PT-2026-42117

Name of the Vulnerable Software and Affected Versions haveged affected versions not specified Description A privilege escalation issue exists via the command socket. The software verifies the connecting peer's user ID using SO PEERCRED and sends a NAK response to non-root callers. However,...

NetworkManager: NetworkManager File Access

A flaw was found in NetworkManager. The NetworkManager package allows access to files that may belong to other users. NetworkManager allows non-root users to configure the system's network. The daemon runs with root privileges and can access files owned by users different from the one who added t...

NetworkManager: NetworkManager File Access

A flaw was found in NetworkManager. The NetworkManager package allows access to files that may belong to other users. NetworkManager allows non-root users to configure the system's network. The daemon runs with root privileges and can access files owned by users different from the one who added t...

OESA-2026-1571 NetworkManager security update

NetworkManager attempts to keep an active network connection available at all times. The point of NetworkManager is to make networking configuration and setup as painless and automatic as possible. If using DHCP, NetworkManager is intended to replace default routes, obtain IP addresses from a DHC...

SUSE CVE-2025-9615

A flaw was found in NetworkManager. The NetworkManager package allows access to files that may belong to other users. NetworkManager allows non-root users to configure the system's network. The daemon runs with root privileges and can access files owned by users different from the one who added t...

CVE-2025-9615

A flaw was found in NetworkManager. The NetworkManager package allows access to files that may belong to other users. NetworkManager allows non-root users to configure the system's network. The daemon runs with root privileges and can access files owned by users different from the one who added t...

CVE-2025-9615

A flaw was found in NetworkManager. The NetworkManager package allows access to files that may belong to other users. NetworkManager allows non-root users to configure the system's network. The daemon runs with root privileges and can access files owned by users different from the one who added t...

CVE-2025-9615

CVE-2025-9615 affects NetworkManager. A flaw allows non-root users to configure the system network and enables access to files owned by other users, since the NetworkManager daemon runs with root privileges. The result is potential exposure of user-owned files due to misconfigured access to netwo...

CVE-2025-9615

A flaw was found in NetworkManager. The NetworkManager package allows access to files that may belong to other users. NetworkManager allows non-root users to configure the system's network. The daemon runs with root privileges and can access files owned by users different from the one who added t...

CVE-2025-9615 Networkmanager: networkmanager file access

A flaw was found in NetworkManager. The NetworkManager package allows access to files that may belong to other users. NetworkManager allows non-root users to configure the system's network. The daemon runs with root privileges and can access files owned by users different from the one who added t...

NetworkManager security vulnerability

NetworkManager is an open-source network management daemon developed by NetworkManager. NetworkManager has a security vulnerability that allows non-root users to configure the system’s network, potentially leading to access to other users’ files...

CVE-2025-66735

youlai-boot V2.21.1 is vulnerable to Incorrect Access Control. The getRoleForm function in SysRoleController.java does not perform permission checks, which may allow non-root users to directly access root roles...

CVE-2019-17436

A Local Privilege Escalation vulnerability exists in GlobalProtect Agent for Linux and Mac OS X version 5.0.4 and earlier and version 4.1.12 and earlier, that can allow non-root users to overwrite root files on the file system...

Do Not Allow Non-root Users with UID 0

The user with UID 0 is the super administrator user in the Linux system. By convention, the user name is root. The UID of a non-root user cannot be 0. If the UID of the root user is changed to another value and the UID of another user for example, the test user is changed to 0, the test user is...

CentOS 7 : podman (RHSA-2021:0681)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:0681 advisory. - A flaw was found in podman before 1.7.0. File permissions for non-root users running in a privileged container are not correctly checked. This flaw can be...

UBUNTU-CVE-2023-34059

open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor allowing them to simulate user inputs...

Oracle Linux 7 : fuse (ELSA-2020-5773)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-5773 advisory. - Security Update based on ELSA-2018-3324 fuse: bypass of the 'userallowother' restriction when SELinux is active. OraBugzilla: 43547CVE-2018-10906 Lans Hung...

CVE-2022-45461

The Java Admin Console in Veritas NetBackup through 10.1 and related Veritas products on Linux and UNIX allows authenticated non-root users that have been explicitly added to the auth.conf file to execute arbitrary commands as root...

CVE-2022-45461

Summary of CVE-2022-45461 (Veritas NetBackup) : The issue affects the Java Admin Console in Veritas NetBackup (through version 10.1) on Linux/UNIX. Authentication by non-root users who are added to auth.conf may lead to arbitrary commands being executed as root, due to failure to neutralize speci...

Security Bulletin: Two unauthorized access vulnerabilities in IBM TSM for Space Management (CVE-2012-4859 and CVE-2012-5954).

Abstract Unauthorized access vulnerabilities exist in IBM Tivoli Storage Manager TSM for Space Management HSM Content VULNERABILITY DETAILS: CVE ID: CVE-2012-4859 Description: A local unauthorized malicious user can access and manipulate all file system objects on affected systems. Internal APAR...