17 matches found
EUVD-2025-208368
A low‑privileged local attacker who gains access to the UBR service account e.g., via SSH can escalate privileges to obtain full system access. This is due to the service account being permitted to execute certain binaries e.g., tcpdump and ip with sudo...
EUVD-2018-7205
Malware in sbrugna...
EUVD-2022-28487
Malicious code in bioql PyPI...
CVE-2022-23410
AXIS IP Utility before 4.18.0 allows for remote code execution and local privilege escalation by the means of DLL hijacking. IPUtility.exe would attempt to load DLLs from its current working directory which could allow for remote code execution if a compromised DLL would be placed in the same...
PT-2024-11204 · Unknown · Net::Ipaddress::Util
Name of the Vulnerable Software and Affected Versions: Net::IPAddress::Util versions prior to 5.000 Description: The issue arises from the Net::IPAddress::Util module not properly handling extraneous zero characters in IP address strings. This can lead to attackers bypassing access control based ...
CVE-2022-20399
In the SEPolicy configuration of system apps, there is a possible access to the 'ip' utility due to an insecure default value. This could lead to local information disclosure of network data with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2022-20399
In the SEPolicy configuration of system apps, there is a possible access to the 'ip' utility due to an insecure default value. This could lead to local information disclosure of network data with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
Information disclosure
In the SEPolicy configuration of system apps, there is a possible access to the 'ip' utility due to an insecure default value. This could lead to local information disclosure of network data with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2022-20399
CVE-2022-20399 concerns the SEPolicy configuration in Android system apps, where an insecure default value allows access to the non-setuid ip utility. The resulting impact is local information disclosure of network data without extra privileges or user interaction. Documents consistently tie this...
CVE-2022-23410
AXIS IP Utility before 4.18.0 allows for remote code execution and local privilege escalation by the means of DLL hijacking. IPUtility.exe would attempt to load DLLs from its current working directory which could allow for remote code execution if a compromised DLL would be placed in the same...
CVE-2022-23410
AXIS IP Utility before 4.18.0 allows for remote code execution and local privilege escalation by the means of DLL hijacking. IPUtility.exe would attempt to load DLLs from its current working directory which could allow for remote code execution if a compromised DLL would be placed in the same...
CVE-2022-23410
AXIS IP Utility before 4.18.0 allows for remote code execution and local privilege escalation by the means of DLL hijacking. IPUtility.exe would attempt to load DLLs from its current working directory which could allow for remote code execution if a compromised DLL would be placed in the same...
Remote code execution
AXIS IP Utility before 4.18.0 allows for remote code execution and local privilege escalation by the means of DLL hijacking. IPUtility.exe would attempt to load DLLs from its current working directory which could allow for remote code execution if a compromised DLL would be placed in the same...
CVE-2022-23410
AXIS IP Utility before 4.18.0 allows for remote code execution and local privilege escalation by the means of DLL hijacking. IPUtility.exe would attempt to load DLLs from its current working directory which could allow for remote code execution if a compromised DLL would be placed in the same...
CVE-2022-23410
AXIS IP Utility prior to 4.18.0 is affected by a DLL hijacking issue that enables remote code execution and local privilege escalation. IPUtility.exe loads DLLs from its current working directory, so placing a compromised DLL in that folder could trigger exploitation. Affected version range: befo...
AXIS IP Utility 代码问题漏洞
Axis Ip Utility is used by Axis of Sweden to help set the Ip address of Axis network video products. AXIS IP Utility has a code issue vulnerability that stems from AXIS IP Utility allowing remote code execution and local privilege escalation via DLL hijacking...
Kernel update: Virtuozzo ReadyKernel patch 50.0 for Virtuozzo 7.0.3 to 7.0.7 HF2
The cumulative Virtuozzo ReadyKernel patch was updated with a stability fix. The patch applies to all supported Virtuozzo 7.0 kernels. Vulnerability id: PSBM-84191 It was discovered that the newer versions of ip utility 4.11.0, for example may hang in netlinkrecvmsg when running on the kernel...