EUVD-2025-206374

With physical access to the device and enough time an attacker can desolder the flash memory, modify it and then reinstall it because of missing encryption. Thus, essential files, such as "/etc/passwd", as well as stored certificates, cryptographic keys, stored PINs and so on can be modified and...

EUVD-1999-0409

Malware in sbrugna...

EUVD-2017-15761

Malware in sbrugna...

EUVD-2014-3403

Malware in sbrugna...

CVE-2023-36650

A missing integrity check in the update system in ProLion CryptoSpike 3.0.15P2 allows attackers to execute OS commands as the root Linux user on the host system via forged update packages...

Nagios XI Magpie_debug.php Root Remote Code Execution Exploit

This Metasploit module exploits two vulnerabilities in Nagios XI 5.5.6. One allows for unauthenticated remote code execution and another allows for local privilege escalation. When combined, these two vulnerabilities give us a root reverse shell. This module requires Metasploit:...

CVE-2016-1418

Cisco Aironet Access Point Software 8.2100.0 on 1830e, 1830i, 1850e, 1850i, 2800, and 3800 access points allows local users to obtain Linux root access via crafted CLI command parameters, aka Bug ID CSCuy64037...

Code injection

Cisco Aironet Access Point Software 8.2100.0 on 1830e, 1830i, 1850e, 1850i, 2800, and 3800 access points allows local users to obtain Linux root access via crafted CLI command parameters, aka Bug ID CSCuy64037...

CVE-2016-1418

Cisco Aironet Access Point Software 8.2100.0 on 1830e, 1830i, 1850e, 1850i, 2800, and 3800 access points allows local users to obtain Linux root access via crafted CLI command parameters, aka Bug ID CSCuy64037...

CVE-2014-7990

Cisco IOS XE 3.5E and earlier on WS-C3850, WS-C3860, and AIR-CT5760 devices does not properly parse the "request system shell" challenge response, which allows local users to obtain Linux root access by leveraging administrative privilege, aka Bug ID CSCur09815...

Command injection

Cisco IOS XE 3.5E and earlier on WS-C3850, WS-C3860, and AIR-CT5760 devices does not properly parse the "request system shell" challenge response, which allows local users to obtain Linux root access by leveraging administrative privilege, aka Bug ID CSCur09815...

CVE-2014-3390

The Virtual Network Management Center VNMC policy implementation in Cisco ASA Software 8.7 before 8.71.14, 9.2 before 9.22.8, and 9.3 before 9.31.1 allows local users to obtain Linux root access by leveraging administrative privileges and executing a crafted script, aka Bug IDs CSCuq41510 and...

Design/Logic Flaw

The Virtual Network Management Center VNMC policy implementation in Cisco ASA Software 8.7 before 8.71.14, 9.2 before 9.22.8, and 9.3 before 9.31.1 allows local users to obtain Linux root access by leveraging administrative privileges and executing a crafted script, aka Bug IDs CSCuq41510 and...

CVE-2014-3390

The Virtual Network Management Center VNMC policy implementation in Cisco ASA Software 8.7 before 8.71.14, 9.2 before 9.22.8, and 9.3 before 9.31.1 allows local users to obtain Linux root access by leveraging administrative privileges and executing a crafted script, aka Bug IDs CSCuq41510 and...

CVE-2014-3390

CVE-2014-3390 affects Cisco ASA with VNMC policy code. Authenticated, local attackers can exploit insufficient input sanitization in the VNMC policy to gain the root shell on the underlying Linux system. Affected software versions are Cisco ASA 8.7 prior to 8.7(1.14), 9.2 prior to 9.2(2.8), and 9...

Xmame 0.102 - '-pb/-lang/-rec' Local Buffer Overflow

/ xmame-expl.c by sj [email protected] On 20th of Jan it came to my attention that Xmame suffered from several buffer overflow problems. Thinking this issue was resolved, I installed Xmame on my Ubuntu laptop, from the Ubuntu repositories which installed a vulnerable version of Xmame. This is what...