CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

142 matches found

Cvelist•added 2004/09/01 4:0 a.m.•15 views

CVE-2002-1239

QNX Neutrino RTOS 6.2.0 uses the PATH environment variable to find and execute the cp program while operating at raised privileges, which allows local users to gain privileges by modifying the PATH to point to a malicious cp program...

6.7AI score0.00397EPSS

Exploits1References5

NVD•added 2003/12/31 5:0 a.m.•11 views

CVE-2003-1358

rs.F300 for HP-UX 10.0 through 11.22 uses the PATH environment variable to find and execute programs such as rm while operating at raised privileges, which allows local users to gain privileges by modifying the path to point to a malicious rm program...

7.2CVSS6.8AI score0.00806EPSS

Exploits1References5

NVD•added 2003/12/31 5:0 a.m.•12 views

CVE-2003-1167

misc.cpp in KPopup 0.9.1 trusts the PATH variable when executing killall, which allows local users to elevate their privileges by modifying the PATH variable to reference a malicious killall program...

7.2CVSS6.2AI score0.00205EPSS

Exploits1References5

FreeBSD•added 2003/10/28 12:0 a.m.•22 views

kpopup -- local root exploit and local denial of service

Mitre CVE reports: Format string vulnerability in main.cpp in kpopup 0.9.1-0.9.5pre2 allows local users to cause a denial of service segmentation fault and possibly execute arbitrary code via format string specifiers in command line arguments. misc.cpp in KPopup 0.9.1 trusts the PATH variable whe...

7.2CVSS6.8AI score0.00205EPSS

Exploits2References2

NVD•added 2003/04/22 4:0 a.m.•10 views

CVE-2002-1469

scponly does not properly verify the path when finding the 1 scp or 2 sftp-server programs, which could allow remote authenticated users to bypass access controls by uploading malicious programs and modifying the PATH variable in $HOME/.ssh/environment to locate those programs...

7.5CVSS6.3AI score0.03646EPSS

Exploits1References4

Cvelist•added 2003/04/15 4:0 a.m.•17 views

CVE-2003-0171

DirectoryServices in MacOS X trusts the PATH environment variable to locate and execute the touch command, which allows local users to execute arbitrary commands by modifying the PATH to point to a directory containing a malicious touch program...

7.2AI score0.00132EPSS

Exploits0References2

Cvelist•added 2002/02/02 5:0 a.m.•20 views

CVE-2001-0943

dbsnmp in Oracle 8.0.5 and 8.1.5, under certain conditions, trusts the PATH environment variable to find and execute the 1 chown or 2 chgrp commands, which allows local users to execute arbitrary code by modifying the PATH to point to Trojan Horse programs...

6.8AI score0.00799EPSS

Exploits1References4

Cvelist•added 2001/09/12 4:0 a.m.•16 views

CVE-1999-1107

Buffer overflow in kppp in KDE allows local users to gain root access via a long PATH environmental variable...

6.8AI score0.00063EPSS

Exploits0References2

NVD•added 2001/02/12 5:0 a.m.•8 views

CVE-2001-0087

itetris/xitetris 1.6.2 and earlier trusts the PATH environmental variable to find and execute the gunzip program, which allows local users to gain root privileges by changing their PATH so that it points to a malicious gunzip program...

7.2CVSS6.7AI score0.0014EPSS

Exploits1References3

exploitpack•added 2000/08/02 12:0 a.m.•29 views

Tech-Source Raptor GFX PGX32 2.3.1 - Config Tool

Tech-Source Raptor GFX PGX32 2.3.1 - Config Tool source: https://www.securityfocus.com/bid/1563/info Raptor GFX cards are designed to handle 24-bit true color applications such as Netscape, seismic, geographical information systems GIS, satellite imaging, pre-press imaging and general desktop use...

0.3AI score

Exploits0

Exploit DB•added 2000/08/02 12:0 a.m.•32 views

Tech-Source Raptor GFX PGX32 2.3.1 - Config Tool

source: https://www.securityfocus.com/bid/1563/info Raptor GFX cards are designed to handle 24-bit true color applications such as Netscape, seismic, geographical information systems GIS, satellite imaging, pre-press imaging and general desktop use. They can also be used for high resolution 8-bit...

7.4AI score

Exploits0

Cvelist•added 2000/07/12 4:0 a.m.•19 views

CVE-1999-0820

FreeBSD seyon allows users to gain privileges via a modified PATH variable for finding the xterm and seyon-emu commands...

6.7AI score0.00904EPSS

Exploits0References2

CVE•added 2000/07/12 4:0 a.m.•48 views

CVE-1999-0820

The CVE-1999-0820 issue affects FreeBSD seyon, where a user can gain privileges by manipulating the PATH environment variable to influence the search order for the xterm and seyon-emu commands. Root cause is PATH-based command resolution allowing local privilege escalation. The available document...

4.6CVSS7.1AI score0.00904EPSS

Exploits0References2Affected Software1

CVE•added 2000/01/04 5:0 a.m.•59 views

CVE-1999-0690

Technical details about CVE-1999-0690 are not publicly provided in the supplied documents; monitor for updates.

7.2CVSS7AI score0.00052EPSS

Exploits0References2Affected Software1

Cvelist•added 2000/01/04 5:0 a.m.•21 views

CVE-1999-0690

HP CDE program includes the current directory in root's PATH variable...

6.5AI score0.00052EPSS

Exploits0References2

Cvelist•added 2000/01/04 5:0 a.m.•19 views

CVE-1999-0706

Linux xmonisdn package allows local users to gain root privileges by modifying the IFS or PATH environmental variables...

6.6AI score0.00862EPSS

Exploits0References1

NVD•added 1999/12/29 5:0 a.m.•9 views

CVE-2000-0009

The bnapass program in Optivity NETarchitect uses the PATH environmental variable for finding the "rm" program, which allows local users to execute arbitrary commands...

7.2CVSS7AI score0.0027EPSS

Exploits0References1

NVD•added 1999/12/01 5:0 a.m.•17 views

CVE-1999-0820

FreeBSD seyon allows users to gain privileges via a modified PATH variable for finding the xterm and seyon-emu commands...

4.6CVSS6.7AI score0.00904EPSS

Exploits0References2

Cvelist•added 1999/09/29 4:0 a.m.•12 views

CVE-1999-0388

DataLynx suGuard trusts the PATH environment variable to execute the ps command, allowing local users to execute commands as root...

6.8AI score0.00239EPSS

Exploits0References1