Lucene search
K

18 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2020-28931

Malware in sbrugna...

8.4CVSS7.6AI score0.00277EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-19635

Malicious code in bioql PyPI...

7.8CVSS6.7AI score0.00182EPSS
Exploits0References1
OSV
OSV
added 2024/05/22 6:15 p.m.3 views

CVE-2024-20360

A vulnerability in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability exists because the web-based management interface does not adequately...

8.8CVSS6.1AI score0.00836EPSS
Exploits0References1
NVD
NVD
added 2023/02/07 10:15 a.m.32 views

CVE-2022-31254

A Incorrect Default Permissions vulnerability in rmt-server-regsharing service of SUSE Linux Enterprise Server for SAP 15, SUSE Linux Enterprise Server for SAP 15-SP1, SUSE Manager Server 4.1; openSUSE Leap 15.3, openSUSE Leap 15.4 allows local attackers with access to the rmt user to escalate to...

7.8CVSS7.5AI score0.00248EPSS
Exploits1References1
Prion
Prion
added 2023/02/07 10:15 a.m.21 views

Design/Logic Flaw

A Incorrect Default Permissions vulnerability in rmt-server-regsharing service of SUSE Linux Enterprise Server for SAP 15, SUSE Linux Enterprise Server for SAP 15-SP1, SUSE Manager Server 4.1; openSUSE Leap 15.3, openSUSE Leap 15.4 allows local attackers with access to the rmt user to escalate to...

4.3CVSS7.5AI score0.00248EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2023/02/07 12:0 a.m.37 views

CVE-2022-31254 rmt-server-pubcloud allows to escalate from user _rmt to root

A Incorrect Default Permissions vulnerability in rmt-server-regsharing service of SUSE Linux Enterprise Server for SAP 15, SUSE Linux Enterprise Server for SAP 15-SP1, SUSE Manager Server 4.1; openSUSE Leap 15.3, openSUSE Leap 15.4 allows local attackers with access to the rmt user to escalate to...

7.8CVSS7.7AI score0.00248EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2022/09/07 9:15 a.m.24 views

CVE-2022-31251

A Incorrect Default Permissions vulnerability in the packaging of the slurm testsuite of openSUSE Factory allows local attackers with control over the slurm user to escalate to root. This issue affects: openSUSE Factory slurm versions prior to 22.05.2-3.3...

6.5CVSS6.6AI score0.00203EPSS
Exploits1References2
NVD
NVD
added 2022/01/26 9:15 a.m.26 views

CVE-2022-21944

A UNIX Symbolic Link Symlink Following vulnerability in the systemd service file for watchman of openSUSE Backports SLE-15-SP3, Factory allows local attackers to escalate to root. This issue affects: openSUSE Backports SLE-15-SP3 watchman versions prior to 4.9.0. openSUSE Factory watchman version...

7.8CVSS0.00287EPSS
Exploits0References1
NVD
NVD
added 2021/04/14 3:15 p.m.20 views

CVE-2021-25314

A Creation of Temporary File With Insecure Permissions vulnerability in hawk2 of SUSE Linux Enterprise High Availability 12-SP3, SUSE Linux Enterprise High Availability 12-SP5, SUSE Linux Enterprise High Availability 15-SP2 allows local attackers to escalate to root. This issue affects: SUSE Linu...

7.8CVSS0.00378EPSS
Exploits1References1
NVD
NVD
added 2020/11/02 9:15 p.m.21 views

CVE-2020-28046

An issue was discovered in ProlinOS through 2.4.161.8859R. An attacker with local code execution privileges as a normal user MAINAPP can escalate to root privileges by exploiting the setuid installation of the xtables-multi binary and leveraging the ip6tables --modprobe switch...

7.8CVSS7.9AI score0.00491EPSS
Exploits1References1
NVD
NVD
added 2019/11/04 4:15 p.m.19 views

CVE-2019-18684

Sudo through 1.8.29 allows local users to escalate to root if they have write access to file descriptor 3 of the sudo process. This occurs because of a race condition between determining a uid, and the setresuid and openat system calls. The attacker can write "ALL ALL=ALL NOPASSWD:ALL" to...

7CVSS6.9AI score0.00294EPSS
Exploits1References1
Prion
Prion
added 2019/11/04 4:15 p.m.19 views

Race condition

DISPUTED Sudo through 1.8.29 allows local users to escalate to root if they have write access to file descriptor 3 of the sudo process. This occurs because of a race condition between determining a uid, and the setresuid and openat system calls. The attacker can write "ALL ALL=ALL NOPASSWD:ALL" t...

6.9CVSS6.8AI score0.00294EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2019/04/18 10:29 p.m.14 views

CVE-2019-9160

WAC on the Sangfor Sundray WLAN Controller version 3.7.4.2 and earlier has a backdoor account allowing a remote attacker to login to the system via SSH on TCP port 22345 and escalate to root because the password for root is the WebUI admin password concatenated with a static string...

10CVSS9.7AI score0.03185EPSS
Exploits0References1
Prion
Prion
added 2017/11/16 3:29 p.m.21 views

Design/Logic Flaw

If HashiCorp Vagrant VMware Fusion plugin aka vagrant-vmware-fusion 5.0.3 is installed but VMware Fusion is not, a local attacker can create a fake application directory and exploit the suid sudo helper in order to escalate to root...

7.2CVSS7.5AI score0.00984EPSS
Exploits3References2Affected Software1
Cvelist
Cvelist
added 2017/11/16 3:0 p.m.30 views

CVE-2017-16777

If HashiCorp Vagrant VMware Fusion plugin aka vagrant-vmware-fusion 5.0.3 is installed but VMware Fusion is not, a local attacker can create a fake application directory and exploit the suid sudo helper in order to escalate to root...

7.6AI score0.00984EPSS
Exploits3References2
NVD
NVD
added 2017/10/31 6:29 p.m.25 views

CVE-2017-15884

In HashiCorp Vagrant VMware Fusion plugin aka vagrant-vmware-fusion 5.0.0, a local attacker or malware can silently subvert the plugin update process in order to escalate to root privileges...

7CVSS6.9AI score0.00902EPSS
Exploits3References2
Packet Storm
Packet Storm
added 2013/10/15 12:0 a.m.18 views

PineApp Mail-Secure Command Execution

pineapp makes an anti-spam product, which can be downloaded for vmware, etc. the security of the product is a fucking joke, containing everything from authentication bypass to root exploits. there is really no hope, the developers didnt even try. they can patch those specific vulnerabilities, but...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 1999/12/04 12:0 a.m.34 views

unixware.auto.txt

Greetings, OVERVIEW Although UnixWare's /usr/X/bin/xauto is NOT suid/sgid, we can still overf= low a buffer within it and gain root privileges. BACKGROUND Only tested UnixWare 7.1, all other UnixWares should be assumed vulnerabl= e. DETAILS xauto is mode 755, root/sys and yet we can still use a...

7.4AI score
Exploits0
Rows per page
Query Builder