CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

SUSE CVE•added 2026/04/03 11:24 p.m.•6 views

SUSE CVE-2026-35535

In Sudo through 1.9.17p2 before 3e474c2, a failure of a setuid, setgid, or setgroups call, during a privilege drop before running the mailer, is not a fatal error and can lead to privilege escalation...

7.4CVSS5.8AI score0.00006EPSS

Exploits0References14

Github Security Blog•added 2023/10/20 6:30 a.m.•17 views

Pleaser privilege escalation vulnerability

please aka pleaser through 0.5.4 allows privilege escalation through the TIOCSTI and/or TIOCLINUX ioctl. If both TIOCSTI and TIOCLINUX are disabled, this cannot be exploited. Here is how to see it in action: $ cd "$mktemp -d" $ git clone --depth 1 https://gitlab.com/edneville/please.git $ cd...

7.8CVSS8AI score0.00072EPSS

Exploits1References6Affected Software1

OSV•added 2023/04/29 12:0 p.m.•13 views

RUSTSEC-2023-0066 Vulnerable to privilege escalation using ioctls TIOCSTI and TIOCLINUX

please is vulnerable to privilege escalation using ioctls TIOCSTI and TIOCLINUX on systems where they are not disabled. Here is how to see it in action: $ cd "$mktemp -d" $ git clone --depth 1 https://gitlab.com/edneville/please.git $ cd please/ $ git rev-parse HEAD...

4.6CVSS7.9AI score0.00072EPSS

Exploits1References3

SUSE CVE•added 2023/02/15 5:48 a.m.•4 views

SUSE CVE-2012-1187

Bitlbee does not drop extra group privileges correctly in unix.c...

9.8CVSS9.3AI score0.00427EPSS

Exploits0References3

OPENSUSE Linux•added 2021/07/11 12:0 a.m.•37 views

Security update for avahi (important)

openSUSE Security Update: Security update for avahi Announcement ID: openSUSE-SU-2021:1845-1 Rating: important References: 1180827 1184521 Cross-References: CVE-2021-26720 CVE-2021-3468 CVSS scores: CVE-2021-26720 NVD : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-26720 SUSE: 7.8...

7.8CVSS6.7AI score0.00089EPSS

Exploits0References2

OpenVAS•added 2021/06/09 12:0 a.m.•20 views

SUSE: Security Advisory (SUSE-SU-2021:1845-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.7AI score0.00089EPSS

Exploits0References5

RedHat Linux•added 2011/12/05 8:23 p.m.•1 views

qemu: when started as root, extra groups are not dropped correctly

The changeprocessuid function in os-posix.c in Qemu 0.14.0 and earlier does not properly drop group privileges when the -runas option is used, which allows local guest users to access restricted files on the host...

2.1CVSS5.8AI score0.00088EPSS

Exploits0References4

Cvelist•added 2005/02/16 5:0 a.m.•21 views

CVE-2005-0070

Synaesthesia 2.1 and earlier, and possibly other versions, when installed setuid root, does not drop privileges before processing configuration and mixer files, which allows local users to read arbitrary files...

6.2AI score0.00047EPSS

Exploits0References4

OSV•added 2004/01/20 12:0 a.m.•14 views

DSA-428 slocate - buffer overflow

Bulletin has no description...

4.6CVSS6.3AI score0.0037EPSS

Exploits0

CERT•added 2001/09/26 12:0 a.m.•63 views

IBM AIX nslookup fails to drop root privileges

Overview The nslookup command fails to drop privileges, allowing local attackers to gain root privileges. Description The nslookup program fails to drop the privileges it gains from being setuid. This access appears to be needed to read the "/etc/resolv.conf" file. This problem was described in I...

7.2CVSS6.2AI score0.00067EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by