Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded 2026/02/06 5:16 p.m.1 views

UBUNTU-CVE-2026-23741

Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2, the asterisk/contrib/scripts/astcoredumper runs as root, as noted by the NOTES tag on line 689 of the astcoredumper file. The script will source the conten...

8.8CVSS6AI score0.00041EPSS
Exploits0References3
F5 Networks
F5 Networksadded 2023/02/21 7:57 p.m.45 views

K00409335: procps-ng vulnerability CVE-2018-1122

Security Advisory Description procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege escalation by exploiting one of several vulnerabilities in the configfil...

7.3CVSS7.6AI score0.00252EPSS
Exploits5Affected Software12
RedHat Linux
RedHat Linuxadded 2020/02/25 12:14 p.m.1 views

procps: Local privilege escalation in top

If the HOME environment variable is unset or empty, top will read its configuration file from the current working directory without any security check. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege escalation by exploiting one of...

7.3CVSS7.3AI score0.00252EPSS
Exploits5References5
Veracode
Veracodeadded 2019/08/08 12:7 a.m.32 views

Privilege Escalation

procps-ng is vulnerable to privilege escalation. The top utility is run with HOME unset in an attacker-controlled directory, the attacker can exploit one of several vulnerabilities in the configfile to escalate the privileges...

7.3CVSS2.5AI score0.00252EPSS
Exploits5References18Affected Software1
Tenable Nessus
Tenable Nessusadded 2018/10/26 12:0 a.m.45 views

EulerOS Virtualization 2.5.1 : procps-ng (EulerOS-SA-2018-1326)

According to the versions of the procps-ng package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - If the HOME environment variable is unset or empty, top will read its configuration file from the current working directory...

7.5CVSS6.8AI score0.03312EPSS
Exploits7References4
CNVD
CNVDadded 2018/05/25 12:0 a.m.1 views

procps-ng elevation of privilege vulnerability

procps-ng is a utility used on Linux platforms to provide information about proc filesystem processes. An elevation of privilege vulnerability exists in the 'configfile' function of top in versions of procps-ng prior to 3.3.15. A local attacker can exploit this vulnerability to elevate privileges...

7.3CVSS6.7AI score0.00252EPSS
Exploits5References1
Debian CVE
Debian CVEadded 2018/05/23 2:0 p.m.36 views

CVE-2018-1122

procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege escalation by exploiting one of several vulnerabilities in the configfile function...

7.3CVSS8.8AI score0.00252EPSS
Exploits5
Rows per page
Query Builder