9.3AI score0.06489EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2012/06/05 10:0 p.m.29 views

CVE-2012-0920

Use-after-free vulnerability in Dropbear SSH Server 0.52 through 2012.54, when command restriction and public key authentication are enabled, allows remote authenticated users to execute arbitrary code and bypass command restrictions via multiple crafted command requests, related to "channels...

7.4AI score0.06489EPSS
Exploits0References9
Fedora
Fedora
added 2012/05/29 10:24 a.m.39 views

[SECURITY] Fedora 17 Update: sudo-1.8.3p1-7.fc17

Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all commands and arguments. Sudo operates on a per-command basis. It is not a replacement for the shell. Features include: the ability to restrict...

7.2CVSS2.2AI score0.00399EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2012/03/01 12:0 a.m.285 views

Dropbear SSH Server Channel Concurrency Use-after-free Remote Code Execution

According to its self-reported banner, the remote host is running a version of Dropbear SSH before 2012.55. As such, it reportedly contains a flaw that might allow an attacker to run arbitrary code on the remote host with root privileges if they are authenticated using a public key and command...

7.1CVSS8.4AI score0.06489EPSS
Exploits0References5
Fedora
Fedora
added 2011/01/21 11:0 p.m.65 views

[SECURITY] Fedora 13 Update: sudo-1.7.4p5-1.fc13

Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all commands and arguments. Sudo operates on a per-command basis. It is not a replacement for the shell. Features include: the ability to restrict...

6.9CVSS2.2AI score0.00496EPSS
Exploits0
Fedora
Fedora
added 2010/06/21 12:59 p.m.28 views

[SECURITY] Fedora 12 Update: sudo-1.7.2p6-2.fc12

Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all commands and arguments. Sudo operates on a per-command basis. It is not a replacement for the shell. Features include: the ability to restrict...

6.2CVSS2.2AI score0.00457EPSS
Exploits1
exploitpack
exploitpack
added 2010/02/10 12:0 a.m.18 views

Accellion Secure File Transfer Appliance - Multiple Command Restriction Privilege Escalations

Accellion Secure File Transfer Appliance - Multiple Command Restriction Privilege Escalations source: https://www.securityfocus.com/bid/38176/info Accellion File Transfer Appliance is prone to multiple remote vulnerabilities, including: - Multiple privilege-escalation issues - A directory-travers...

1.4AI score
Exploits0
NVD
NVD
added 2007/08/07 10:17 a.m.24 views

CVE-2007-4174

Tor before 0.1.2.16, when ControlPort is enabled, does not properly restrict commands to localhost port 9051, which allows remote attackers to modify the torrc configuration file, compromise anonymity, and have other unspecified impact via HTTP POST data containing commands without valid...

5.8CVSS6.7AI score0.0621EPSS
Exploits0References9
Rows per page
Query Builder