Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

109 matches found

CVE
CVEadded 2004/12/22 5:0 a.m.58 views

CVE-2004-1054

CVE-2004-1054 – IBM AIX invscout Local Command Execution involves a local privilege escalation in invscout on AIX 5.1.0/5.2.0/5.3.0 where an untrusted PATH can cause a malicious binary named ‘uname’ to be used by lsvpd, allowing an attacker to gain root. The attack relies on not dropping privileg...

7.2CVSS6.4AI score0.0036EPSS
Exploits1References5Affected Software1
Cvelist
Cvelistadded 2004/12/22 5:0 a.m.31 views

CVE-2004-1028

Untrusted execution path vulnerability in chcod on AIX IBM 5.1.0, 5.2.0, and 5.3.0 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious "grep" program, which is executed from chcod...

6.8AI score0.00046EPSS
Exploits0References5
NVD
NVDadded 2004/09/13 4:0 a.m.5 views

CVE-2004-1683

A race condition in crrtrap for QNX RTP 6.1 allows local users to gain privileges by modifying the PATH environment variable to reference a malicious io-graphics program before is executed by crrtrap...

3.7CVSS6.5AI score0.00066EPSS
Exploits0References3
NVD
NVDadded 2003/05/05 4:0 a.m.16 views

CVE-2003-0171

DirectoryServices in MacOS X trusts the PATH environment variable to locate and execute the touch command, which allows local users to execute arbitrary commands by modifying the PATH to point to a directory containing a malicious touch program...

7.2CVSS7.2AI score0.00132EPSS
Exploits0References2
CVE
CVEadded 2003/04/15 4:0 a.m.60 views

CVE-2003-0171

Summary (CVE-2003-0171) : Mac OS X DirectoryService is vulnerable because it uses system(2) to run touch(1) without a full path, allowing a local attacker to alter PATH and execute a malicious touch as root. This can lead to privilege escalation and DoS. The attack is mediated by terminating Dire...

7.2CVSS7.2AI score0.00132EPSS
Exploits0References2Affected Software2
Cvelist
Cvelistadded 2001/09/12 4:0 a.m.15 views

CVE-1999-1232

Untrusted search path vulnerability in day5datacopier in SGI IRIX 6.2 allows local users to execute arbitrary commands via a modified PATH environment variable that points to a malicious cp program...

7.2AI score0.00096EPSS
Exploits0References3
NVD
NVDadded 2001/08/31 4:0 a.m.20 views

CVE-2001-0943

dbsnmp in Oracle 8.0.5 and 8.1.5, under certain conditions, trusts the PATH environment variable to find and execute the 1 chown or 2 chgrp commands, which allows local users to execute arbitrary code by modifying the PATH to point to Trojan Horse programs...

7.2CVSS6.8AI score0.00799EPSS
Exploits1References4
CVE
CVEadded 1999/09/29 4:0 a.m.50 views

CVE-1999-0388

DataLynx suGuard (DataLynx) is affected: it trusts the PATH environment variable to execute the ps command, enabling a local user to run commands with root privileges. Root cause: use of PATH for command execution without proper validation. Impact: local privilege escalation to root as described ...

4.6CVSS7.2AI score0.00239EPSS
Exploits0References1Affected Software1
NVD
NVDadded 1999/01/01 5:0 a.m.6 views

CVE-1999-0388

DataLynx suGuard trusts the PATH environment variable to execute the ps command, allowing local users to execute commands as root...

4.6CVSS6.8AI score0.00239EPSS
Exploits0References1
Rows per page
Query Builder