CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

16 matches found

Tenable Nessus•added 2026/01/15 12:0 a.m.•1 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001876)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001876 advisory. The roserecvmsg function in net/rose/afrose.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain...

4.9CVSS6.5AI score0.00072EPSS

Exploits0References14

Tenable Nessus•added 2026/01/15 12:0 a.m.•0 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002184)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002184 advisory. The dgramrecvmsg function in net/ieee802154/dgram.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structu...

4.9CVSS6.9AI score0.00029EPSS

Exploits0References22

Tenable Nessus•added 2026/01/15 12:0 a.m.•1 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002467)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002467 advisory. Off-by-one error in the bpfjitcompile function in arch/x86/net/bpfjitcomp.c in the Linux kernel before 3.1.8, when BPF JIT is enabled, allows local users to cause a...

4.6CVSS5.4AI score0.00129EPSS

Exploits0References7

Tenable Nessus•added 2025/10/24 12:0 a.m.•1 views

EulerOS 2.0 SP13 : pam (EulerOS-SA-2025-2273)

According to the versions of the pam packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in linux-pam. The module pamnamespace may use access user-controlled paths without proper protection, allowing local users to elevat...

7.8CVSS7.5AI score0.00072EPSS

Exploits0References2

SUSE CVE•added 2023/06/27 1:41 a.m.•1 views

SUSE CVE-2016-2856

ptchown in the glibc package before 2.19-18+deb8u4 on Debian jessie; the elibc package before 2.15-0ubuntu10.14 on Ubuntu 12.04 LTS and before 2.19-0ubuntu6.8 on Ubuntu 14.04 LTS; and the glibc package before 2.21-0ubuntu4.2 on Ubuntu 15.10 and before 2.23-0ubuntu1 on Ubuntu 16.04 LTS and 16.10...

8.4CVSS6.8AI score0.00684EPSS

Exploits2References3

SUSE CVE•added 2023/02/15 5:44 a.m.•2 views

SUSE CVE-2012-4530

The loadscript function in fs/binfmtscript.c in the Linux kernel before 3.7.2 does not properly handle recursion, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...

2.1CVSS5.9AI score0.00579EPSS

Exploits1References9

NVD•added 2017/08/24 8:29 p.m.•7 views

CVE-2015-8308

LXDM before 0.5.2 did not start X server with -auth, which allows local users to bypass authentication with X connections...

7.8CVSS7.7AI score0.00148EPSS

Exploits0References2

Prion•added 2013/03/01 5:40 a.m.•20 views

Code injection

modules/certs/manifests/config.pp in katello-configure before 1.3.3.pulpv2 in Katello uses weak permissions 666 for the Candlepin bootstrap RPM, which allows local users to modify the Candlepin CA certificate by writing to this file...

2.1CVSS6.6AI score0.0007EPSS

Exploits0References5Affected Software1

OSV•added 2012/12/20 12:2 p.m.•0 views

UBUNTU-CVE-2012-5638

The setuplogging function in log.h in SANLock uses world-writable permissions for /var/log/sanlock.log, which allows local users to overwrite the file content or bypass intended disk-quota restrictions via standard filesystem write operations...

3.6CVSS7.2AI score0.00041EPSS

Exploits0References3

RedHat Linux•added 2010/11/16 5:51 p.m.•3 views

pam: pam_env and pam_mail accessing users' file with root privileges

The 1 pamenv and 2 pammail modules in Linux-PAM aka pam before 1.1.2 use root privileges during read access to files and directories that belong to arbitrary user accounts, which might allow local users to obtain sensitive information by leveraging this filesystem activity, as demonstrated by a...

4.7CVSS5.8AI score0.00087EPSS

Exploits0References4

RedHat Linux•added 2009/01/08 3:47 p.m.•1 views

kernel: missing capability checks in sbni_ioctl()

The sbniioctl function in drivers/net/wan/sbni.c in the wan subsystem in the Linux kernel 2.6.26.3 does not check for the CAPNETADMIN capability before processing a 1 SIOCDEVRESINSTATS, 2 SIOCDEVSHWSTATE, 3 SIOCDEVENSLAVE, or 4 SIOCDEVEMANSIPATE ioctl request, which allows local users to bypass...

7.2CVSS7.1AI score0.00061EPSS

Exploits0References4

Prion•added 2007/12/18 12:46 a.m.•17 views

Default credentials

The libdspam7-drv-mysql cron job in Debian GNU/Linux includes the MySQL dspam database password in a command line argument, which might allow local users to read the password by listing the process and its arguments...

2.1CVSS6.6AI score0.00052EPSS

Exploits0References5

Cvelist•added 2005/05/10 4:0 a.m.•11 views

CVE-2002-1659

userprofile.asp in PortalApp 2.2 allows local users to gain privileges by modifying the userid variable...

6.5AI score0.00435EPSS

Exploits1References3

UbuntuCve•added 2005/04/10 4:0 a.m.•16 views

CVE-2005-1064

The copysymlink function in rsnapshot 1.2.0 and 1.1.x before 1.1.7 changes the ownership of files that a symlink points to rather than the symlink itself, which allows local users to obtain access to arbitrary files...

4.6CVSS6.1AI score0.00077EPSS

Exploits0References1

RedHat Linux•added 2004/11/12 4:43 p.m.•1 views

security flaw

moddiskcache in Apache 2.0 through 2.0.49 stores client headers, including authentication information, on the hard disk, which could allow local users to gain sensitive information...

2.1CVSS5.8AI score0.00187EPSS

Exploits1References4

Cvelist•added 2003/05/08 4:0 a.m.•9 views

CVE-2003-0261

fuzz 0.6 and earlier creates temporary files insecurely, which could allow local users to gain root privileges...

6.5AI score0.00061EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by