26 matches found
EUVD-2018-3791
Malware in sbrugna...
EUVD-2019-15044
Malware in sbrugna...
EUVD-2008-3450
Malware in sbrugna...
EUVD-2024-30309
Malicious code in bioql PyPI...
CVE-2025-49012
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. Himmelblau versions 0.9.0 through 0.9.14 and 1.00-alpha are vulnerable to a privilege escalation issue when Entra ID group-based access restrictions are configured using group display names instead of object IDs...
PT-2025-23660 · Samsung · Exynos
Name of the Vulnerable Software and Affected Versions: Samsung Mobile Processor Exynos versions 980, 990, 1080, 2100, 1280, 2200, 1380 Description: A Use-After-Free issue in the mobile processor leads to privilege escalation. Recommendations: For Samsung Mobile Processor Exynos versions 980, 990,...
openSUSE Security Advisory (SUSE-SU-2025:01759-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RockyLinux 8 : .NET 8.0 (RLSA-2025:2670)
The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:2670 advisory. dotnet: Privilege Escalation Vulnerability in .NET SignInManager.RefreshSignInAsync Method CVE-2025-24070 Bug Fixes and Enhancements: dotnet: Privilege Escalation...
Openshift Hive Exposes VCenter Credentials via ClusterProvision
A flaw was found in Hive, a component of Multicluster Engine MCE and Advanced Cluster Management ACM. This vulnerability causes VCenter credentials to be exposed in the ClusterProvision object after provisioning a VSphere cluster. Users with read access to ClusterProvision objects can extract...
CVE-2024-55215
CVE-2024-55215 affects trojan versions 2.0.0 through 2.15.3. A remote attacker can escalate privileges via the initialization interface /auth/register. The root cause is unsanitized user input for the line parameter in the /trojan/log endpoint, which is concatenated into a shell command, enabling...
SUSE-SU-2024:3791-1 Security update for xwayland
This update for xwayland fixes the following issues: - CVE-2024-9632: Fixed heap-based buffer overflow privilege escalation in XkbSetCompatMap bsc1231565...
SUSE-SU-2023:4228-1 Security update for open-vm-tools
This update for open-vm-tools fixes the following issues: - CVE-2023-34058: Fixed a SAML token signature bypass issue bsc1216432. - CVE-2023-34059: Fixed a privilege escalation issue through vmware-user-suid-wrapper bsc1216433...
SUSE-SU-2023:4227-1 Security update for open-vm-tools
This update for open-vm-tools fixes the following issues: - CVE-2023-34058: Fixed a SAML token signature bypass issue bsc1216432. - CVE-2023-34059: Fixed a privilege escalation issue through vmware-user-suid-wrapper bsc1216433...
PT-2023-28196 · Sielco · Analog Fm Transmitter +12
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The application suffers from a privilege escalation issue. A user with read permissions can elevate privileges by sending a HTTP POST to set a parameter...
PT-2023-23771 · Apple · Ipados +6
Name of the Vulnerable Software and Affected Versions: Xcode versions prior to 15 tvOS versions prior to 17 watchOS versions prior to 10 iOS versions prior to 17 iPadOS versions prior to 17 macOS Sonoma versions prior to 14 Description: The issue allows an app to potentially gain elevated...
F5 Big-IP Create Administrative User Exploit
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'unixcrypt' class MetasploitModule 'F5 Big-IP Create Admin User', 'Description' = %q This creates a local user with a username/password and root-level privileges...
Security update for the Linux Kernel (important)
openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2022:2177-1 Rating: important References: 1055117 1061840 1065729 1103269 1118212 1153274 1154353 1156395 1158266 1167773 1176447 1177282 1178134 1180100 1183405 1188885 1195826 1196426 1196478 1196570...
SUSE-SU-2021:3951-1 Security update for openssh
This update for openssh fixes the following issues: - CVE-2021-41617: Fixed privilege escalation when AuthorizedKeysCommand/AuthorizedPrincipalsCommand are configured bsc1190975...
PT-2021-4805
Name of the Vulnerable Software and Affected Versions Microsoft Windows Server versions prior to the fixed version Microsoft Active Directory Domain Services affected versions not specified Description The issue is related to insecure privilege management in Active Directory Domain Services,...
SUSE-SU-2018:0265-1 Security update for the Linux Kernel (Live Patch 19 for SLE 12)
This update for the Linux Kernel 3.12.61-5266 fixes one issue. The following security issues were fixed: - CVE-2017-15868: The bnepaddconnection function in net/bluetooth/bnep/core.c did not ensure that an l2cap socket is available, which allowed local users to gain privileges via a crafted...