Lucene search
K

13 matches found

Vulnrichment
Vulnrichment
added 2026/05/08 2:0 a.m.6 views

CVE-2026-6737

An Exposed IOCTL with Insufficient Access Control vulnerability in AsusPTPFilter allows a local user to bypass driver security mechanisms and obtain restricted touchpad information or render the touchpad unusable via crafted IOCTL requests.Refer to the ' Security Update for ASUS Precision...

2CVSS5.8AI score0.00092EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.3 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001070)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001070 advisory. nfsd in the Linux kernel through 4.6.3 allows local users to bypass intended file-permission restrictions by setting a POSIX ACL, related to nfs2acl.c, nfs3acl.c, an...

5.5CVSS7.1AI score0.00364EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.2 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001928)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001928 advisory. Use-after-free vulnerability in net/unix/afunix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AFUNIX socket permissions or cause a denial ...

5.4CVSS6.5AI score0.00625EPSS
Exploits1References56
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.3 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003229)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003229 advisory. The doshmat function in ipc/shm.c in the Linux kernel through 4.9.12 does not restrict the address calculated by a certain rounding operation, which allows local use...

7.8CVSS6.6AI score0.004EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2014-0181

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Netlink implementation in the Linux kernel through 3.14.1 does not provide a mechanism for authorizing socket operations based on the opener of a socket,...

2.1CVSS6.4AI score0.00538EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2018/03/28 8:29 p.m.2 views

CVE-2018-8885

screenresolution-mechanism in screen-resolution-extra 0.17.2 does not properly use the PolicyKit D-Bus API, which allows local users to bypass intended access restrictions by leveraging a race condition via a setuid or pkexec process that is mishandled in a PolicyKitService.checkpermission call...

7CVSS5.5AI score0.00219EPSS
Exploits0References3
OSV
OSV
added 2017/12/07 12:29 a.m.5 views

DEBIAN-CVE-2017-17448

net/netfilter/nfnetlinkcthelper.c in the Linux kernel through 4.14.4 does not require the CAPNETADMIN capability for new, get, and del operations, which allows local users to bypass intended access restrictions because the nfnlcthelperlist data structure is shared across all net namespaces...

7.8CVSS7.2AI score0.00372EPSS
Exploits0References1
CNVD
CNVD
added 2017/02/10 12:0 a.m.6 views

Huawei HwVmall Local Security Bypass Vulnerability

Huawei HwVmall is a set of e-commerce platform for national service. A security vulnerability exists in the AlarmService service component in Huawei HwVmall versions prior to 1.5.2.0. The vulnerability stems from the fact that the program does not have invocation privilege control, and can be...

4.3CVSS6.8AI score0.00519EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2014/03/12 6:28 p.m.4 views

Kernel: AACRAID Driver compat IOCTL missing capability check

The aaccompatioctl function in drivers/scsi/aacraid/linit.c in the Linux kernel before 3.11.8 does not require the CAPSYSRAWIO capability, which allows local users to bypass intended access restrictions via a crafted ioctl call...

6.9CVSS7.1AI score0.0049EPSS
Exploits0References4
OSV
OSV
added 2013/09/23 10:18 a.m.3 views

DEBIAN-CVE-2013-4325

The checkpermissionv1 function in base/pkit.py in HP Linux Imaging and Printing HPLIP through 3.13.9 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race conditio...

6.9CVSS6.5AI score0.00419EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2011/10/05 9:37 p.m.6 views

kernel: ecryptfs: mount source TOCTOU race

Race condition in the ecryptfsmount function in fs/ecryptfs/main.c in the eCryptfs subsystem in the Linux kernel before 3.1 allows local users to bypass intended file permissions via a mount.ecryptfsprivate mount with a mismatched uid...

3.3CVSS7.3AI score0.00358EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2008/12/17 3:8 a.m.6 views

kernel: missing capability checks in sbni_ioctl()

The sbniioctl function in drivers/net/wan/sbni.c in the wan subsystem in the Linux kernel 2.6.26.3 does not check for the CAPNETADMIN capability before processing a 1 SIOCDEVRESINSTATS, 2 SIOCDEVSHWSTATE, 3 SIOCDEVENSLAVE, or 4 SIOCDEVEMANSIPATE ioctl request, which allows local users to bypass...

7.2CVSS7.1AI score0.0053EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2008/09/18 3:4 p.m.32 views

CVE-2008-4097

MySQL 5.0.51a allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified 1 DATA DIRECTORY or 2 INDEX DIRECTORY arguments that are associated with symlinks within pathnames for subdirectories of the MySQL home data directory, which are followed wh...

4.6CVSS5.9AI score0.01851EPSS
Exploits0References2
Rows per page
Query Builder