Lucene search
K

5 matches found

OSV
OSV
added 2026/04/14 12:13 a.m.2 views

CVE-2026-39420 MaxKB: Sandbox escape via LD_PRELOAD bypass

MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, an incomplete sandbox protection mechanism allows an authenticated user with tool execution privileges to escape the LDPRELOAD-based sandbox. By env command the attacker can clear the environment variables and drop...

6.3CVSS6.5AI score0.00485EPSS
Exploits0References5
OSV
OSV
added 2020/11/02 9:15 p.m.4 views

CVE-2020-28045

An unsigned-library issue was discovered in ProlinOS through 2.4.161.8859R. This OS requires installed applications and all system binaries to be signed either by the manufacturer or by the Point Of Sale application developer and distributor. The signature is a 2048-byte RSA signature verified in...

7.8CVSS7.1AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 2011/04/04 8:17 p.m.9 views

glibc: ld.so insecure handling of privileged programs' RPATHs with $ORIGIN

ld.so in the GNU C Library aka glibc or libc6 2.13 and earlier expands the $ORIGIN dynamic string token when RPATH is composed entirely of this token, which might allow local users to gain privileges by creating a hard link in an arbitrary directory to a 1 setuid or 2 setgid program with this RPA...

3.7CVSS6.2AI score0.00311EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2011/04/04 8:1 p.m.5 views

glibc: ld.so insecure handling of privileged programs' RPATHs with $ORIGIN

ld.so in the GNU C Library aka glibc or libc6 2.13 and earlier expands the $ORIGIN dynamic string token when RPATH is composed entirely of this token, which might allow local users to gain privileges by creating a hard link in an arbitrary directory to a 1 setuid or 2 setgid program with this RPA...

3.7CVSS6.2AI score0.00311EPSS
Exploits0References4
OSV
OSV
added 2006/04/06 10:4 p.m.1 views

DEBIAN-CVE-2006-1629

OpenVPN 2.0 through 2.0.5 allows remote malicious servers to execute arbitrary code on the client by using setenv with the LDPRELOAD environment variable...

9CVSS8.1AI score0.03021EPSS
Exploits0References1
Rows per page
Query Builder