CVE-2026-3587

An unauthenticated remote attacker can exploit a hidden function in the CLI prompt to escape the restricted interface, leading to full compromise of the device...

EUVD-1999-0826

Malware in sbrugna...

CVE-2024-26002

An improper input validation in the Qualcom plctool allows a local attacker with low privileges to gain root access by changing the ownership of specific files...

CVE-2021-3621

A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest...

SUSE: Security Advisory (SUSE-SU-2017:2142-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-3029

EVOLUCARE ECSIMAGING aka ECS Imaging through 6.21.5 has an OS Command Injection vulnerability via shell metacharacters and an IFS manipulation. The parameter "file" on the webpage /showfile.php can be exploited to gain root access. NOTE: This vulnerability only affects products that are no longer...

Spoofing

In NETGEAR Nighthawk X10-R9000 prior to 1.0.4.26, an attacker may execute arbitrary system commands as root by sending a specially-crafted MAC address to the "NETGEAR Genie" SOAP endpoint at AdvancedQoS:GetCurrentBandwidthByMAC. Although this requires QoS being enabled, advanced QoS being enabled...

Linux Kernel 2.6.32-642 / 3.16.0-4 - 'inode' Integer Overflow Exploit

Exploit for linux platform in category dos / poc / Linux Kernel 2.6.32-642 / 3.16.0-4 'inode' Integer Overflow PoC The inode is a data structure in a Unix-style file system which describes a filesystem object such as a file or a directory. Each inode stores the attributes and disk block locations...

Linux Kernel 2.6.32-6423.16.0-4 - inode Integer Overflow

Linux Kernel 2.6.32-6423.16.0-4 - inode Integer Overflow / Linux Kernel 2.6.32-642 / 3.16.0-4 'inode' Integer Overflow PoC The inode is a data structure in a Unix-style file system which describes a filesystem object such as a file or a directory. Each inode stores the attributes and disk block...

Important: Red Hat Security Advisory: pacemaker security update

An update for pacemaker is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

chkrootkit LTS security update

Package : chkrootkit Version : 0.49-4+deb6u1 CVE ID : CVE-2014-0476 Thomas Stangner discovered a vulnerability in chkrootkit, a rootkit detector, which may allow local attackers to gain root access when /tmp is mounted without the noexec option...

Smartphone Pentest Framework - Multiple Remote Command Execution Vulnerabilities

source: https://www.securityfocus.com/bid/56881/info Smartphone Pentest Framework is prone to multiple remote command-execution vulnerabilities. Remote attackers can exploit these issues to execute arbitrary commands within the context of the vulnerable application to gain root access. This may...

Mandrake Linux Security Advisory : inn (MDKSA-2000:023)

A vulnerability exists when verifycancels is enabled in /etc/news/inn.conf. This vulnerability could be used to gain root access on any system with inn installed. This new version also does not install inews as setgid news or rnews as setuid root. Many other security paranoia fixes have been made...

Solaris 10.x ESRI Arcgis Local Root Format String Exploit

No description provided by source. / ESRI 9.x Arcgis local root format string exploit Copyright Kevin Finisterre and John H. Bug found by Kevin Finisterre [email protected] Exploit by John H. [email protected] We overwrite the thrjmptable Tested on solaris 10 / include dlfcn.h includ...

SUSE-SA:2006:016: xorg-x11-server

The remote host is missing the patch for the advisory SUSE-SA:2006:016 xorg-x11-server. A programming flaw in the X.Org X Server allows local attackers to gain root access when the server is setuid root, as is the default in SUSE Linux 10.0. This flaw was spotted by the Coverity project. Only SUS...

OpenSSH Channel Code Off by 1

You are running a version of OpenSSH which is older than 3.1. SPDX-FileCopyrightText: 2002 Thomas Reinke Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openbsd:openssh";...

Debian DSA-815-1 : kdebase - programming error

Ilja van Sprundel discovered a serious lock file handling error in kcheckpass that can, in some configurations, be used to gain root access. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory...

CVE-2001-1063

CVE-2001-1063 describes a local privilege-elevation in Caldera OpenUnix 8.0.0 and UnixWare 7 via a buffer overflow in the uidadmin utility. An overly long -S (scheme) command line argument can overflow a buffer, allowing a local user to gain root privileges. The vulnerability affects the uidadmin...