CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CISA KEV Catalog•added 2021/12/10 12:0 a.m.•26 views

Embedthis GoAhead Remote Code Execution Vulnerability

Embedthis GoAhead before 3.6.5 allows remote code execution if CGI is enabled and a CGI program is dynamically linked...

8.1CVSS3.6AI score0.94266EPSS

In wildExploits15

NVD•added 2021/03/26 8:15 a.m.•9 views

CVE-2021-28249

CA eHealth Performance Manager through 6.3.2.12 is affected by Privilege Escalation via a Dynamically Linked Shared Object Library. To exploit the vulnerability, the ehealth user must create a malicious library in the writable RPATH, to be dynamically linked when the FtpCollector executable is ru...

8.8CVSS0.00047EPSS

NVD•added 2021/03/26 8:15 a.m.•8 views

CVE-2021-28246

CA eHealth Performance Manager through 6.3.2.12 is affected by Privilege Escalation via a Dynamically Linked Shared Object Library. A regular user must create a malicious library in the writable RPATH, to be dynamically linked when the emtgtctl2 executable is run. The code in the library will be...

7.8CVSS0.00101EPSS

Prion•added 2021/03/26 8:15 a.m.•7 views

Privilege escalation

UNSUPPORTED WHEN ASSIGNED CA eHealth Performance Manager through 6.3.2.12 is affected by Privilege Escalation via a Dynamically Linked Shared Object Library. To exploit the vulnerability, the ehealth user must create a malicious library in the writable RPATH, to be dynamically linked when the...

7.2CVSS8.5AI score0.00047EPSS

Prion•added 2021/03/26 8:15 a.m.•8 views

Privilege escalation

UNSUPPORTED WHEN ASSIGNED CA eHealth Performance Manager through 6.3.2.12 is affected by Privilege Escalation via a Dynamically Linked Shared Object Library. A regular user must create a malicious library in the writable RPATH, to be dynamically linked when the emtgtctl2 executable is run. The co...

4.4CVSS7.5AI score0.00101EPSS

CVE•added 2021/03/26 7:11 a.m.•37 views

CVE-2021-28249

CA eHealth Performance Manager up to version 6.3.2.12 is affected by a Privilege Escalation due to a Dynamically Linked Shared Object Library. An attacker must place a malicious library in the writable RPATH, which is loaded when the FtpCollector executable runs, causing the code in the library t...

8.8CVSS8.5AI score0.00047EPSS

Cvelist•added 2021/03/26 7:11 a.m.•14 views

CVE-2021-28249

8.8AI score0.00047EPSS

Vulnrichment•added 2021/03/26 7:4 a.m.•14 views

CVE-2021-28246

6.9AI score0.00101EPSS

CVE•added 2021/03/26 7:4 a.m.•39 views

CVE-2021-28246

CVE-2021-28246 affects CA eHealth Performance Manager up to version 6.3.2.12. The issue is a privilege-escalation defect where a regular user can place a malicious library in the writable RPATH, which is dynamically linked when the emtgtctl2 executable runs, causing the library code to execute wi...

7.8CVSS7.5AI score0.00101EPSS

Cvelist•added 2021/03/26 7:4 a.m.•13 views

CVE-2021-28246

7.7AI score0.00101EPSS

Positive Technologies•added 2021/03/26 12:0 a.m.•4 views

PT-2021-17831 · Ca · Ca Ehealth Performance Manager

Name of the Vulnerable Software and Affected Versions: CA eHealth Performance Manager versions through 6.3.2.12 Description: The issue is related to Privilege Escalation via a Dynamically Linked Shared Object Library. A regular user can create a malicious library in the writable RPATH, which will...

7.8CVSS7AI score0.00101EPSS

Exploits1References5

Fedora•added 2018/07/29 2:19 a.m.•22 views

[SECURITY] Fedora 27 Update: libpng10-1.0.69-5.fc27

The libpng10 package contains an old version of libpng, a library of functi ons for creating and manipulating PNG Portable Network Graphics image format files. This package is needed if you want to run binaries that were linked dynamic ally with libpng 1.0.x...

6.5CVSS3AI score0.03717EPSS

OpenVAS•added 2015/09/29 12:0 a.m.•15 views

Gentoo Security Advisory GLSA 201401-29

Gentoo Linux Local Security Checks GLSA 201401-29 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

6.9CVSS5AI score0.00143EPSS

OpenVAS•added 2015/09/29 12:0 a.m.•20 views

Gentoo Security Advisory GLSA 201401-28

Gentoo Linux Local Security Checks GLSA 201401-28 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

6.9CVSS5AI score0.00347EPSS

Exploits0References1

seebug.org•added 2014/07/01 12:0 a.m.•14 views

SunOS <= 4.1.3 LD_LIBRARY_PATH and LD_OPTIONS Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/43/info There exists a vulnerability involving environment variables and setuid/setgid programs under SunOS 4.0 and higher. A dynamically-linked program that is invoked by a setuid/setgid program has access to the caller'...

7.1AI score

Gentoo Linux•added 2014/01/26 12:0 a.m.•26 views

GNU TeXmacs: Privilege escalation

Background GNU TeXmacs is a free WYSIWYG editing platform with special features for scientists. Description The texmacs and tmmupadhelp scripts in TeXmacs place a zero-length directory name in the LDLIBRARYPATH, which might result in the current working directory . to be included when searching f...

6.9CVSS6.2AI score0.00046EPSS

Exploits1

securityvulns•added 2013/08/12 12:0 a.m.•34 views

Two Vulnerabilities in NetworkMiner : DLL Hijacking + Directory Traversal

Security Advisory ID: NETRESEC-1386968 http://netresec.com/?b=1386968 NetworkMiner version 1.4.1 and older is vulnerable to DLL hijacking and contains a directory traversal vulnerability. ==Description== NetworkMiner is a tool designed for network forensics and network security monitoring. It is...

7.9AI score