UBUNTU-CVE-2026-8368

LWP::UserAgent versions before 6.83 for Perl leak Authorization and Proxy-Authorization headers on cross-origin redirects. On a 3xx response, the redirect handler strips only Host and Cookie before issuing the follow-up request. Caller-supplied Authorization and Proxy-Authorization headers are se...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000547)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000547 advisory. The iucvsockrecvmsg function in net/iucv/afiucv.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtai...

CVE-2021-0339

In loadAnimation of WindowContainer.java, there is a possible way to keep displaying a malicious app while a target app is brought to the foreground. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Produc...

EUVD-1999-1463

Malware in sbrugna...

EulerOS 2.0 SP11 : screen (EulerOS-SA-2025-1942)

According to the versions of the screen package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : For a short time they PTY is set to mode 666, allowing any user on the system to connect to the screen session.CVE-2025-46802 A minor information...

CVE-2024-30321

A vulnerability has been identified in SIMATIC PCS 7 V9.1 All versions V9.1 SP2 UC05, SIMATIC WinCC Runtime Professional V18 All versions V18 Update 5, SIMATIC WinCC Runtime Professional V19 All versions V19 Update 2, SIMATIC WinCC V7.4 All versions V7.4 SP1 Update 23, SIMATIC WinCC V7.5 All...

IBM DB2 Elevation of Privilege Vulnerability (CNVD-2018-20056)

IBM DB2 is a set of relational database management system from IBM in the United States. The main execution environments for this system are UNIX, Linux, IBM i, z/OS, and Windows server versions. A privilege extraction vulnerability exists in the Administrative Task Scheduler ATS in IBM DB2...

UBUNTU-CVE-2017-7484

It was found that some selectivity estimation functions in PostgreSQL before 9.2.21, 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3 did not check user privileges before providing information from pgstatistic, possibly leaking information. An unprivileged...

Debian DSA-418-1 : vbox3 - privilege leak

A bug was discovered in vbox3, a voice response system for isdn4linux, whereby root privileges were not properly relinquished before executing a user-supplied tcl script. By exploiting this vulnerability, a local user could gain root privileges. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

[SECURITY] [DSA 418-1] New vbox3 packages fix privilege leak

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 418-1 [email protected] http://www.debian.org/security/ Matt Zimmerman January 7th, 2004 http://www.debian.org/security/faq -...

[SECURITY] [DSA 418-1] New vbox3 packages fix privilege leak

-------------------------------------------------------------------------- Debian Security Advisory DSA 418-1 [email protected] http://www.debian.org/security/ Matt Zimmerman January 7th, 2004 http://www.debian.org/security/faq -...

DSA-418 vbox3 - privilege leak

Bulletin has no description...

CVE-1999-1482

SVGAlib zgv 3.0-7 and earlier allows local users to gain root access via a privilege leak of the iopl3 privileges to child processes...

CVE-1999-1482

CVE-1999-1482 affects SVGAlib’s zgv, version 3.0-7 and earlier. The underlying issue is a privilege leak of the iopl(3) privileges to child processes, enabling local users to gain root access. The provided documents confirm local-privilege escalation as the impact. No remediation or patch details...

zgv.iopl.txt

Date: Fri, 19 Feb 1999 18:10:00 +0000 From: Chris Evans To: [email protected] Subject: Security hole: "zgv" Overview: "zgv" is an image viewer which runs under SVGAlib at the linux console probably BSD too. It has to be installed suid-root to access graphics hardware. History: "zgv" has a long...