13 matches found
CVE-2026-6737
An Exposed IOCTL with Insufficient Access Control vulnerability in AsusPTPFilter allows a local user to bypass driver security mechanisms and obtain restricted touchpad information or render the touchpad unusable via crafted IOCTL requests.Refer to the ' Security Update for ASUS Precision...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001070)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001070 advisory. nfsd in the Linux kernel through 4.6.3 allows local users to bypass intended file-permission restrictions by setting a POSIX ACL, related to nfs2acl.c, nfs3acl.c, an...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001928)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001928 advisory. Use-after-free vulnerability in net/unix/afunix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AFUNIX socket permissions or cause a denial ...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003229)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003229 advisory. The doshmat function in ipc/shm.c in the Linux kernel through 4.9.12 does not restrict the address calculated by a certain rounding operation, which allows local use...
Linux Distros Unpatched Vulnerability : CVE-2014-0181
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Netlink implementation in the Linux kernel through 3.14.1 does not provide a mechanism for authorizing socket operations based on the opener of a socket,...
CVE-2018-8885
screenresolution-mechanism in screen-resolution-extra 0.17.2 does not properly use the PolicyKit D-Bus API, which allows local users to bypass intended access restrictions by leveraging a race condition via a setuid or pkexec process that is mishandled in a PolicyKitService.checkpermission call...
DEBIAN-CVE-2017-17448
net/netfilter/nfnetlinkcthelper.c in the Linux kernel through 4.14.4 does not require the CAPNETADMIN capability for new, get, and del operations, which allows local users to bypass intended access restrictions because the nfnlcthelperlist data structure is shared across all net namespaces...
Huawei HwVmall Local Security Bypass Vulnerability
Huawei HwVmall is a set of e-commerce platform for national service. A security vulnerability exists in the AlarmService service component in Huawei HwVmall versions prior to 1.5.2.0. The vulnerability stems from the fact that the program does not have invocation privilege control, and can be...
Kernel: AACRAID Driver compat IOCTL missing capability check
The aaccompatioctl function in drivers/scsi/aacraid/linit.c in the Linux kernel before 3.11.8 does not require the CAPSYSRAWIO capability, which allows local users to bypass intended access restrictions via a crafted ioctl call...
DEBIAN-CVE-2013-4325
The checkpermissionv1 function in base/pkit.py in HP Linux Imaging and Printing HPLIP through 3.13.9 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race conditio...
kernel: ecryptfs: mount source TOCTOU race
Race condition in the ecryptfsmount function in fs/ecryptfs/main.c in the eCryptfs subsystem in the Linux kernel before 3.1 allows local users to bypass intended file permissions via a mount.ecryptfsprivate mount with a mismatched uid...
kernel: missing capability checks in sbni_ioctl()
The sbniioctl function in drivers/net/wan/sbni.c in the wan subsystem in the Linux kernel 2.6.26.3 does not check for the CAPNETADMIN capability before processing a 1 SIOCDEVRESINSTATS, 2 SIOCDEVSHWSTATE, 3 SIOCDEVENSLAVE, or 4 SIOCDEVEMANSIPATE ioctl request, which allows local users to bypass...
CVE-2008-4097
MySQL 5.0.51a allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified 1 DATA DIRECTORY or 2 INDEX DIRECTORY arguments that are associated with symlinks within pathnames for subdirectories of the MySQL home data directory, which are followed wh...